diff --git a/nomad/acls/acls.tf b/nomad/acls/acls.tf index 4631b7c..b4071d1 100644 --- a/nomad/acls/acls.tf +++ b/nomad/acls/acls.tf @@ -4,3 +4,9 @@ resource "nomad_acl_policy" "create_post_bootstrap_policy" { description = "Anon RW" rules_hcl = file("${path.module}/nomad-anon-bootstrap.hcl") } + +resource "nomad_acl_policy" "admin" { + name = "admin" + description = "admin policy with access to everything" + rules_hcl = file("${path.module}/nomad-anon-bootstrap.hcl") +} diff --git a/nomad/acls/vars.tf b/nomad/acls/vars.tf index 4c6fcca..d619625 100644 --- a/nomad/acls/vars.tf +++ b/nomad/acls/vars.tf @@ -15,3 +15,8 @@ variable "vault_token" { sensitive = true default = "" } + +variable "vault_admin_password" { + type = string + sensitive = true +} diff --git a/nomad/acls/vault_login.tf b/nomad/acls/vault_login.tf index 149bf4e..d6664b2 100644 --- a/nomad/acls/vault_login.tf +++ b/nomad/acls/vault_login.tf @@ -6,3 +6,19 @@ resource "vault_auth_backend" "userpass" { listing_visibility = "unauth" } } + +resource "vault_generic_secret" "admin_user" { + path = "auth/userpass/users/admin" + + data_json = <