From ce2d2bb6cdfa8cfa5b17d900e9387465a1033bf1 Mon Sep 17 00:00:00 2001 From: Ian Fijolek Date: Mon, 25 Jul 2022 22:11:08 -0700 Subject: [PATCH] WIP: Begin config to bootstrap ACLs Following guide here: https://learn.hashicorp.com/tutorials/consul/vault-consul-secrets?in=consul/vault-secure Unsure of how this will actually authenticate though. --- nomad/acls/consul_vault.tf | 23 +++++++++++++++++++ nomad/acls/vars.tf | 8 +++++-- nomad/setup-cluster.yml | 46 +++++++++++++++++--------------------- 3 files changed, 49 insertions(+), 28 deletions(-) create mode 100644 nomad/acls/consul_vault.tf diff --git a/nomad/acls/consul_vault.tf b/nomad/acls/consul_vault.tf new file mode 100644 index 0000000..79e8101 --- /dev/null +++ b/nomad/acls/consul_vault.tf @@ -0,0 +1,23 @@ +resource "vault_consul_secret_backend" "config" { + path = "consul" + description = "Manages the Consul backend" + + address = "http://127.0.0.1:8500" + token = var.consul_token +} + +resource "consul_acl_policy" "server_policy" { + name = "consul-servers" + rules = <