app-vault
devops-rob/app-vault/azuread
This Terraform module creates an application in Azure AD for HashiCorp Vault to use when configuring Azure OIDC authentication and the Azure secrets engine.
Azure AD Application Registration for HashiCorp Vault This Terraform module creates an application in Azure AD for HashiCorp Vault to use when configuring Azure OIDC authentication and the Azure secrets engine. The application is configured with the correct Graph API permission required to perform these functions. Admin consent will still need to be granted for this permission in default directory. The permission granted to this application is GroupMember.Read.All which is the least privileged access permission required for this function. Example usage ``hcl provider "azuread" {} module "application" { source = "../" } output "display_name" { value = module.application.application_name } output "password" { value = module.application.client_secret sensitive = true } `` License Licensed und
| Name | Type | Description | Default |
|---|---|---|---|
| app_owners | list(string) | A set of object IDs of principals that will be granted ownership of the applicat | |
| vault_ui_redirect_address | string | DNS hostname or IP address of Vault's UI. | "http://localhost:8200" |
| vault_cli_redirect_address | string | DNS hostname or IP address of Vault's CLI. | "http://localhost:8250" |
object_id — Object ID of Azure AD application.application_id — Application (Client) ID of Azure AD application.client_secret — Client secret of Azure AD application.client_secret_id — Client secret ID of Azure AD application.application_name — Display name of Azure AD application.tenant_id — Tenant ID of Azure subscription.application_uri — Configured Application ID URIs of Azure AD application.