jwt-auth

kalenarndt/jwt-auth/vault

Terraform Module HCL VAULT

Repository for generic jwt auth with Vault

Install

module "jwt-auth" {

source = "kalenarndt/jwt-auth/vault"

version = "0.0.4"

}

plain text: /constructs/tfmod-kalenarndt-jwt-auth-vault/install.txt

⭐ Source on GitHub 📦 Registry page

README

terraform-vault-jwt-auth Requirements | Name | Version | |------|---------| | terraform | >=1.2.0 | | vault | >=2.22.1 | Providers | Name | Version | |------|---------| | vault | 3.8.1 | Modules No modules. Resources | Name | Type | |------|------| | vault_jwt_auth_backend.jwt | resource | | vault_jwt_auth_backend_role.role | resource | | vault_policy.pol | resource | | vault_auth_backend.jwt | data source | Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | bound\_audiences | (Optional) List of aud claims to match against for the role | set(string) | [] | no | | bound\_claims | Map of claims and values to match against for the auth method. Can be a single string or list of strings separated by a comma | map(string) | {} | no | |

Inputs (17)

Name	Type	Description	Default
policy_definition	any	(Optional) Raw Policy definition that can be supplied as a multi-line input valu	`""`
user_claim	string	(Required) The claim that will be used to uniquely identify the user	`null`
token_policies	list(string)	(Required) List of roles to associate with the JWT Role	`[]`
path	string	(Optional) Path where the JWT auth method will be mounted in Vault	`"jwt"`
discovery_url	string	(Optional) OIDC Discovery URL (base path) that will be used (if defined)	`""`
bound_claims	map(string)	Map of claims and values to match against for the auth method. Can be a single s	`{}`
policy_name	string	(Optional) Name of the policy that will be created	`""`
role_name	string	(Required) Name of the Role that will be created for the JWT auth backend.	`null`
bound_claims_type	string	(Optional) How to interpret values in the bound_claims map. Can be string or glo	`""`
policy_file	string		`""`
type	string	(Optional) Type of the Auth backend that will be created (oidc or jwt)	`"jwt"`
bound_issuer	string	(Optional) Value of the iss claim that will be matched in a JWT	`""`
namespace	string	(Optional) Namespace where the resources will be created	`null`
create_policy	bool	(Optional) Boolean that allows for the creation of a policy as a part of the mod	`false`
create_jwt_mount	bool	(Optional) Boolean that allows for the creation of an auth backend as a part of	`true`
role_type	string	(Optional) Role type for the JWT auth backend that will be created.	`"jwt"`
bound_audiences	set(string)	(Optional) List of aud claims to match against for the role	`[]`

Outputs (3)

bound_audiences — Bound Claims associated with the jwt auth role

role_name — Name of the role that has been created

jwt_mount — Output of the JWT mount that was created

Resources (3)

vault_jwt_auth_backendvault_jwt_auth_backend_rolevault_policy

Details

FrameworkTerraform Module

LanguageHCL

Version0.0.4

Cloud VAULT

Total downloads177

Inputs17

Outputs3

Resources3

Examples1

Namespacekalenarndt

Updated

Tools

⚖ Compare with another construct → 📋 View data schema