vault_ad_secret_role

Creates a role on an Active Directory Secret Backend for Vault. Roles are used to map credentials to existing Active Directory service accounts.

Example Usage

resource "vault_ad_secret_backend" "config" {
    backend       = "ad"
    binddn        = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"
    bindpass      = "SuperSecretPassw0rd"
    url           = "ldaps://ad"
    insecure_tls  = "true"
    userdn        = "CN=Users,DC=corp,DC=example,DC=net"
}

resource "vault_ad_secret_role" "role" {
    backend               = vault_ad_secret_backend.config.backend
    role                  = "bob"
    service_account_name  = "Bob"
    ttl                   = 60
}

Argument Reference

The following arguments are supported:

Attributes Reference

Import

AD secret backend roles can be imported using the path, e.g.

$ terraform import vault_ad_secret_role.role ad/roles/bob