vault_ldap_auth_backend_group

Provides a resource to create a group in an LDAP auth backend within Vault.

Example Usage

resource "vault_ldap_auth_backend" "ldap" {
    path        = "ldap"
    url         = "ldaps://dc-01.example.org"
    userdn      = "OU=Users,OU=Accounts,DC=example,DC=org"
    userattr    = "sAMAccountName"
    upndomain   = "EXAMPLE.ORG"
    discoverdn  = false
    groupdn     = "OU=Groups,DC=example,DC=org"
    groupfilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
}

resource "vault_ldap_auth_backend_group" "group" {
    groupname = "dba"
    policies  = ["dba"]
    backend   = vault_ldap_auth_backend.ldap.path
}

Argument Reference

The following arguments are supported:

For more details on the usage of each argument consult the Vault LDAP API documentation.

Attribute Reference

No additional attributes are exposed by this resource.

Import

LDAP authentication backend groups can be imported using the path, e.g.

$ terraform import vault_ldap_auth_backend_group.foo auth/ldap/groups/foo