hcp_vault_secrets_app_iam_policy (Resource)

Sets the Vault Secrets App IAM policy and replaces any existing policy.

Example Usage

data "hcp_iam_policy" "example" {
  bindings = [
    {
      role = "roles/secrets.app-secret-reader"
      principals = [
        "example-user-id-1",
        "example-group-id-1",
        "example-sp-1"
      ]
    },
  ]
}


resource "hcp_vault_secrets_app" "example" {
  app_name    = "example-app-name"
  description = "My new app!"
}

resource "hcp_vault_secrets_app_iam_policy" "example" {
  resource_name = hcp_vault_secrets_app.example.resource_name
  policy_data   = data.hcp_iam_policy.example.policy_data
}

Schema

Required

Read-Only

Import

Import is supported using the following syntax:

# Vault Secrets App IAM Policy can be imported by specifying the resource name of the app
terraform import hcp_vault_secrets_app_iam_policy.example secrets/project/41d107a7-eea6-4b5e-8481-508ab29e2b07/app/example-app-name