vault_ldap_auth_backend_user

Provides a resource to create a user in an LDAP auth backend within Vault.

Example Usage

resource "vault_ldap_auth_backend" "ldap" {
    path        = "ldap"
    url         = "ldaps://dc-01.example.org"
    userdn      = "OU=Users,OU=Accounts,DC=example,DC=org"
    userattr    = "sAMAccountName"
    upndomain   = "EXAMPLE.ORG"
    discoverdn  = false
    groupdn     = "OU=Groups,DC=example,DC=org"
    groupfilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
}

resource "vault_ldap_auth_backend_user" "user" {
    username = "test-user"
    policies = ["dba", "sysops"]
    backend  = vault_ldap_auth_backend.ldap.path
}

Argument Reference

The following arguments are supported:

For more details on the usage of each argument consult the Vault LDAP API documentation.

Attribute Reference

No additional attributes are exposed by this resource.

Import

LDAP authentication backend users can be imported using the path, e.g.

$ terraform import vault_ldap_auth_backend_user.foo auth/ldap/users/foo