vault_mongodbatlas_secret_role

Creates a role for the MongoDB Atlas Secret Engine for Vault.

Example Usage

resource "vault_mount" "mongo" {
  path        = "%s"
  type        = "mongodbatlas"
  description = "MongoDB Atlas secret engine mount"
}

resource "vault_mongodbatlas_secret_backend" "config" {
  mount        = vault_mount.mongo.path
  private_key  = "privateKey"
  public_key   = "publicKey"
}

resource "vault_mongodbatlas_secret_role" "role" {
  mount             = vault_mount.mongo.path
  name              = "tf-test-role"
  organization_id   = "7cf5a45a9ccf6400e60981b7"
  project_id        = "5cf5a45a9ccf6400e60981b6"
  roles             = ["ORG_READ_ONLY"]
  ip_addresses      = "192.168.1.5, 192.168.1.6"
  cidr_blocks       = "192.168.1.3/35"
  project_roles     = ["GROUP_READ_ONLY"]
  ttl               = "60"
  max_ttl           = "120"
}

Argument Reference

The following arguments are supported:

Attributes Reference

No additional attributes are exported by this resource.

Import

The MongoDB Atlas secret role can be imported using the full path to the role of the form: <mount_path>/roles/<role_name> e.g.

$ terraform import vault_mongodbatlas_secret_role.example mongodbatlas/roles/example-role