vault_ad_secret_backend_library

Creates a library on an Active Directory Secret Backend for Vault. Libraries create a pool of existing Active Directory service accounts which can be checked out by users.

Example Usage

resource "vault_ad_secret_backend" "config" {
    backend       = "ad"
    binddn        = "CN=Administrator,CN=Users,DC=corp,DC=example,DC=net"
    bindpass      = "SuperSecretPassw0rd"
    url           = "ldaps://ad"
    insecure_tls  = "true"
    userdn        = "CN=Users,DC=corp,DC=example,DC=net"
}

resource "vault_ad_secret_library" "qa" {
    backend                       = vault_ad_secret_backend.config.backend
    name                          = "qa"
    service_account_names         = ["Bob", "Mary"]
    ttl                           = 60
    disable_check_in_enforcement  = true
    max_ttl                       = 120
}

Argument Reference

The following arguments are supported:

Import

AD secret backend libraries can be imported using the path, e.g.

$ terraform import vault_ad_secret_backend_library.role ad/library/bob