Terraform provider for configuring Boundary.
Do not keep your authentication password in HCL for production environments, use Terraform environment variables.
provider "boundary" {
addr = "http://127.0.0.1:9200"
auth_method_id = "ampw_1234567890" # changeme
password_auth_method_login_name = "myuser" # changeme
password_auth_method_password = "passpass" # changeme
}
provider "boundary" {
addr = "http://127.0.0.1:9200"
password_auth_method_login_name = "myuser"
password_auth_method_password = "passpass"
}
provider "boundary" {
addr = "http://127.0.0.1:9200"
password_auth_method_login_name = "myuser"
password_auth_method_password = "passpass"
scope_id = "s_1234567890"
}
addr
(String) The base url of the Boundary API, e.g. "http://127.0.0.1:9200". If not set, it will be read from the "BOUNDARY_ADDR" env var.auth_method_id
(String) The auth method ID e.g. ampw_1234567890. If not set, the default auth method for the given scope ID will be used.auth_method_login_name
(String) The auth method login name for password-style or ldap-style auth methodsauth_method_password
(String) The auth method password for password-style or ldap-style auth methodspassword_auth_method_login_name
(String, Deprecated) The auth method login name for password-style auth methodspassword_auth_method_password
(String, Deprecated) The auth method password for password-style auth methodsplugin_execution_dir
(String) Specifies a directory that the Boundary provider can use to write and execute its built-in plugins.recovery_kms_hcl
(String) Can be a heredoc string or a path on disk. If set, the string/file will be parsed as HCL and used with the recovery KMS mechanism. While this is set, it will override any other authentication information; the KMS mechanism will always be used. See Boundary's KMS docs for examples: https://boundaryproject.io/docs/configuration/kmsscope_id
(String) The scope ID for the default auth method.tls_insecure
(Boolean) When set to true, does not validate the Boundary API endpoint certificatetoken
(String) The Boundary token to use, as a string or path on disk containing just the string. If set, the token read here will be used in place of authenticating with the auth method specified in "auth_method_id", although the recovery KMS mechanism will still override this. Can also be set with the BOUNDARY_TOKEN environment variable.