Generates tokens for Nomad.
resource "vault_nomad_secret_backend" "config" {
backend = "nomad"
description = "test description"
default_lease_ttl_seconds = "3600"
max_lease_ttl_seconds = "7200"
address = "https://127.0.0.1:4646"
token = "ae20ceaa-..."
}
resource "vault_nomad_secret_role" "test" {
backend = vault_nomad_secret_backend.config.backend
role = "test"
type = "client"
policies = ["readonly"]
}
data "vault_nomad_access_token" "token" {
backend = vault_nomad_secret_backend.config.backend
role = vault_nomad_secret_role.test.role
depends_on = [vault_nomad_secret_role.test]
}
The following arguments are supported:
namespace
- (Optional) The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
backend
- (Required) The path to the Nomad secret backend to
read credentials from, with no leading or trailing /
s.
role
- (Required) The name of the Nomad secret backend role to generate
a token for, with no leading or trailing /
s.
In addition to the arguments above, the following attributes are exported:
accessor_id
- The public identifier for a specific token. It can be used
to look up information about a token or to revoke a token.
secret_id
- The token to be used when making requests to Nomad and should be kept private.