Skip to content

Instantly share code, notes, and snippets.

@devops-adeel

devops-adeel/ldap.tf

Created February 24, 2022 14:25
Show Gist options
  • Save devops-adeel/733f9323e35ad70eebce7ed53f60f6c7 to your computer and use it in GitHub Desktop.
Save devops-adeel/733f9323e35ad70eebce7ed53f60f6c7 to your computer and use it in GitHub Desktop.
Download ZIP
vault ldap configuration
Raw
ldap.tf
resource "vault_ldap_auth_backend" "default" {
path = "ldap"
url = "ldaps://dc-01.example.org"
userdn = "OU=Users,OU=Accounts,DC=example,DC=org"
userattr = "sAMAccountName"
upndomain = "EXAMPLE.ORG"
discoverdn = false
groupdn = "OU=Groups,DC=example,DC=org"
groupfilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
}
resource "vault_identity_group" "default" {
name = "vault_admin"
type = "external"
policies = ["vault-admin"]
}
resource "vault_identity_group_alias" "default" {
name = "vault_admin"
mount_accessor = vault_ldap_auth_backend.default.accessor
canonical_id = vault_identity_group.default.id
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment