Created
January 30, 2024 12:40
-
-
Save jefrnc/2e58623f5c6a7d744d589e8b11260b9e to your computer and use it in GitHub Desktop.
Log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cdktf-vault Terraform used the selected providers to generate the following execution plan. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| Terraform will perform the following actions: | |
| cdktf-vault # vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE (group_devops_policy/ldap_devops_developer) will be updated in-place | |
| ~ resource "vault_policy" "group_devops_policy_ldap_devops_developer_82DAFADE" { | |
| id = "ldap_devops_developer" | |
| name = "ldap_devops_developer" | |
| ~ policy = <<-EOT | |
| + path "sys/health" | |
| + { | |
| + capabilities = ["read", "sudo"] | |
| + } | |
| + path "sys/policies/acl" | |
| + { | |
| + capabilities = ["list"] | |
| + } | |
| + path "sys/policies/acl/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "auth/*" | |
| + { | |
| cdktf-vault + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/auth/*" | |
| + { | |
| + capabilities = ["create", "update", "delete", "sudo"] | |
| + } | |
| + path "sys/auth" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| + path "secret/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| path "finance/*" { | |
| cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "finance/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "quality/*" { | |
| cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "quality/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| EOT | |
| } | |
| cdktf-vault # vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD (group_devops_policy/ldap_devops_head) will be updated in-place | |
| ~ resource "vault_policy" "group_devops_policy_ldap_devops_head_22FC1CBD" { | |
| id = "ldap_devops_head" | |
| name = "ldap_devops_head" | |
| ~ policy = <<-EOT | |
| + path "sys/health" | |
| + { | |
| + capabilities = ["read", "sudo"] | |
| + } | |
| + path "sys/policies/acl" | |
| + { | |
| + capabilities = ["list"] | |
| + } | |
| + path "sys/policies/acl/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "auth/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| cdktf-vault + } | |
| + path "sys/auth/*" | |
| + { | |
| + capabilities = ["create", "update", "delete", "sudo"] | |
| + } | |
| + path "sys/auth" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| + path "secret/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| path "finance/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| cdktf-vault path "finance/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "quality/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| cdktf-vault } | |
| path "quality/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| EOT | |
| } | |
| cdktf-vault # vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4 (group_devops_policy/ldap_devops_leader) will be updated in-place | |
| ~ resource "vault_policy" "group_devops_policy_ldap_devops_leader_4D2FE7F4" { | |
| id = "ldap_devops_leader" | |
| name = "ldap_devops_leader" | |
| ~ policy = <<-EOT | |
| + path "sys/health" | |
| + { | |
| + capabilities = ["read", "sudo"] | |
| + } | |
| + path "sys/policies/acl" | |
| + { | |
| + capabilities = ["list"] | |
| + } | |
| + path "sys/policies/acl/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "auth/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| cdktf-vault + path "sys/auth/*" | |
| + { | |
| + capabilities = ["create", "update", "delete", "sudo"] | |
| + } | |
| + path "sys/auth" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| + path "secret/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts/*" | |
| + { | |
| + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
| + } | |
| + path "sys/mounts" | |
| + { | |
| + capabilities = ["read"] | |
| + } | |
| path "finance/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "finance/data/*" { | |
| cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "growth/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "operations/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "procurement/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "quality/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "quality/data/*" { | |
| cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "data/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "devops/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| path "rnd/data/*" { | |
| capabilities = ["list", "read", "create", "update", "delete"] | |
| } | |
| EOT | |
| } | |
| # vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98 (jenkins-dev-dev/approle_jenkins-dev_policy) will be updated in-place | |
| cdktf-vault ~ resource "vault_policy" "jenkins-dev-dev_approle_jenkins-dev_policy_09720D98" { | |
| id = "approle_jenkins-dev_policy" | |
| name = "approle_jenkins-dev_policy" | |
| ~ policy = <<-EOT | |
| path "finance/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "growth/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "operations/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "procurement/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "quality/data/*" { | |
| cdktf-vault - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "data/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "devops/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "rnd/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| EOT | |
| } | |
| # vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F (jenkins-prod-prod/approle_jenkins-prod_policy) will be updated in-place | |
| ~ resource "vault_policy" "jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F" { | |
| id = "approle_jenkins-prod_policy" | |
| name = "approle_jenkins-prod_policy" | |
| cdktf-vault ~ policy = <<-EOT | |
| path "finance/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "growth/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "operations/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "procurement/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "quality/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "data/data/*" { | |
| cdktf-vault - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "devops/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| path "rnd/data/*" { | |
| - capabilities = ["read"] | |
| + capabilities = ["read", "create", "update"] | |
| } | |
| EOT | |
| } | |
| Plan: 0 to add, 5 to change, 0 to destroy. | |
| cdktf-vault vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98: Modifying... [id=approle_jenkins-dev_policy] | |
| cdktf-vault vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F: Modifying... [id=approle_jenkins-prod_policy] | |
| vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE: Modifying... [id=ldap_devops_developer] | |
| vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4: Modifying... [id=ldap_devops_leader] | |
| vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD: Modifying... [id=ldap_devops_head] | |
| cdktf-vault vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F: Modifications complete after 0s [id=approle_jenkins-prod_policy] | |
| cdktf-vault vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98: Modifications complete after 0s [id=approle_jenkins-dev_policy] | |
| cdktf-vault vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE: Modifications complete after 0s [id=ldap_devops_developer] | |
| cdktf-vault vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4: Modifications complete after 0s [id=ldap_devops_leader] | |
| cdktf-vault vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD: Modifications complete after 0s [id=ldap_devops_head] | |
| cdktf-vault | |
| Apply complete! Resources: 0 added, 5 changed, 0 destroyed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment