Skip to content
This repository was archived by the owner on Jan 25, 2023. It is now read-only.

AWS IAM Policy for Vault AWS Auth method #71

Open
wants to merge 25 commits into
base: master
Choose a base branch
from
Open

AWS IAM Policy for Vault AWS Auth method #71

Changes from 1 commit
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
3323a71
Add ability to specify VPC.
boldandbusted Nov 27, 2017
93339ed
Add non-default VPC support to vault-cluster-private example.
boldandbusted Nov 27, 2017
6eee689
Merge to preserve S3 persistent storage capability, hopefully.
boldandbusted Apr 12, 2018
c624968
Create IAM Instance Profile Role policy to allow Vault AWS Auth full …
boldandbusted Apr 12, 2018
03d8194
Remove duplicate vpc_id variable; set default to false for new enable…
boldandbusted Apr 13, 2018
3eef292
Expose more variables from underlying modules.
boldandbusted Apr 13, 2018
720adbf
Merge branch 'master' of https://github.com/hashicorp/terraform-aws-v…
boldandbusted Apr 13, 2018
6cf8e19
Move variables to proper modules, set enable_EC2_IAM_Auth on vault-cl…
boldandbusted Apr 17, 2018
7dc1638
Expose s3, and EC2 IAM role components to vault-cluster-private examp…
boldandbusted Apr 17, 2018
8de0eab
Copy user-data-vault.sh from vault-s3-backend. (Should probably just …
boldandbusted Apr 17, 2018
c544ca3
Copy user-data-vault.sh from vault-s3-backend. (Should probably just …
boldandbusted Apr 17, 2018
8893851
Specific local changes to packer build.
boldandbusted Apr 17, 2018
b4f4e31
Specify private subnets, using private_subnet_tags (see Terraform Reg…
boldandbusted Apr 17, 2018
ab63036
Re-add consul-server configuring section. Oops.
boldandbusted Apr 17, 2018
fdeb3e0
Filed https://github.com/hashicorp/vault/issues/4383, staying at 0.9.…
boldandbusted Apr 17, 2018
17a02db
Merge with upstream master.
boldandbusted May 2, 2018
a268913
Merge with upstream origin.
boldandbusted Jun 1, 2018
3b85902
Remove non-IAM-related work (S3 buckets and non-default VPCs.)
boldandbusted Jun 1, 2018
932d711
Cleanup: run terraform fmt before PR. :)
boldandbusted Jun 1, 2018
7512e42
*_EC2_IAM_Auth -> *_ec2_iam_auth, yay sed.
boldandbusted Oct 1, 2018
199b04a
With suggestions by @brikis98, hopefully craft a clearer description.
boldandbusted Oct 1, 2018
0f03108
Rename -> create_aws_auth_backend_iam_policies, per @brikis98 suggest…
boldandbusted Oct 1, 2018
69e47eb
Add source for IAM policies.
boldandbusted Oct 1, 2018
dae9f4b
Merge branch 'master' of https://github.com/hashicorp/terraform-aws-v…
boldandbusted Oct 1, 2018
471b5f5
Remove redundant '? 1 : 0' for boolean variables, per @brikis98 PR su…
boldandbusted Oct 1, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
With suggestions by @brikis98, hopefully craft a clearer description.
  • Loading branch information
@boldandbusted
boldandbusted committed Oct 1, 2018
commit 199b04a504bc4fbc9c3a76b7052db718383ab59b
2 changes: 1 addition & 1 deletion modules/vault-cluster/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,6 @@ variable "force_destroy_s3_bucket" {
}

variable "enable_ec2_iam_auth" {
description = "Configure IAM Instance Profile on Vault cluster members to permit the user to enable AWS Auth backend. Note that this does NOT actually enable the backend, but merely sets policies that will permit it to function as expected."
description = "If set to true, create IAM policies required by the AWS Auth backend, and apply the policies via IAM Instance Profiles. Note that this does NOT actually enable the backend, but merely sets policies that will permit it to function as expected."
default = false
}