» vault_identity_entity

Lookup an Identity Entity for Vault. The Identity secrets engine is the identity management solution for Vault. It internally maintains the clients who are recognized by Vault.

» Example Usage

data "vault_identity_entity" "entity" {
  entity_name = "entity_12345"
}

» Argument Reference

The following arguments are supported:

  • entity_name - (Optional) Name of the entity.

  • entity_id - (Optional) ID of the entity.

  • alias_id - (Optional) ID of the alias.

  • alias_name - (Optional) Name of the alias. This should be supplied in conjunction with alias_mount_accessor.

  • alias_mount_accessor - (Optional) Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with alias_name.

The lookup criteria can be entity_name, entity_id, alias_id, or a combination of alias_name and alias_mount_accessor.

» Required Vault Capabilities

Use of this resource requires the create capability on /identity/lookup/entity.

» Attributes Reference

The following attributes are exported:

  • data_json - A string containing the full data payload retrieved from Vault, serialized in JSON format.

  • creation_time - Creation timestamp of the entity

  • direct_group_ids - List of Group IDs of which the entity is directly a member of

  • disabled - Whether the entity is disabled

  • group_ids - List of all Group IDs of which the entity is a member of

  • inherited_group_ids - List of all Group IDs of which the entity is a member of transitively

  • last_update_time - Last updated time of the entity

  • merged_entity_ids - Other entity IDs which is merged with this entity

  • metadata - Arbitrary metadata

  • namespace_id - Namespace of which the entity is part of

  • policies - List of policies attached to the entity

  • aliases - A list of entity alias. Structure is documented below.

» Aliases