» vault_approle_auth_backend_login

Logs into Vault using the AppRole auth backend. See the Vault documentation for more information.

» Example Usage

resource "vault_auth_backend" "approle" {
  type = "approle"

resource "vault_approle_auth_backend_role" "example" {
  backend   = "${vault_auth_backend.approle.path}"
  role_name = "test-role"
  policies  = ["default", "dev", "prod"]

resource "vault_approle_auth_backend_role_secret_id" "id" {
  backend   = "${vault_auth_backend.approle.path}"
  role_name = "${vault_approle_auth_backend_role.example.role_name}"

resource "vault_approle_auth_backend_login" "login" {
  backend   = "${vault_auth_backend.approle.path}"
  role_id   = "${vault_approle_auth_backend_role.example.role_id}"
  secret_id = "${vault_approle_auth_backend_role_secret_id.id.secret_id}"

» Argument Reference

The following arguments are supported:

  • role_id - (Required) The ID of the role to log in with.

  • secret_id - (Optional) The secret ID of the role to log in with. Required unless bind_secret_id is set to false on the role.

  • backend - The unique path of the Vault backend to log in with.

» Attributes Reference

In addition to the fields above, the following attributes are exported:

  • policies - A list of policies applied to the token.

  • renewable - Whether the token is renewable or not.

  • lease_duration - How long the token is valid for, in seconds.

  • lease_started - The date and time the lease started, in RFC 3339 format.

  • accessor - The accessor for the token.

  • client_token - The Vault token created.

  • metadata - The metadata associated with the token.