» vault_azure_auth_backend_config

Configures the Azure Auth Backend in Vault.

This resource sets the access key and secret key that Vault will use when making API requests on behalf of an Azure Auth Backend. It can also be used to override the URLs Vault uses when making those API requests.

For more information, see the Vault docs.

» Example Usage

resource "vault_auth_backend" "example" {
  type = "azure"
}

resource "vault_azure_auth_backend_config" "example" {
  backend       = "${vault_auth_backend.example.path}"
  tenant_id     = "11111111-2222-3333-4444-555555555555"
  client_id     = "11111111-2222-3333-4444-555555555555"
  client_secret = "01234567890123456789"
  resource      = "https://vault.hashicorp.com"
}

» Argument Reference

The following arguments are supported:

  • tenant_id - (Required) The tenant id for the Azure Active Directory organization.

  • resource - (Required) The configured URL for the application registered in Azure Active Directory.

  • backend - (Optional) The path the Azure auth backend being configured was mounted at. Defaults to azure.

  • client_id - (Optional) The client id for credentials to query the Azure APIs. Currently read permissions to query compute resources are required.

  • client_secret - (Optional) The client secret for credentials to query the Azure APIs.

  • environment - (Optional) The Azure cloud environment. Valid values: AzurePublicCloud, AzureUSGovernmentCloud, AzureChinaCloud, AzureGermanCloud. Defaults to AzurePublicCloud.

» Attributes Reference

No additional attributes are exported by this resource.

» Import

Azure auth backends can be imported using auth/, the backend path, and /config e.g.

$ terraform import vault_azure_auth_backend_config.example auth/azure/config