W3cubDocs

/Terraform

vault_aws_auth_backend_client

Configures the client used by an AWS Auth Backend in Vault.

This resource sets the access key and secret key that Vault will use when making API requests on behalf of an AWS Auth Backend. It can also be used to override the URLs Vault uses when making those API requests.

For more information, see the Vault docs.

Example Usage

resource "vault_auth_backend" "example" {
  type = "aws"
}

resource "vault_aws_auth_backend_client" "example" {
  backend = "${vault_auth_backend.example.path}"
  access_key = "INSERT_AWS_ACCESS_KEY"
  secret_key = "INSERT_AWS_SECRET_KEY"
}

Argument Reference

The following arguments are supported:

  • backend - (Optional) The path the AWS auth backend being configured was mounted at. Defaults to aws.

  • access_key - (Optional) The AWS access key that Vault should use for the auth backend.

  • secret_key - (Optional) The AWS secret key that Vault should use for the auth backend.

  • ec2_endpoint - (Optional) Override the URL Vault uses when making EC2 API calls.

  • iam_endpoint - (Optional) Override the URL Vault uses when making IAM API calls.

  • sts_endpoint - (Optional) Override the URL Vault uses when making STS API calls.

  • iam_server_id_header_value - (Optional) The value to require in the X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests that are used in the IAM auth method.

Attributes Reference

No additional attributes are exported by this resource.

© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/vault/r/aws_auth_backend_client.html