| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- #Thanks to https://github.com/onetwopunch/terraform-vault-okta/blob/master/main.tf for the code.
- variable "roles" {
- type = map
- default = {}
- description = <<EOF
- Map of Vault role names to their bound groups and token policies. Structure looks like this:
- ```
- roles = {
- okta_admin = {
- token_policies = ["admin"]
- bound_groups = ["vault_admins"]
- },
- okta_devs = {
- token_policies = ["devs"]
- bound_groups = ["vault_devs"]
- }
- }
- ```
- EOF
- }
- variable "okta_oidc_client_id" {
- type = string
- description = "Okta Vault OIDC app client ID"
- }
- variable "okta_oidc_client_secret" {
- type = string
- description = "Okta Vault OIDC app client secret"
- validation {
- condition = var.okta_oidc_client_secret != "<place secret here>"
- error_message = "Please update the okta_oidc_client_secret in terragrunt.hcl!"
- }
- }
- variable "okta_api_token" {
- type = string
- description = "Okta Vault api secret"
- validation {
- condition = var.okta_api_token != "<place secret here>"
- error_message = "Please update the okta_api_token in terragrunt.hcl!"
- }
- }
- variable "dns_info" { type = map }
- variable "environment" { type = string }
- variable "aws_region" { type = string }
- variable "aws_partition" { type = string }
- variable "aws_partition_alias" { type = string }
- variable "aws_account_id" { type = string }
|
