Panfactum LogoPanfactum
Infrastructure ModulesVaultvault_auth_oidc

Vault OIDC Authentication

vault_auth_oidc
Stable
Live
Source Code Link

Allows SSO logins to the Vault instance via OIDC.

To be used with the authentik_vault_sso module.

Providers

The following providers are needed by this module:

Required Inputs

The following input variables are required:

client_id

Description: The client id for the OIDC authentication

Type: string

client_secret

Description: The client secret for the OIDC authentication

Type: string

oidc_discovery_url

Description: The discover url for OIDC authentication

Type: string

oidc_issuer

Description: The bound issuer for OIDC authentication

Type: string

oidc_redirect_uris

Description: The allowed redirect URIs for OIDC authentication

Type: list(string)

Optional Inputs

The following input variables are optional (have default values):

admin_groups

Description: Groups that should have read and write access to this Vault

Type: list(string)

Default: []

reader_groups

Description: Groups that should have read-only access to this Vault

Type: list(string)

Default: []

superuser_groups

Description: Groups that should have superuser access to this Vault

Type: list(string)

Default: []

token_lifetime_seconds

Description: Number of seconds before generated tokens expire

Type: number

Default: 28800

Outputs

No outputs.

Usage

No notes