Panfactum LogoPanfactum
Infrastructure ModulesDirect ModulesVaultvault_auth_oidc
vault_auth_oidc
Stable
Direct
Source Code Link

Vault OIDC Authentication

Allows SSO logins to the Vault instance via OIDC.

To be used with the authentik_vault_sso module.

Providers

The following providers are needed by this module:

Required Inputs

The following input variables are required:

client_id

Description: The client id for the OIDC authentication

Type: string

client_secret

Description: The client secret for the OIDC authentication

Type: string

oidc_discovery_url

Description: The discover url for OIDC authentication

Type: string

oidc_issuer

Description: The bound issuer for OIDC authentication to Vault

Type: string

oidc_redirect_uris

Description: The allowed redirect URIs for OIDC authentication

Type: list(string)

Optional Inputs

The following input variables are optional (have default values):

admin_groups

Description: Groups that should have read and write access to this Vault

Type: list(string)

Default: []

reader_groups

Description: Groups that should have read-only access to this Vault

Type: list(string)

Default: []

restricted_reader_groups

Description: Groups that should have restricted read-only access to this Vault

Type: list(string)

Default: []

superuser_groups

Description: Groups that should have superuser access to this Vault

Type: list(string)

Default: []

token_lifetime_hours

Description: Number of hours before generated tokens expire

Type: number

Default: 12

Outputs

No outputs.

Usage

No notes