This repo contains a module for deploying a new Vault namespace on an existing Vault cluster using Terraform. [Vault Namespaces] (https://www.vaultproject.io/docs/enterprise/namespaces) is a Enterprise Vault feature.
Please check the examples for example deployments.
module "vault-namespace" {
source = "stoffee/vault-namespace/hashicorp//examples/example-all"
version = ">= 0.10.8"
vault_addr = "https://vault.mydomain.com:8200"
namespace = "MyCoolNewNamespace"
vault_token = "vaulttoken.ijasdiawoskjnasdokijbnasd"
#
# KV2
#
kv2_enabled = true
vault_admin_group = "VAULT_ADMIN"
create_vault_admin_policy = true
vault_admin_policy_name = "supah-user"
#
# LDAP Auth Engine
#
ldap_auth_enabled = true
ldap_auth_engine_ldap_url = "ldap://ldap.mydomain.com"
ldap_auth_engine_bindpass = "MyLDAPBindUserPassword"
ldap_auth_userdn = "DC=na,DC=mydomain,DC=com"
ldap_auth_userattr = "cn"
ldap_auth_groupattr = "cn"
ldap_auth_groupdn = "OU=MyGroups,OU=MyOrg,OU=Exchange,DC=na,DC=MyDomain,DC=com"
ldap_auth_groupfilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
ldap_auth_binddn = "cn=vault_admin_user,ou=Users,dc=mydomain,dc=com"
ldap_auth_insecure_tls = false
ldap_auth_starttls =true
ldap_vault_admin_group = "VAULT_ADMIN"
ldap_vault_admin_policy_name = "super-user-pol"
}