Reputation: 951
HashiCorp Vault SSO Authentication using Azure Active Directory & Terraform
I am looking to set up a HashiCorp Vault single sign-on authentication using Azure Active Directory (with OIDC) and provisioned through Terraform.
Now, I’ve come across a few useful examples online, but none so far has provided me with detailed, step-by-step guidance on how to achieve the following:
Set up and configure Azure Active Directory components including:
- App Registration
- Claims/Tokens
- Service Principals
Set up and configuration of Vault on my localhost.
Terraform code examples to enable me provision the required Azure resources to achieve among others, the following:
- Configure OIDC
- Create an Azure Role, Groups, etc
- Read/Write secrets in Vault
- Successfully invoke and authenticate a login to Vault via OIDC
Anyone able to point me in the right direction, particularly towards any working examples with detailed, step-by-step scripts/code, guide or instructions?
Upvotes: 0
Views: 1588
Answers (1)
Reputation: 186
Hashicorp has written a pretty comprehensive writeup on AzureAD with OIDC SSO here: https://developer.hashicorp.com/vault/tutorials/auth-methods/oidc-auth-azure
I'm not sure it provides everything you are looking for, but its the most comprehensive walkthrough Ive found so far.
Upvotes: 0
Related Questions
- How to get Vault secret through Terraform?
- Terraform create a azure key vault
- How to create a Hashicorp Vault user using Terraform
- Terraform - Enable OIDC on HashiCorp Vault child namespace
- How or Where Can I Access My Vault OIDC Logs and JWT Claim Metadata
- How to use terraform with hashicorp vault for openstack?
- Hashicorp Terraform - Storing Azure Storage account access key in Azure Key Vault
- Terraform key vault access policy
- vault token create after vault login -method ldap
- Invalid Index on data lookup on multiple vault auth backend