Created
January 30, 2024 12:40
-
-
Save jefrnc/2e58623f5c6a7d744d589e8b11260b9e to your computer and use it in GitHub Desktop.
Log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cdktf-vault Terraform used the selected providers to generate the following execution plan. | |
Resource actions are indicated with the following symbols: | |
~ update in-place | |
Terraform will perform the following actions: | |
cdktf-vault # vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE (group_devops_policy/ldap_devops_developer) will be updated in-place | |
~ resource "vault_policy" "group_devops_policy_ldap_devops_developer_82DAFADE" { | |
id = "ldap_devops_developer" | |
name = "ldap_devops_developer" | |
~ policy = <<-EOT | |
+ path "sys/health" | |
+ { | |
+ capabilities = ["read", "sudo"] | |
+ } | |
+ path "sys/policies/acl" | |
+ { | |
+ capabilities = ["list"] | |
+ } | |
+ path "sys/policies/acl/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "auth/*" | |
+ { | |
cdktf-vault + capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/auth/*" | |
+ { | |
+ capabilities = ["create", "update", "delete", "sudo"] | |
+ } | |
+ path "sys/auth" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
+ path "secret/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
path "finance/*" { | |
cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "finance/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "quality/*" { | |
cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "quality/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
EOT | |
} | |
cdktf-vault # vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD (group_devops_policy/ldap_devops_head) will be updated in-place | |
~ resource "vault_policy" "group_devops_policy_ldap_devops_head_22FC1CBD" { | |
id = "ldap_devops_head" | |
name = "ldap_devops_head" | |
~ policy = <<-EOT | |
+ path "sys/health" | |
+ { | |
+ capabilities = ["read", "sudo"] | |
+ } | |
+ path "sys/policies/acl" | |
+ { | |
+ capabilities = ["list"] | |
+ } | |
+ path "sys/policies/acl/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "auth/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
cdktf-vault + } | |
+ path "sys/auth/*" | |
+ { | |
+ capabilities = ["create", "update", "delete", "sudo"] | |
+ } | |
+ path "sys/auth" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
+ path "secret/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
path "finance/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
cdktf-vault path "finance/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "quality/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
cdktf-vault } | |
path "quality/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
EOT | |
} | |
cdktf-vault # vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4 (group_devops_policy/ldap_devops_leader) will be updated in-place | |
~ resource "vault_policy" "group_devops_policy_ldap_devops_leader_4D2FE7F4" { | |
id = "ldap_devops_leader" | |
name = "ldap_devops_leader" | |
~ policy = <<-EOT | |
+ path "sys/health" | |
+ { | |
+ capabilities = ["read", "sudo"] | |
+ } | |
+ path "sys/policies/acl" | |
+ { | |
+ capabilities = ["list"] | |
+ } | |
+ path "sys/policies/acl/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "auth/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
cdktf-vault + path "sys/auth/*" | |
+ { | |
+ capabilities = ["create", "update", "delete", "sudo"] | |
+ } | |
+ path "sys/auth" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
+ path "secret/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts/*" | |
+ { | |
+ capabilities = ["create", "read", "update", "delete", "list", "sudo"] | |
+ } | |
+ path "sys/mounts" | |
+ { | |
+ capabilities = ["read"] | |
+ } | |
path "finance/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "finance/data/*" { | |
cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "growth/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "operations/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "procurement/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "quality/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "quality/data/*" { | |
cdktf-vault capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "data/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "devops/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
path "rnd/data/*" { | |
capabilities = ["list", "read", "create", "update", "delete"] | |
} | |
EOT | |
} | |
# vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98 (jenkins-dev-dev/approle_jenkins-dev_policy) will be updated in-place | |
cdktf-vault ~ resource "vault_policy" "jenkins-dev-dev_approle_jenkins-dev_policy_09720D98" { | |
id = "approle_jenkins-dev_policy" | |
name = "approle_jenkins-dev_policy" | |
~ policy = <<-EOT | |
path "finance/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "growth/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "operations/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "procurement/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "quality/data/*" { | |
cdktf-vault - capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "data/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "devops/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "rnd/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
EOT | |
} | |
# vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F (jenkins-prod-prod/approle_jenkins-prod_policy) will be updated in-place | |
~ resource "vault_policy" "jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F" { | |
id = "approle_jenkins-prod_policy" | |
name = "approle_jenkins-prod_policy" | |
cdktf-vault ~ policy = <<-EOT | |
path "finance/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "growth/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "operations/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "procurement/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "quality/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "data/data/*" { | |
cdktf-vault - capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "devops/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
path "rnd/data/*" { | |
- capabilities = ["read"] | |
+ capabilities = ["read", "create", "update"] | |
} | |
EOT | |
} | |
Plan: 0 to add, 5 to change, 0 to destroy. | |
cdktf-vault vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98: Modifying... [id=approle_jenkins-dev_policy] | |
cdktf-vault vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F: Modifying... [id=approle_jenkins-prod_policy] | |
vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE: Modifying... [id=ldap_devops_developer] | |
vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4: Modifying... [id=ldap_devops_leader] | |
vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD: Modifying... [id=ldap_devops_head] | |
cdktf-vault vault_policy.jenkins-prod-prod_approle_jenkins-prod_policy_93E7E31F: Modifications complete after 0s [id=approle_jenkins-prod_policy] | |
cdktf-vault vault_policy.jenkins-dev-dev_approle_jenkins-dev_policy_09720D98: Modifications complete after 0s [id=approle_jenkins-dev_policy] | |
cdktf-vault vault_policy.group_devops_policy_ldap_devops_developer_82DAFADE: Modifications complete after 0s [id=ldap_devops_developer] | |
cdktf-vault vault_policy.group_devops_policy_ldap_devops_leader_4D2FE7F4: Modifications complete after 0s [id=ldap_devops_leader] | |
cdktf-vault vault_policy.group_devops_policy_ldap_devops_head_22FC1CBD: Modifications complete after 0s [id=ldap_devops_head] | |
cdktf-vault | |
Apply complete! Resources: 0 added, 5 changed, 0 destroyed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment