8 lines
450 B
Bash
8 lines
450 B
Bash
vault write [[ .vault.root ]]database/roles/[[ .vault.database.role ]] \
|
|
db_name="postgres" \
|
|
creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; \
|
|
GRANT \"[[ .vault.database.pgrole ]]\" TO \"{{name}}\"; \
|
|
ALTER ROLE \"{{name}}\" SET role = \"[[ .vault.database.pgrole ]]\"" \
|
|
default_ttl="[[ .vault.database.ttl ]]" \
|
|
max_ttl="[[ .vault.database.max_ttl ]]"
|