v0.0.45

ConseilsTI · Mar 19, 2024 · d29abb6 · d29abb6
1 parent 37d9803
commit d29abb6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/docs/README_header.md b/docs/README_header.md
@@ -21,8 +21,8 @@ instead of a user token.
 
 ### Hashicorp Vault Secrets Permissions
 
-To read secrets from Hashicorp Vault Secrets, provide a client ID and a key
-from a service principals with the secret `reader` role.
+To read and create secrets in Hashicorp Vault Secrets, provide a client ID and a key
+from a service principals with the secret `contributor` role.
 
 ### GitHub Permissions
 
@@ -83,7 +83,7 @@ GITHUB_APP_PEM_FILE, and GITHUB_OWNER environment variables to authenticate.
   * branches protection
   * repositories secrets
   * teams
-* Read secrets from Hashicorp Vault Secrets
+* Read and write secrets in Hashicorp Vault Secrets
 
 ## Prerequisite
 

diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
@@ -3,6 +3,6 @@
 resource "hcp_vault_secrets_secret" "this" {
   for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if try(team.token, false) == true })
   app_name     = "TerraformCloud"
-  secret_name  = "TFC_API_TOKEN_${lower(replace(each.value.name, "/\\W|_|\\s/", "_"))}"
+  secret_name  = lower(replace(each.value.name, "/\\W|_|\\s/", "_"))
   secret_value = module.tfe_teams[each.value.name].token
 }