Skip to content

Add Group Space for a new Team

Jump to bottom
Nisarg Vadgama edited this page Jul 27, 2023 · 3 revisions

Link to the JIRA ticket.

The first step is to create a group in vault-sync-config and give it the required permissions. Add the following code in config.json of vault-sync-config

{ "kv": "groups", "name": "team-name", "policies": [] }

Once you push the code in the main, a GitHub action will run which will add the new team in vault-sync-app vault-sync-app flowchart

Now we have a Group space, we need to add members to the group.

There are two apps OpenSearch and Vault, for this example let's add the group members for Vault. To add members in Vault add the following code in integration-roles.json of auth-sync-config-knox

{ "group": "group", "name": "data-foundations", "members": { "static": [ "john.doe@gov.bc.ca", "jane.doe@gov.bc.ca", "jill.doe@gov.bc.ca" ], "exclude": [ "vault-admin", "vault-superadmin" ] }

After this code is merged in the main branch it will run a GitHub Action in auth-sync-app

Now to see the Group in the Vault application you have to create a dummy secret. The Group space is created in the Vault app at a random path. When adding a dummy secret, you also have to add the path. MicrosoftTeams-image (3)

Once this secret with a path is added you can see the Group name in the Vault application.

Clone this wiki locally