vault: use full group name format for Kanidm

2026-02-09 19:41:18 +01:00
parent addb8a83e6
commit 584b5877f2
1 changed files with 1 additions and 1 deletions
--- a/terraform/vault/oidc.tf
+++ b/terraform/vault/oidc.tf
@@ -24,7 +24,7 @@ resource "vault_jwt_auth_backend_role" "admin" {

  user_claim   = "preferred_username"
  groups_claim = "groups"
-  bound_claims = { groups = "admins" }
+  bound_claims = { groups = "admins@home.2rjus.net" }
  role_type    = "oidc"
  oidc_scopes  = ["openid", "profile", "email", "groups"]