Skills
.Work. You
Rest

aap-vault-ssh

Official

Dynamic Vault SSH credentials for AAP.

Software Engineering#automation#vault#ssh#multitenant#aap#approle#certificate-signing
Authorhashi-demo-lab
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill enables dynamic, signed SSH credentials for Ansible Automation Platform (AAP) by integrating HashiCorp Vault's SSH CA with AppRole-based auth. It eliminates manual SSH key provisioning and reduces credential exposure across multi-tenant environments.

Core Features & Use Cases

  • Vault SSH CA integration: sign per-tenant SSH certificates via AppRole.
  • AppRole-based onboarding: automate credentials provisioning for new tenants.
  • Golden image and rotation support: leverages Vault for certificate rotation and trusted CA deployment to images.

Quick Start

Configure Vault AppRole and SSH secrets engine for a tenant. See references/aap-config.md and references/vault-config.md for complete Terraform and Vault setup.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: aap-vault-ssh
Download link: https://github.com/hashi-demo-lab/terraform-provider-bcm/archive/main.zip#aap-vault-ssh

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.