forked from makezbs/terraform-vault-approle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
62 lines (52 loc) · 1.8 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
variable "role_name" {
type = string
description = "Name for AppRole"
}
variable "policy" {
type = string
description = "Vault policy"
}
variable "policy_name" {
type = string
description = "Name for Vault policy"
}
variable "secret_id_ttl" {
type = number
default = 0
description = "The number of seconds after which any SecretID expires"
}
variable "token_max_ttl" {
type = number
default = 0
description = "The maximum lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time."
}
variable "secret_id_num_uses" {
type = number
default = 0
description = "The number of times any particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire. A value of zero will allow unlimited uses."
}
variable "token_explicit_max_ttl" {
type = number
default = 0
description = "If set, will encode an explicit max TTL onto the token in number of seconds. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal."
}
variable "token_num_uses" {
type = number
default = 0
description = "The period, if any, in number of seconds to set on the token."
}
variable "token_period" {
type = number
default = 0
description = "If set, indicates that the token generated using this role should never expire. The token should be renewed within the duration specified by this value. At each renewal, the token's TTL will be set to the value of this field. Specified in seconds."
}
variable "enable_login" {
type = bool
description = "Enable login feature"
default = false
}
variable "create_secret_id" {
type = bool
description = "Create secret_id"
default = false
}