-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
156 lines (134 loc) · 3.68 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
variable "secret_engines" {
type = list(object({
name = string
path = string
description = string
data_json = string
}))
default = []
description = "A list of secret path objects"
}
variable "kv_policies" {
type = list(object({
name = string
capabilities = string
}))
default = []
description = "A list of kv policies"
}
variable "k8s_auths" {
type = list(object({
name = string
namespace = string
token_policies = list(string)
token_ttl = number
}))
default = []
description = "A list of k8s_auth objects"
}
variable "kubeconfig_path" {
type = string
default = "~/.kube/config"
description = "kubeconfig path"
}
variable "context" {
type = string
default = "default"
description = "kube cluster context"
}
variable "approle_roles" {
type = list(object({
name = string
token_policies = list(string)
}))
default = []
description = "A list of approle definitions"
}
variable "userPassPath" {
type = string
default = "userpass"
description = "userpass"
}
variable "user_list" {
type = list(object({
path = string
data_json = string
}))
default = []
description = "A list of users"
}
variable "secret_id_ttl" {
type = number
default = 0
description = "The number of seconds after which any SecretID expires"
}
variable "token_max_ttl" {
type = number
default = 0
description = "The maximum lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time."
}
variable "secret_id_num_uses" {
type = number
default = 0
description = "The number of times any particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire. A value of zero will allow unlimited uses."
}
variable "token_explicit_max_ttl" {
type = number
default = 0
description = "If set, will encode an explicit max TTL onto the token in number of seconds. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal."
}
variable "token_num_uses" {
type = number
default = 0
description = "The period, if any, in number of seconds to set on the token."
}
variable "token_period" {
type = number
default = 0
description = "If set, indicates that the token generated using this role should never expire. The token should be renewed within the duration specified by this value. At each renewal, the token's TTL will be set to the value of this field. Specified in seconds."
}
variable "csi_enabled" {
description = "Enable secrets store csi driver"
type = bool
default = true
}
variable "namespace_csi" {
description = "Namespace of secrets store csi driver"
type = string
default = "secrets-store-csi"
}
variable "cluster_name" {
type = string
default = false
description = "cluster name"
}
variable "vso_enabled" {
description = "Enable vault-secrets-operator"
type = bool
default = true
}
variable "namespace_vso" {
description = "Namespace of vault-secrets-operator"
type = string
default = "vault-secrets-operator"
}
variable "enableApproleAuth" {
description = "Enable approle auth"
type = bool
default = false
}
variable "createDefaultAdminPolicy" {
description = "Create default admin policy"
type = bool
default = false
}
variable "enableUserPass" {
description = "Enable user pass"
type = bool
default = false
}
variable "vault_addr" {
type = string
default = false
description = "vault_addr"
}