Provides a resource to manage TOTP MFA.
Note this feature is available only with Vault Enterprise.
resource "vault_mfa_totp" "my_totp" {
name = "my_totp"
issuer = "hashicorp"
period = 60
algorithm = "SHA256"
digits = 8
key_size = 20
}
The following arguments are supported:
namespace
- (Optional) The namespace to provision the resource in.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
name
(string: <required>)
– Name of the MFA method.
issuer
(string: <required>)
- The name of the key's issuing organization.
period
(int)
- The length of time used to generate a counter for the TOTP token calculation.
key_size
(int)
- Specifies the size in bytes of the generated key.
qr_size
(int)
- The pixel size of the generated square QR code.
algorithm
(string)
- Specifies the hashing algorithm used to generate the TOTP code.
Options include SHA1
, SHA256
and SHA512
digits
(int)
- The number of digits in the generated TOTP token.
This value can either be 6 or 8.
skew
(int)
- The number of delay periods that are allowed when validating a TOTP token.
This value can either be 0 or 1.
No additional attributes are exported by this resource.
Mounts can be imported using the path
, e.g.
$ terraform import vault_mfa_totp.my_totp my_totp