vault_kubernetes_secret_backend

Creates a Kubernetes Secrets Backend for Vault.

The Kubernetes Secrets Engine for Vault generates Kubernetes service account tokens, and optionally service accounts, role bindings, and roles.

Example Usage

resource "vault_kubernetes_secret_backend" "config" {
  path                      = "kubernetes"
  description               = "kubernetes secrets engine description"
  default_lease_ttl_seconds = 43200
  max_lease_ttl_seconds     = 86400
  kubernetes_host           = "https://127.0.0.1:61233"
  kubernetes_ca_cert        = file("/path/to/cert")
  service_account_jwt       = file("/path/to/token")
  disable_local_ca_jwt      = false
}

Argument Reference

This resource directly accepts all vault_mount fields.

Additionally, the following arguments are supported:

Attributes Reference

No additional attributes are exported by this resource.

Import

The Kubernetes secret backend can be imported using its path e.g.

$ terraform import vault_kubernetes_secret_backend.config kubernetes