Creates an GCP Secret Backend for Vault. GCP secret backends can then issue GCP OAuth token or Service Account keys, once a role has been added to the backend.
resource "vault_gcp_secret_backend" "gcp" {
credentials = file("credentials.json")
}
The following arguments are supported:
namespace
- (Optional) The namespace to provision the resource in.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
credentials
- (Optional) The GCP service account credentials in JSON format.
path
- (Optional) The unique path this backend should be mounted at. Must
not begin or end with a /
. Defaults to gcp
.
disable_remount
- (Optional) If set, opts out of mount migration on path updates.
See here for more info on Mount Migration
description
- (Optional) A human-friendly description for this backend.
default_lease_ttl_seconds
- (Optional) The default TTL for credentials
issued by this backend. Defaults to '0'.
max_lease_ttl_seconds
- (Optional) The maximum TTL that can be requested
for credentials issued by this backend. Defaults to '0'.
local
- (Optional) Boolean flag that can be explicitly set to true to enforce local mount in HA environment
No additional attributes are exported by this resource.