vault_pki_secret_backend_crl_config

Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.

Example Usage

resource "vault_mount" "pki" {
  path                      = "%s"
  type                      = "pki"
  default_lease_ttl_seconds = 3600
  max_lease_ttl_seconds     = 86400
}

resource "vault_pki_secret_backend_crl_config" "crl_config" {
  backend = vault_mount.pki.path
  expiry  = "72h"
  disable = false
}

Argument Reference

The following arguments are supported:

Attributes Reference

No additional attributes are exported by this resource.