Configures the periodic tidying operation of the whitelisted identity entries.
For more information, see the Vault docs.
resource "vault_auth_backend" "example" {
type = "aws"
}
resource "vault_aws_auth_backend_identity_whitelist" "example" {
backend = vault_auth_backend.example.path
safety_buffer = 3600
}
The following arguments are supported:
namespace
- (Optional) The namespace to provision the resource in.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
backend
- (Optional) The path of the AWS backend being configured.
safety_buffer
- (Optional) The amount of extra time, in minutes, that must
have passed beyond the roletag expiration, before it is removed from the
backend storage.
disable_periodic_tidy
- (Optional) If set to true, disables the periodic
tidying of the identity-whitelist entries.
No additional attributes are exported by this resource.
AWS auth backend identity whitelists can be imported using auth/
, the backend
path, and /config/tidy/identity-whitelist
e.g.
$ terraform import vault_aws_auth_backend_identity_whitelist.example auth/aws/config/tidy/identity-whitelist