New in version 3.8.0.
Parameter | Choices/Defaults | Comments |
---|---|---|
authtype |
Default: token
|
authentication type to use: token, userpass, github, ldap, approle
|
bind_secret_id |
Require secret_id to be presented when logging in using this AppRole.
|
|
bound_cidr_list |
Comma-separated string or list of CIDR blocks.
|
|
ca_cert |
Default: to environment variable VAULT_CACERT
|
path to a PEM-encoded CA cert file to use to verify the Vault server TLS certificate
|
ca_path |
Default: to environment variable VAULT_CAPATH
|
path to a directory of PEM-encoded CA cert files to verify the Vault server TLS certificate : if ca_cert is specified, its value will take precedence
|
client_cert |
Default: to environment variable VAULT_CLIENT_CERT
|
path to a PEM-encoded client certificate for TLS authentication to the Vault server
|
client_key |
Default: to environment variable VAULT_CLIENT_KEY
|
path to an unencrypted PEM-encoded private key matching the client certificate
|
enable_local_secret_ids |
If set, the secret IDs generated using this role will be cluster local.
|
|
name |
role name.
|
|
password |
Default: to environment variable VAULT_PASSWORD
|
password to login to vault.
|
period |
Duration of the token generated.
|
|
policies |
policies for the role.
|
|
secret_id_num_uses |
Number of times any particular SecretID can be used.
|
|
secret_id_ttl |
Duration after which any SecretID expires.
|
|
token |
Default: to environment variable VAULT_TOKEN
|
token for vault
|
token_max_ttl |
Duration after which the issued token can no longer be renewed.
|
|
token_num_uses |
Number of times issued tokens can be used. A value of 0 means unlimited uses.
|
|
token_ttl |
Duration to set as the TTL for issued tokens and at renewal time.
|
|
url |
Default: to environment variable VAULT_ADDR
|
url for vault
|
username |
Default: to environment variable VAULT_USER
|
username to login to vault.
|
verify |
Default: to environment variable VAULT_SKIP_VERIFY
|
if set, do not verify presented TLS certificate before communicating with Vault server : setting this variable is not recommended except during testing
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.