hashivault_approle_role_create - Hashicorp Vault approle create role module¶

token

authentication type to use: token, userpass, github, ldap, approle

Require secret_id to be presented when logging in using this AppRole.

Comma-separated string or list of CIDR blocks.

to environment variable VAULT_CACERT

path to a PEM-encoded CA cert file to use to verify the Vault server TLS certificate

to environment variable VAULT_CAPATH

path to a directory of PEM-encoded CA cert files to verify the Vault server TLS certificate : if ca_cert is specified, its value will take precedence

to environment variable VAULT_CLIENT_CERT

path to a PEM-encoded client certificate for TLS authentication to the Vault server

to environment variable VAULT_CLIENT_KEY

path to an unencrypted PEM-encoded private key matching the client certificate

If set, the secret IDs generated using this role will be cluster local.

role name.

to environment variable VAULT_PASSWORD

password to login to vault.

Duration of the token generated.

policies for the role.

Number of times any particular SecretID can be used.

Duration after which any SecretID expires.

to environment variable VAULT_TOKEN

token for vault

Duration after which the issued token can no longer be renewed.

Number of times issued tokens can be used. A value of 0 means unlimited uses.

Duration to set as the TTL for issued tokens and at renewal time.

to environment variable VAULT_ADDR

url for vault

to environment variable VAULT_USER

username to login to vault.

to environment variable VAULT_SKIP_VERIFY

if set, do not verify presented TLS certificate before communicating with Vault server : setting this variable is not recommended except during testing