feat: set max token life for auth_kubernetes_role

found kubernetes vaultauth resources never picking up new policies,
because they would infinitely renew their token.

- set default max token length for roles to 1 day
- changed all existing role token_max_ttl to match their token_ttl
This commit is contained in:
2026-02-22 22:28:21 +11:00
parent c94b2af196
commit 7cafafd483
13 changed files with 18 additions and 0 deletions
+1
View File
@@ -83,6 +83,7 @@ variable "auth_kubernetes_role" {
bound_service_account_names = list(string)
bound_service_account_namespaces = list(string)
token_ttl = optional(number, 3600)
token_max_ttl = optional(number, 86400)
audience = optional(string, "vault")
}))
default = {}