feat: set max token life for auth_kubernetes_role
found kubernetes vaultauth resources never picking up new policies, because they would infinitely renew their token. - set default max token length for roles to 1 day - changed all existing role token_max_ttl to match their token_ttl
This commit is contained in:
@@ -83,6 +83,7 @@ variable "auth_kubernetes_role" {
|
||||
bound_service_account_names = list(string)
|
||||
bound_service_account_namespaces = list(string)
|
||||
token_ttl = optional(number, 3600)
|
||||
token_max_ttl = optional(number, 86400)
|
||||
audience = optional(string, "vault")
|
||||
}))
|
||||
default = {}
|
||||
|
||||
Reference in New Issue
Block a user