resource "vault_approle_auth_backend_role" "certmanager" {
  role_name      = "certmanager"
  bind_secret_id = false
  token_policies = ["certmanager"]
  token_ttl      = 30
  token_max_ttl  = 30
  token_bound_cidrs = [
    "198.18.17.3/32",
    "198.18.13.32/32",
    "198.18.13.33/32",
    "198.18.13.34/32",
    "198.18.13.46/32"
  ]
}