Ben Vincent
14790f8277
- import pki, ssh, kv, rundeck engines - deploy all roles from terraform - deploy all policies from terraform - deploy all approles from terraform
19 lines
545 B
HCL
19 lines
545 B
HCL
#--------------------------------------------------------------
|
|
# ssh
|
|
# create engine
|
|
# generate ca cert
|
|
# tune the ssh engine
|
|
#--------------------------------------------------------------
|
|
resource "vault_mount" "sshca" {
|
|
path = "sshca"
|
|
type = "ssh"
|
|
description = "SSH CA Engine"
|
|
max_lease_ttl_seconds = 87600 * 3600
|
|
}
|
|
|
|
resource "vault_ssh_secret_backend_ca" "ssh_ca" {
|
|
backend = vault_mount.sshca.path
|
|
generate_signing_key = true
|
|
key_type = "ssh-rsa"
|
|
}
|