terraform-vault/engine_transit.tf

resource "vault_mount" "transit" {
  path                      = "transit"
  type                      = "transit"
  description               = "Transit Engine"
  default_lease_ttl_seconds = 3600
  max_lease_ttl_seconds     = 86400
}

resource "vault_transit_secret_backend_key" "key" {
  backend = vault_mount.transit.path
  name    = "au-syd1-k8s-vso"
  type    = "aes256-gcm96"
}