Ben Vincent
14790f8277
- import pki, ssh, kv, rundeck engines - deploy all roles from terraform - deploy all policies from terraform - deploy all approles from terraform
13 lines
428 B
HCL
13 lines
428 B
HCL
resource "vault_ssh_secret_backend_role" "sshca_signhost" {
|
|
backend = vault_mount.sshca.path
|
|
name = "sshca_signhost"
|
|
key_type = "ca"
|
|
algorithm_signer = "rsa-sha2-256"
|
|
ttl = 87600 * 3600
|
|
allow_host_certificates = true
|
|
allow_subdomains = true
|
|
allow_bare_domains = false
|
|
allowed_domains = "main.unkin.net,consul"
|
|
}
|
|
|