terraform-vault/modules/vault_cluster/modules/pki_mount_only/variables.tf

variable "path" {
  description = "Path where the PKI backend will be mounted"
  type        = string
}

variable "description" {
  description = "Description of the PKI mount"
  type        = string
}

variable "max_lease_ttl_seconds" {
  description = "Maximum possible lease duration for tokens and secrets in seconds"
  type        = number
}


variable "issuing_certificates" {
  description = "List of URLs for issuing certificates"
  type        = list(string)
  default     = []
}

variable "crl_distribution_points" {
  description = "List of URLs for CRL distribution points"
  type        = list(string)
  default     = []
}

variable "ocsp_servers" {
  description = "List of OCSP server URLs"
  type        = list(string)
  default     = []
}

variable "enable_templating" {
  description = "Whether to enable URL templating"
  type        = bool
  default     = false
}

variable "default_issuer_ref" {
  description = "Default issuer reference"
  type        = string
  default     = null
}

variable "default_follows_latest_issuer" {
  description = "Whether the default issuer follows the latest issuer"
  type        = bool
  default     = false
}

variable "crl_expiry" {
  description = "CRL expiry time"
  type        = string
  default     = "72h"
}

variable "crl_disable" {
  description = "Whether to disable CRL"
  type        = bool
  default     = false
}

variable "ocsp_disable" {
  description = "Whether to disable OCSP"
  type        = bool
  default     = false
}

variable "auto_rebuild" {
  description = "Whether to enable auto rebuild of CRL"
  type        = bool
  default     = false
}

variable "enable_delta" {
  description = "Whether to enable delta CRL"
  type        = bool
  default     = false
}

variable "delta_rebuild_interval" {
  description = "Delta CRL rebuild interval"
  type        = string
  default     = null
}