No requirements.
| Name | Version |
|---|---|
| external | n/a |
| helm | n/a |
| kubernetes | n/a |
No modules.
| Name | Type |
|---|---|
| helm_release.vault | resource |
| kubernetes_namespace.vault | resource |
| kubernetes_secret.tls_server | resource |
| kubernetes_secret.vault_ca_cert | resource |
| kubernetes_secret.vault_seal_token | resource |
| external_external.setup_vault | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| k8s_config_path | n/a | string |
n/a | yes |
| k8s_host | n/a | string |
n/a | yes |
| tls_crt | n/a | string |
n/a | yes |
| tls_key | n/a | string |
n/a | yes |
| vault_host | n/a | string |
n/a | yes |
| vault_key_shares | n/a | number |
n/a | yes |
| vault_key_threshold | n/a | number |
n/a | yes |
| vault_ui_host | n/a | string |
n/a | yes |
| k8s_client_certificate | n/a | string |
"" |
no |
| k8s_client_key | n/a | string |
"" |
no |
| k8s_cluster_ca_certificate | n/a | string |
"" |
no |
| k8s_cluster_client_token | n/a | string |
"" |
no |
| module_depends_on | n/a | any |
[] |
no |
| namespace | n/a | string |
"vault" |
no |
| nr_of_vault_pods | n/a | number |
3 |
no |
| vault_autounseal | n/a | bool |
false |
no |
| vault_conf_persist | n/a | string |
"false" |
no |
| vault_config | n/a | string |
" ui = true\n listener \"tcp\" {\n address = \"[::]:8200\"\n cluster_address = \"[::]:8201\"\n tls_cert_file = \"/vault/userconfig/tls-server/tls.crt\"\n tls_key_file = \"/vault/userconfig/tls-server/tls.key\"\n tls_ca_cert_file = \"/vault/userconfig/vault-ca-crt/tls.crt\"\n }\n\n%s\n \n storage \"raft\" {\n path = \"/vault/data\"\n retry_join {\n leader_api_addr = \"https://vault-0.vault-internal:8200\"\n leader_ca_cert_file = \"/vault/userconfig/vault-ca-crt/tls.crt\"\n leader_client_cert_file = \"/vault/userconfig/tls-server/tls.crt\"\n leader_client_key_file = \"/vault/userconfig/tls-server/tls.key\"\n }\n retry_join {\n leader_api_addr = \"https://vault-1.vault-internal:8200\"\n leader_ca_cert_file = \"/vault/userconfig/vault-ca-crt/tls.crt\"\n leader_client_cert_file = \"/vault/userconfig/tls-server/tls.crt\"\n leader_client_key_file = \"/vault/userconfig/tls-server/tls.key\"\n }\n retry_join {\n leader_api_addr = \"https://vault-2.vault-internal:8200\"\n leader_ca_cert_file = \"/vault/userconfig/vault-ca-crt/tls.crt\"\n leader_client_cert_file = \"/vault/userconfig/tls-server/tls.crt\"\n leader_client_key_file = \"/vault/userconfig/tls-server/tls.key\"\n }\n autopilot {\n cleanup_dead_servers = \"true\"\n last_contact_threshold = \"200ms\"\n last_contact_failure_threshold = \"10m\"\n max_trailing_logs = 250000\n min_quorum = 5\n server_stabilization_time = \"10s\"\n }\n }\n service_registration \"kubernetes\" {}\n" |
no |
| vault_unseal_address | n/a | string |
"" |
no |
| vault_unseal_config | n/a | string |
" seal \"transit\" {\n address = \"%s\"\n disable_renewal = \"false\"\n key_name = \"%s\"\n mount_path = \"%s\"\n tls_skip_verify = \"true\"\n }\n" |
no |
| vault_unseal_helm_cfg | n/a | string |
" extraSecretEnvironmentVars:\n - envName: VAULT_TOKEN\n secretName: unseal-token\n secretKey: TOKEN\n" |
no |
| vault_unseal_key_name | n/a | string |
"" |
no |
| vault_unseal_mount_path | n/a | string |
"" |
no |
| vault_unseal_token | n/a | string |
"" |
no |
| Name | Description |
|---|---|
| root_token | n/a |
| unseal_keys | n/a |