Caravan Vault Agent¶

Requirements¶

No requirements.

Providers¶

Name	Version
null	n/a

Modules¶

No modules.

Resources¶

Name	Type
null_resource.vault_agent_local_service	resource
null_resource.vault_approle_agent_config	resource
null_resource.vault_aws_agent_config	resource
null_resource.vault_azure_agent_config	resource
null_resource.vault_gcp_agent_config	resource
null_resource.vault_oci_agent_config	resource
null_resource.vault_oci_agent_hook	resource

Inputs¶

Name	Description	Type	Default	Required
nodes	(required) map of node => ip	`map(any)`	n/a	yes
nodes_ids	(required) IDs of nodes to trigger reprovision of agents	`list(string)`	n/a	yes
ssh_private_key	n/a	`string`	n/a	yes
vault_endpoint	(required) Where the vault server is	`string`	n/a	yes
approle_auto_auth	(optional) Should agent auto authenticate via AppRole	`bool`	`false`	no
aws_access_key	(optional) Static AWS Access Key credential for authentication	`string`	`null`	no
aws_auto_auth	(optional) Should agent auto authenticate via AWS’s IAM	`bool`	`false`	no
aws_node_role	(optional) Configured AWS role of the node	`string`	`null`	no
aws_secret_key	(optional) Static AWS Secret Key credential for authentication	`string`	`null`	no
azure_auto_auth	(optional) Should agent auto authenticate via Azure’s IAM	`bool`	`false`	no
azure_node_role	(optional) Configured Azure role of the node	`string`	`null`	no
azure_resource	(optional) A configured Azure AD application which is used as the resource for generating MSI access tokens	`string`	`"https://management.azure.com/"`	no
gcp_auto_auth	(optional) Should agent auto authenticate via GCP’s IAM	`bool`	`false`	no
gcp_node_role	(optional) Configured GCP role of the node	`string`	`null`	no
gcp_project_id	(optional) The GCP Project ID	`string`	`null`	no
gcp_service_account	(optional) Configured GCP service account	`string`	`null`	no
nodes_public_ips	(optional) map of node => public ip	`map(any)`	`null`	no
oci_auto_auth	(optional) Should agent auto authenticate via OCI’s IAM	`bool`	`false`	no
oci_node_role	(optional) Configured OCI role of the node	`string`	`null`	no
ssh_bastion_host	n/a	`string`	`null`	no
ssh_bastion_port	n/a	`string`	`"22"`	no
ssh_bastion_private_key	n/a	`string`	`null`	no
ssh_bastion_user	n/a	`string`	`null`	no
ssh_timeout	n/a	`string`	`"60s"`	no
ssh_user	n/a	`string`	`"centos"`	no
tcp_listener	(optional) Where agent should bind in form of host:port	`string`	`"127.0.0.1:9200"`	no
tcp_listener_tls	(optional) Should TLS be enabled on TCP listener	`bool`	`false`	no

Outputs¶

No outputs.