Caravan Vault Cluster Raft¶

Requirements¶

No requirements.

Providers¶

Name	Version
local	n/a
null	n/a

Modules¶

No modules.

Resources¶

Name	Type
local_file.ssh-key	resource
null_resource.copy_root_token	resource
null_resource.get_encryption_key	resource
null_resource.vault_cluster_node_1_init	resource
null_resource.vault_cluster_node_config	resource
null_resource.vault_cluster_node_local_service	resource
null_resource.vault_cluster_node_not_1_init	resource
local_file.encryption_key	data source
local_file.vault_token	data source

Inputs¶

Name	Description	Type	Default	Required
control_plane_nodes	A map in form of ‘node-name’ => ‘node’s private IP’ of the nodes to provision the cluster on	`map(any)`	n/a	yes
control_plane_nodes_ids	n/a	`list(string)`	n/a	yes
ssh_private_key	The private key to use for SSH connection to cluster nodes	`string`	n/a	yes
aws_access_key	(optional) The AWS Access Key to use for AWS KMS auto unseal. Leave null for using AWS profile or instance profile	`string`	`null`	no
aws_endpoint	(optional) The custom AWS VPC Endpoint to use for AWS KMS auto unseal	`string`	`null`	no
aws_kms_key_id	(optional) The AWS KMS Key ID to use for AWS KMS auto unseal	`string`	`null`	no
aws_kms_region	(optional) The AWS KMS Region to use for AWS KMS auto unseal	`string`	`null`	no
aws_secret_key	(optional) The AWS Secret Key to use for AWS KMS auto unseal. Leave null for using AWS profile or instance profile	`string`	`null`	no
azure_environment	(optional) The Azure Cloud environment API endpoints to use.	`string`	`"AZUREPUBLICCLOUD"`	no
azure_key_name	(optional) The Key Vault key to use for encryption and decryption.	`string`	`null`	no
azure_tenant_id	(optional) The tenant id for the Azure Active Directory organization.	`string`	`null`	no
azure_vault_name	(optional) The Key Vault vault to use the encryption keys for encryption and decryption.	`string`	`null`	no
control_plane_nodes_public_ips	The public IPs of the node to SSH into them	`map(any)`	`null`	no
gcp_key	n/a	`string`	`null`	no
gcp_keyring	n/a	`string`	`null`	no
gcp_project_id	(optional) The GCP Project ID	`string`	`null`	no
gcp_region	n/a	`string`	`"global"`	no
license	Vault license key	`string`	`""`	no
oci_crypto_endpoint	(optional) The OCI Vault crypto endpoint	`string`	`null`	no
oci_key	n/a	`string`	`null`	no
oci_management_endpoint	(optional) The OCI Vault management endpoint	`string`	`null`	no
prefix	n/a	`string`	`""`	no
ssh_bastion_host	The hostname of the bastion host to use for ssh into the nodes	`string`	`null`	no
ssh_bastion_port	n/a	`string`	`"22"`	no
ssh_bastion_private_key	The private key to use for SSH connection to the bastion host	`string`	`null`	no
ssh_bastion_user	n/a	`string`	`null`	no
ssh_timeout	The ssh connection timeout	`string`	`"60s"`	no
ssh_user	The ssh user name to use for login into the cluster nodes	`string`	`"centos"`	no
transit_key	n/a	`string`	`"vault_unseal_keyring"`	no
transit_mount_path	(optional) The Vault transit engine mount path for transit auto unseal	`string`	`null`	no
transit_vault_address	(optional) The Vault address for transit auto unseal	`string`	`null`	no
transit_vault_token	(optional) The Vault token to access transit engine mount path for transit auto unseal	`string`	`null`	no
unseal_type	The type of the unseal configuration to use	`string`	`"gcp"`	no
vault_home	The directory where the vault’s data is kept on the nodes	`string`	`"/var/lib/vault"`	no

Outputs¶

Name	Description
consul_enc_key	n/a
vault_address	n/a
vault_token	n/a