1 resource "vault_aws_secret_backend" "aws" {
2 access_key = var.aws_access_key
3 secret_key = var.aws_secret_key
4 path = "${var.name}-path"
6 default_lease_ttl_seconds = "0"
7 max_lease_ttl_seconds = "0"
10 resource "vault_aws_secret_backend_role" "admin" {
11 backend = vault_aws_secret_backend.aws.path
12 name = "${var.name}-role"
13 credential_type = "iam_user"
15 policy_document = <<EOF
17 "Version": "2012-10-17",
32 value = vault_aws_secret_backend.aws.path
36 value = vault_aws_secret_backend_role.admin.name