39 lines
1.3 KiB
Plaintext
39 lines
1.3 KiB
Plaintext
### REQUIRED VARIABLES
|
|
|
|
# The domain name, without protocol or trailing paths, for which you've provisioned an SSL/TLS certificate via AWS Certificate Manager.
|
|
domain_name = "secrets.domain.com"
|
|
|
|
# The name of an existing `.pem` "EC2 Key Pair" that is in the same AWS Account and Region of the Vault deployment.
|
|
ec2_key_pair_name = "vault_key_pair"
|
|
|
|
### OPTIONAL VARIABLES
|
|
|
|
# Use latest ami id
|
|
# use_latest_ami = false
|
|
|
|
# Version
|
|
# vault_version = "1.15.5"
|
|
|
|
# Vault instance type. Upgradeable.
|
|
# vault_instance_type = "t3.micro"
|
|
|
|
# If you didn't create a named AWS profile, omit this. Defaults to "default".
|
|
# aws_profile = "non_default_profile"
|
|
|
|
# If you want to scope allowed traffic to specific CIDR blocks.
|
|
# allowed_traffic_cidr_blocks = ["0.0.0.0/0"] # default value
|
|
|
|
# If you want to scope allowed traffic to specific IPv6 CIDR blocks.
|
|
# allowed_traffic_cidr_blocks_ipv6 = ["::/0"] # default value
|
|
|
|
### PRIVATE MODE - Restrict Traffic to other AWS VPCs.
|
|
|
|
# Flag to deploy the project as private. Defaults to false.
|
|
# private_mode = true
|
|
|
|
# ID of VPCs that can access the Vault Deployment's VPC and, as a result, the Vault endpoint.
|
|
# peered_vpc_ids = ["EXTERNAL_VPC_ID_1", "EXTERNAL_VPC_ID_2"]
|
|
|
|
### OPERATOR MODE - LEAVE THIS AS TRUE FOR FIRST TIME DEPLOYS. Defaults to true.
|
|
|
|
# operator_mode = true |