Vault_database_secret_backend_role TTL values from terraform variables not accepting string type variable

AjayRedJ · May 21, 2025, 11:03am

This is the terraform resource where values for some attributes are taking input as number only. while we want to pass strings. which are acceptable by the Provider Vault.

We changed the variable type from “number” to “string”. When we passed the value of the variables as 32d or 24h to denote in hours or days, it is throwing as error.

It works fine when we pass the value in seconds like 3600.

values as 32d or 24h work fine when passing in CLI command or API call directly to Vault.
example: vault write -f auth/approle/role/tocheckttl token_ttl=“24h” token_max_ttl=“25d”

Terraform is not allowing the attribute to take value in other formats.

wyardley · May 21, 2025, 3:27pm

The provider docs specifically say “number of seconds”, so it looks like that’s the way the provider requires it to be specified?

I don’t think it’s a given that the provider’s interface will necessarily be the same as the CLI or other tools.

Topic		Replies	Views
Database Secret Engine TTL values from terraform variables not accepting string type variable Vault vault	1	17	May 22, 2025
Vault Database Secret Engine TTL values from terraform variables not accepting string type variable Terraform Providers	0	7	May 21, 2025
Problem using token_ttl parameter with vault_token_auth_backend_role Vault	1	413	November 1, 2019
Error in using string list variable in Terraform Cloud HCP Terraform	6	5597	December 9, 2022
Vault_generic_secret and variables in json? Terraform	3	5249	September 23, 2021

Vault_database_secret_backend_role TTL values from terraform variables not accepting string type variable

Related topics