resource "vault_aws_secret_backend" "aws" { access_key = var.aws_access_key secret_key = var.aws_secret_key path = "${var.name}-path" default_lease_ttl_seconds = "120" max_lease_ttl_seconds = "240" } resource "vault_aws_secret_backend_role" "admin" { backend = vault_aws_secret_backend.aws.path name = "${var.name}-role" credential_type = "iam_user" policy_document = <