The approle authentication method allows machines or applications to authenticate with Vault-defined roles. In order for an approle to receive a token, a set of policies and login constraints must be met.
This KB article is an extension of the existing approle token ttl suffix for:
Current existing documentation mentioned support suffix is
s for seconds,
m for minutes. Vault token ttl suffix does also support
h for hour,
ms for millisecond and
µs for microsecond.
To sum up:
nsfor nanoseconds (not commonly used in Vault)
µsfor microsecond (not commonly used in Vault)
In the meantime,
token_ttl cannot be greater than
token_max_ttl. If no suffix is provided, vault will assume a value of seconds for that specific ttl.
vault write auth/approle/role/my-role \
Success! Data written to: auth/approle/role/my-role