Skip to content

airwallex/terraform-provider-vault

 
 

Repository files navigation

Terraform Provider

Enhancement

Support gcp login which automate the jwt generating process. Added below parameters:

method = "gcp"
path = "auth/gcp/login"      
project = "your-project"
service_account = "[email protected]"
creds = file(var.google_application_credentials)

Example Usage:

provider "vault" {
  version = "2.5.0"
  auth_login {
    method = "gcp"
    path = "auth/gcp/login"      
    project = "your-project"
    service_account = "[email protected]"
    creds = file(var.google_application_credentials)
    parameters = {
      role = "devops"
    }
  }
}

Maintainers

This provider plugin is maintained by the Terraform team at HashiCorp.

Best Practices

We recommend that you avoid placing secrets in your Terraform config or state file wherever possible, and if placed there, you take steps to reduce and manage your risk. We have created a practical guide on how to do this with our opensource versions in Best Practices for Using HashiCorp Terraform with HashiCorp Vault:

Best Practices for Using HashiCorp Terraform with HashiCorp Vault

This webinar walks you through how to protect secrets when using Terraform with Vault. Additional security measures are available in paid Terraform versions as well.

Requirements

  • Terraform 0.11.x
  • Go 1.11 (to build the provider plugin)

Building The Provider

Clone repository to: $GOPATH/src/github.com/terraform-providers/terraform-provider-vault

$ mkdir -p $GOPATH/src/github.com/terraform-providers; cd $GOPATH/src/github.com/terraform-providers
$ git clone [email protected]:terraform-providers/terraform-provider-vault

Enter the provider directory and build the provider

$ cd $GOPATH/src/github.com/terraform-providers/terraform-provider-vault
$ make build

Using the provider

Developing the Provider

If you wish to work on the provider, you'll first need Go installed on your machine (version 1.11+ is required). You'll also need to correctly setup a GOPATH, as well as adding $GOPATH/bin to your $PATH.

To compile the provider, run make build. This will build the provider and put the provider binary in the $GOPATH/bin directory.

$ make build
...
$ $GOPATH/bin/terraform-provider-vault
...

In order to test the provider, you can simply run make test.

$ make test

In order to run the full suite of Acceptance tests, run make testacc.

Note: Acceptance tests create real resources, and often cost money to run.

$ make testacc

Packages

No packages published

Languages

  • Go 98.0%
  • HTML 1.7%
  • Other 0.3%