This folder contains terraform modules for creating Hashicorp Vault resources.
The purpose of this repository is mainly to showcase how to test terraform vault modules locally using terratest. Later more reusable (and more sophisticated modules will be added).
You may use these modules either via Terraform or Terragrunt.
Inside each module's directory there are examples in each README file on how to use a module with terraform.
To use a module with Terragrunt, create a terragrunt.hcl file that specifies the module you want to use
as well as values for the input variables of that module:
# Use Terragrunt to download the module code
terraform {
source = "git::git@github.com/pkossyfas/terraform-vault-modules//modules/<module-name>?ref=v0.0.1"
}
# Fill in the variables for that module
inputs = {
foo = "bar"
baz = 3
}(Note: the double slash (//) in the source URL is intentional and required. It's part of Terraform's Git syntax
for module sources.)
You then run terragrunt, and it will download the source code specified in the source URL into a temporary folder, copy your terragrunt.hcl
file into that folder, and run your Terraform command in that folder.
- modules/audit: creates audit devices on Vault server.
- modules/auth-backend: creates a Vault Authentication Method with the appropriate configuration.
- modules/policy/: creates Vault policies.
See the tests folder for details.