DEV Community

Frederick Ollinger
Frederick Ollinger

Posted on

Using Hashicorp Vault to Write/Read Secrets in Terraform KV1 Backend

If you have Vault set up as per prior posts and you are authenticated to the server, you can use vault to store secrets.

Writing a Secret

In this case, we have an ip address that we create when we bring up VM and we want to store it in Vault.

This is done with vault_generic_secret resource.

Below is the a valid KV1 path. In this case, we configured KV1 to the path kv-v1

resource "vault_generic_secret" "deploy_ip_secret" {
  path = "kv-v1/deploy"
  data_json = <<EOT
{
  "ip": "192.168.1.13"
}
EOT
}
Enter fullscreen mode Exit fullscreen mode

In this example, we are going to set a single variable, "ip" to the ip address as a string, "192.168.1.13". You can add more variables into a single transaction if you comma delimit them and place them in the data_json block.

Top comments (0)