Managing Vault with Terraform

Feb 27, 2020

Learn how to setup Vault via the Terraform Vault provider and see what it looks like to make ongoing changes to Vault through Git using Terraform.

HashiCorp Vault is a tool that can store and manage secrets—including tokens, passwords, certificates, etc. On-top of this, Vault needs to be managed, which means there needs to be a person or team responsible for setting up Authentication Methods, Policies, and Secrets Engines.

Even though everything in Vault can be setup manually and through the UI, CLI, or API, this talk will show you how to use Terraform and the infrastructure-as-code mindset to setup all the features of Vault via the Terraform Vault provider. Using the provider, teams can now setup all aspects of Vault through code and let Terraform setup the configuration. This allows teams to have a repeatable infrastructure in case teams need to stand up a replica Vault cluster for testing.

Another benefit of using Terraform and storing this code in version control is that it allows all Vault administrators to have full insight into any changes to Vault. Any change becomes a pull request and gets reviewed by the administrators of Vault.

» What You'll Learn

This demo will go through the full configuration of a Vault cluster using Terraform's Vault provider. You'll get to see what it would look like for an administrator to make a change in Vault through Git with an infrastructure-as-code mindset.

» Demo Repo

You can find the GitHub repository for this demo here

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now