search

hashicorp / terraform-provider-chef

Terraform Chef provider
https://www.terraform.io/docs/providers/chef/
Mozilla Public License 2.0
12 stars 34 forks source link

Feature request: Chef Vault resources #38

Open joerg opened 4 years ago

joerg commented 4 years ago

Hi,

It would be great to have resources for chef vaults in Terraform. Our current use case is that we have all configuration, including secrets, in Chef Vault but for ECS we need certain passwords etc. in AWS Secrets Manager. Of course we don't want do duplicate the secrets and we also need to keep them in sync when passwords/keys are rotated.

Terraform Configuration Files

A possible terraform code could look like this


data "chef_vault" "prod_environment" {
  "vault" = "secrets"
  "item" = "production"
}

resource "aws_secretsmanager_secret_version" "example" {
  secret_id     = aws_secretsmanager_secret.example.id
  secret_string = data.chef_vault.prod_environment.json["database"]["password"]
}