Default example for vault_generic_secret seems to fail.

[mgust]

Hi,

I was struggling to go through the default example for using a vault_generic_secret at https://www.terraform.io/docs/providers/vault/d/generic_secret.html

In particular, I was trying to write:

provider "vault" {
  address = var.vault_address
}

data "vault_generic_secret" "pagerduty_auth" {
  path = "secret/observability/${var.environment}/pagerduty"
}

provider "pagerduty" {
  token = data.vault_generic_secret.pagerduty_auth["token"]
}

This sadly resulted in errors:

Error: Unexpected resource instance key

  on _provider.tf line 10, in provider "pagerduty":
  10:  token = data.vault_generic_secret.pagerduty_auth["token"]

Because data.vault_generic_secret.pagerduty_auth does not have "count" or
"for_each" set, references to it must not include an index key. Remove the
bracketed index to refer to the single instance of this resource.

Working around it, I managed to get it to work using the following code:

provider "vault" {
  address = var.vault_address
}

data "vault_generic_secret" "pagerduty_auth" {
  path = "secret/observability/${var.environment}/pagerduty"
}

provider "pagerduty" {
  token = lookup(data.vault_generic_secret.pagerduty_auth,"data")["token"]
}

Terraform Version

Terraform v0.12.20

Affected Resource(s)

• vault_generic_secret

Terraform Configuration Files

As per above

Debug Output

Panic Output

No panic

Expected Behavior

The Pagerduty provider should have received the token from Vault

Actual Behavior

Terraform threw an error

Steps to Reproduce

terraform plan

Important Factoids

Terraform was invoked using terragrunt (terragrunt version v0.21.11). Vault version v1.3.0

References

[jeffzoch]

You are missing a "data" there.

provider "pagerduty" {
  token = data.vault_generic_secret.pagerduty_auth["token"]
}

should be

provider "pagerduty" {
  token = data.vault_generic_secret.pagerduty_auth.data["token"]
}

i believe