From c827daab6c560ef779e18724f4e6f67199fcf11f Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 8 Feb 2026 15:55:30 +1100 Subject: [PATCH] feat: add consul backend - add consul backend --- config/config.hcl | 4 ++-- config/consul_secret_backend/consul_root/au/syd1.yaml | 6 ++++++ modules/vault_cluster/modules/consul_secret_backend/main.tf | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 config/consul_secret_backend/consul_root/au/syd1.yaml diff --git a/config/config.hcl b/config/config.hcl index 405d97e..e165912 100644 --- a/config/config.hcl +++ b/config/config.hcl @@ -169,7 +169,7 @@ locals { } consul_secret_backend = { for file_path, content in local.all_configs : - trimsuffix(basename(file_path), ".yaml") => content + trimsuffix(replace(file_path, "consul_secret_backend/", ""), ".yaml") => content if startswith(file_path, "consul_secret_backend/") } consul_secret_backend_role = { @@ -186,4 +186,4 @@ locals { if startswith(file_path, "pki_mount_only/") } } -} \ No newline at end of file +} diff --git a/config/consul_secret_backend/consul_root/au/syd1.yaml b/config/consul_secret_backend/consul_root/au/syd1.yaml new file mode 100644 index 0000000..73f7f17 --- /dev/null +++ b/config/consul_secret_backend/consul_root/au/syd1.yaml @@ -0,0 +1,6 @@ +description: "consul secret engine for au-syd1 cluster" +default_lease_ttl_seconds: 600 +max_lease_ttl_seconds: 86400 +address: "consul.service.au-syd1.consul" +scheme: https +bootstrap: false diff --git a/modules/vault_cluster/modules/consul_secret_backend/main.tf b/modules/vault_cluster/modules/consul_secret_backend/main.tf index a80253a..2bd0a1f 100644 --- a/modules/vault_cluster/modules/consul_secret_backend/main.tf +++ b/modules/vault_cluster/modules/consul_secret_backend/main.tf @@ -18,4 +18,4 @@ resource "vault_consul_secret_backend" "consul" { client_key = var.client_key default_lease_ttl_seconds = var.default_lease_ttl_seconds max_lease_ttl_seconds = var.max_lease_ttl_seconds -} \ No newline at end of file +}