unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
A repository to manage the configuration of Vault secret engines, authentication modes and policies.
103 Commits 1 Branch 0 Tags 372 KiB
HCL 99.2%
Makefile 0.8%
5536869a38
Go to file
Ben Vincent 5536869a38 feat: implement consul ACL management with provider aliases 
This commit message captures the major architectural change of implementing Consul ACL management
with proper provider aliasing, along with the supporting configuration files and policy definitions
for various terraform services.

- add consul_acl_management module to manage consul acl policies and roles
- add consul backend roles and policies for terraform services (incus, k8s, nomad, repoflow, vault)
- add consul provider configuration to root.hcl
- add policies to generate credentials for each role
- simplify consul_secret_backend_role module to reference acl-managed roles
- switch to opentofu for provider foreach support
- update terragrunt configuration to support consul backend aliases
- update pre-commit hooks to use opentofu instead of terraform
- configure tflint exceptions for consul acl management module
2026-02-14 18:13:50 +11:00
config feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
environments feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
modules/vault_cluster feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
policies feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
resources feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
.gitignore feat: major restructuring in migration to terragrunt 2026-01-26 23:02:44 +11:00
.pre-commit-config.yaml feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
LICENSE Initial commit 2024-09-09 22:57:00 +10:00
Makefile feat: implement consul ACL management with provider aliases 2026-02-14 18:13:50 +11:00
README.md feat: import current status 2024-09-23 22:01:18 +10:00

README.md

terraform-vault

A repository to manage the configuration of Vault secret engines, authentication modes and policies.

Usage

  1. Initialize Terraform

Once you have your backend block configured, you need to initialize your Terraform working directory to configure the backend:

terraform init

This command initializes the backend and checks the connection to Consul. If everything is set up correctly, Terraform will start using Consul as its backend for storing the state.

  1. Common terraform init Errors

If you encounter errors while running terraform init, check the following:

Consul server is reachable: Make sure that the address is correct and that you can connect to the Consul server.
Consul token (if using ACLs): Verify that the token has the correct permissions to write to the specified path in the Consul KV store.
  1. Example Consul KV Structure

In Consul, the state file will be stored in the KV store under the specified path:

terraform/state

You can check the Consul KV store by accessing the Consul UI or using the consul kv command to see the stored Terraform state:

consul kv get terraform/state