TemplatesModules
Publish|CompanyInstall Coder
Back to Modules
HCP Vault Secrets Icon

HCP Vault Secrets
27 Installs
Tests Passed: 3 months ago

By:
Coder Coder
 and
Fetch secrets from HCP Vault
README
Variables (6)
Source

This module lets you fetch all or selective secrets from a HCP Vault Secrets app into your Coder workspaces. It makes use of the hcp_vault_secrets_app data source from the HCP provider.

1module "vault" {
2  source     = "registry.coder.com/modules/hcp-vault-secrets/coder"
3  version    = "1.0.7"
4  agent_id   = coder_agent.example.id
5  app_name   = "demo-app"
6  project_id = "aaa-bbb-ccc"
7}

Configuration

To configure the HCP Vault Secrets module, follow these steps,

  1. Create secrets in HCP Vault Secrets
  2. Create an HCP Service Principal from the HCP Vault Secrets app in the HCP console. This will give you the HCP_CLIENT_ID and HCP_CLIENT_SECRET that you need to authenticate with HCP Vault Secrets. HCP vault secrets credentials
  3. Set HCP_CLIENT_ID and HCP_CLIENT_SECRET variables on the coder provisioner (recommended) or supply them as input to the module.
  4. Set the project_id. This is the ID of the project where the HCP Vault Secrets app is running.

See the HCP Vault Secrets documentation for more information.

Fetch All Secrets

To fetch all secrets from the HCP Vault Secrets app, skip the secrets input.

1module "vault" {
2  source     = "registry.coder.com/modules/hcp-vault-secrets/coder"
3  version    = "1.0.7"
4  agent_id   = coder_agent.example.id
5  app_name   = "demo-app"
6  project_id = "aaa-bbb-ccc"
7}

Fetch Selective Secrets

To fetch selective secrets from the HCP Vault Secrets app, set the secrets input.

1module "vault" {
2  source     = "registry.coder.com/modules/hcp-vault-secrets/coder"
3  version    = "1.0.7"
4  agent_id   = coder_agent.example.id
5  app_name   = "demo-app"
6  project_id = "aaa-bbb-ccc"
7  secrets    = ["MY_SECRET_1", "MY_SECRET_2"]
8}

Set Client ID and Client Secret as Inputs

Set client_id and client_secret as module inputs.

1module "vault" {
2  source        = "registry.coder.com/modules/hcp-vault-secrets/coder"
3  version       = "1.0.7"
4  agent_id      = coder_agent.example.id
5  app_name      = "demo-app"
6  project_id    = "aaa-bbb-ccc"
7  client_id     = "HCP_CLIENT_ID"
8  client_secret = "HCP_CLIENT_SECRET"
9}