Back to Modules
Hashicorp Vault Integration (GitHub)
Configure Vault integration with a different Coder GitHub external auth ID (i.e., not the default
Hashicorp Vault Integration (GitHub)448 InstallsTests Passed: 2 months ago
448 Installs
Tests Passed: 2 months ago
Authenticates with Vault using GitHub
README
Variables (5)
Scripts (1)
Source
This module lets you authenticate with Hashicorp Vault in your Coder workspaces using external auth for GitHub.
1module "vault" { 2 source = "registry.coder.com/modules/vault-github/coder" 3 version = "1.0.7" 4 agent_id = coder_agent.example.id 5 vault_addr = "https://vault.example.com" 6}
Then you can use the Vault CLI in your workspaces to fetch secrets from Vault:
1vault kv get -namespace=coder -mount=secrets coder
or using the Vault API:
1curl -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET "${VAULT_ADDR}/v1/coder/secrets/data/coder"
Configuration
To configure the Vault module, you must set up a Vault GitHub auth method. See the Vault documentation for more information.
Examples
Configure Vault integration with a different Coder GitHub external auth ID (i.e., not the default github)
1module "vault" { 2 source = "registry.coder.com/modules/vault-github/coder" 3 version = "1.0.7" 4 agent_id = coder_agent.example.id 5 vault_addr = "https://vault.example.com" 6 coder_github_auth_id = "my-github-auth-id" 7}
Configure Vault integration with a different Coder GitHub external auth ID and a different Vault GitHub auth path
1module "vault" { 2 source = "registry.coder.com/modules/vault-github/coder" 3 version = "1.0.7" 4 agent_id = coder_agent.example.id 5 vault_addr = "https://vault.example.com" 6 coder_github_auth_id = "my-github-auth-id" 7 vault_github_auth_path = "my-github-auth-path" 8}
Configure Vault integration and install a specific version of the Vault CLI
1module "vault" { 2 source = "registry.coder.com/modules/vault-github/coder" 3 version = "1.0.7" 4 agent_id = coder_agent.example.id 5 vault_addr = "https://vault.example.com" 6 vault_cli_version = "1.15.0" 7}