The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Terraform Plugin

The Terraform provider allows Terraform to utilize secrets from Akeyless Vault.

Terraform can be used by the Vault administrators to configure Vault and populate it with secrets. In this case, the state and any plans associated with the configuration must be stored and communicated with care, since they will contain in cleartext any values that were written into Vault.

Prerequisites

  1. Set akeyless-vault url in: VAULT_ADDR environment variable:
export VAULT_ADDR=https://hvp.akeyless.io
  1. Now, you'll need to configure the authentication token that would be used by Terraform to fetch secrets from Akeyless Vault
    Set your Akeyless token in ~/.vault-token
    Supported tokens:
  • Permanent token in the following structure: Access-ID+”..”+Access-Key, in example p-jjdbbkbd..njRThf894chsBXnuh
  • Akeyless temporary API token read more here (this is the recommended and the more secure method). For token rotation please read more here.

Configuring Terraform Plugin

Run the following:
a. Make sure you have secret name test, if not run: vault kv put secret/test hello=world
b. mkdir test && cd test
c. Create maint.tf file with this content:

data "vault_generic_secret" "test" {
  path = "secret/test"
}
# For this example, in Vault there is a key named "test" and the value is the token we need to keep secret.
# In general usage, replace "test" with the key you wish to extract from Vault.
output "rendered" {
  value = "${data.vault_generic_secret.test}"
}

d. terraform init
e. terraform apply

Updated 2 months ago

Terraform Plugin


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.