Terraform Provider

The Terraform provider enables Terraform to utilize secrets, roles, authentication methods, and other entities from the Akeyless Vault Platform.

Terraform can be used to configure Akeyless Vault and populate it with secrets. Ensure that the state and any plans associated with the configuration are stored and communicated with care, as they will contain any values written into the Akeyless Vault in plain text.

For more information on the Terraform provider, see the Akeyless GitHub Repository and the Terraform Registry.

Configuration

  1. Install Akeyless as a provider in your Terraform Registry by adding the following code to your Terraform configuration (Terraform V0.13).
terraform {
  required_providers {
    akeyless = {
      version = ">= 1.0.0"
      source  = "akeyless-community/akeyless"
    }
  }
}
  1. Run:
terraform init
  1. Select an Akeyless Authentication Method to use with the Terraform Provider, such as an API Key or Cloud Identity (CSP IAM) like AWS IAM, Azure AD, and so on.

Usage Example

The following example creates an API Key authentication method called auth-method-api-key-demo in the terraform-tests folder, and a static secret called secret in the same folder. It uses AWS IAM for authentication.
Using your own GW should point to your api (port 8081) or 8080/v2

terraform {
  required_providers {
    akeyless = {
      version = ">= 1.0.0"
      source  = "akeyless-community/akeyless"
    }
  }
}


provider "akeyless" {
  api_gateway_address = "https://api.akeyless.io"
  
  aws_iam_login {
    access_id = "YOUR AWS IAM access ID"
  }
}

resource "akeyless_auth_method" "api_key" {
  path = "terraform-tests/auth-method-api-key-demo"
  api_key {
  }

}

resource "akeyless_static_secret" "secret" {
  path = "terraform-tests/secret"
  value = "this value was set from terraform"
}

data "akeyless_secret" "secret" {
  depends_on = [
    akeyless_static_secret.secret
  ]
  path = "terraform-tests/secret"
}

output "secret" {
  value     = data.akeyless_secret.secret
  sensitive = true
}

output "auth_method" {
  value     = akeyless_auth_method.api_key
  sensitive = true
}

To apply this request, run:

terraform apply