Terraform Provider

The Terraform provider enables Terraform to utilize secrets, roles, authentication methods, and other entities from the Akeyless Platform.

Terraform can be used to configure Akeyless and populate it with secrets, as well as ensure that the state and any plans associated with the configuration are stored and communicated with care, as they will contain any values written into Akeyless in plain text.

For more information on the Terraform provider, see the Akeyless GitHub Repository and the Terraform Registry.

Configuration

  1. Install Akeyless as a provider in your Terraform Registry by adding the following code to your Terraform configuration (Terraform V0.13).
terraform {
  required_providers {
    akeyless = {
      source = "akeyless-community/akeyless"
      version = "1.3.1"
    }
  }
}
  1. Run:
terraform init
  1. Select an Akeyless Authentication Method to use with the Terraform Provider, such as an API Key or Cloud Identity (CSP IAM) like AWS IAM, Azure AD.

Usage Example

The following example creates an API Key authentication method called auth-method-api-key-demo in the terraform-tests folder, and a static secret called secret in the same folder. It uses AWS IAM for authentication.

To use your own Gateway point the api_gateway_addressto your Gateway API port i.e.8081 or 8000/api/v2:

provider "akeyless" {
  api_gateway_address = "https://api.akeyless.io"
  
  aws_iam_login {
    access_id = "YOUR AWS IAM access ID"
  }
}

resource "akeyless_auth_method_api_key" "api_key" {
  name = "/terraform-tests/auth-method-api-key-demo"
}

resource "akeyless_static_secret" "secret" {
  path = "/terraform-tests/secret"
  value = "this value was set from terraform"
}

data "akeyless_secret" "secret" {
  depends_on = [
    akeyless_static_secret.secret
  ]
  path = "/terraform-tests/secret"
}

output "secret" {
  value     = data.akeyless_secret.secret
  sensitive = true
}

output "auth_method" {
  value     = akeyless_auth_method_api_key.api_key
  sensitive = true
}

To apply this request, run:

terraform apply

Resources can be imported from Akeyless, for example, import a static secret:

terraform import akeyless_static_secret.resorce-name /full-secret-name-in-akeyless