publicWagsHome
/
modules
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
optionality
coder-monitoring
atif/multi-gateway
cj/github-inaction
atif/jetbrains-multi-ides
atif/support-kasm-images
atif/qol-improvments
module-glitch-repro
mes/rdp-glitch-repro
web-rdp-cloud-fixes
slackme/exitcode
v1.0.29-1
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.0
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.17
v1.0.18
v1.0.19
v1.0.20
v1.0.21
v1.0.22
v1.0.23
v1.0.24
v1.0.25
v1.0.26
v1.0.27
v1.0.28
v1.0.29
v1.0.8
v1.0.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3878e66700'
${ noResults }
modules/vault-github
History
Muhammad Atif Ali c1800b7a85
Add Hashicorp Vault Integration (GitHub) (#105) 
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 		1 year ago
..
README.md Add Hashicorp Vault Integration (GitHub) (#105) 1 year ago
main.tf Add Hashicorp Vault Integration (GitHub) (#105) 1 year ago
run.sh Add Hashicorp Vault Integration (GitHub) (#105) 1 year ago

README.md

display_name description icon maintainer_github verified tags
Hashicorp Vault Integration (GitHub) Authenticates with Vault using GitHub ../.icons/vault.svg coder true
helper
integration
vault
github

Hashicorp Vault Integration (GitHub)

This module lets you authenticate with Hashicorp Vault in your Coder workspaces using external auth for GitHub.

module "vault" {
    source     = "https://registry.coder.com/modules/vault-github"
    agent_id   = coder_agent.example.id
    vault_addr = "https://vault.example.com"
}

# A workaround until we have https://github.com/coder/terraform-provider-coder/issues/170
resource "coder_agent" "example" {
    ...
    env = {
        VAULT_ADDR = "https://vault.example.com"
    }
    ...
}

Then you can use the Vault CLI in your workspaces to fetch secrets from Vault:

vault kv get -mount=secret my-secret

or using the Vault API:

curl -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET "${VAULT_ADDR}/v1/secret/data/my-secret"

Vault login

Configuration

To configure the Vault module, you must set up a Vault GitHub auth method. See the Vault documentation for more information.

Examples

Configure Vault integration with a different Coder GitHub external auth ID (i.e., not the default github)

module "vault" {
    source               = "https://registry.coder.com/modules/vault"
    agent_id             = coder_agent.example.id
    vault_addr           = "https://vault.example.com"
    coder_github_auth_id = "my-github-auth-id"
}

Configure Vault integration with a different Coder GitHub external auth ID and a different Vault GitHub auth path

module "vault" {
    source                 = "https://registry.coder.com/modules/vault"
    agent_id               = coder_agent.example.id
    vault_addr             = "https://vault.example.com"
    coder_github_auth_id   = "my-github-auth-id"
    vault_github_auth_path = "my-github-auth-path"
}

Configure Vault integration and install a specific version of the Vault CLI

module "vault" {
    source            = "https://registry.coder.com/modules/vault"
    agent_id          = coder_agent.example.id
    vault_addr        = "https://vault.example.com"
    vault_cli_version = "1.15.0"
}