resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
19,043 Commits 1 Branch 0 Tags 185 MiB
Commit Graph

17 Commits

Author SHA1 Message Date
Paul Stack f383167712 provider/vault: Prevent panic when no secret found (#14435) 
Fixes: #14408

Just a simple guard clause that returns an error if no
secret found
 2017-05-13 01:14:14 +03:00
Conor Mongey eb4aa9ea63 provider/vault: vault_auth_backend resource (#10988) 2017-05-03 22:43:10 +03:00
Martin Atkins b21bb7746a Merge #11776: Optionally allow vault_generic_secret resource to detect drift 2017-04-17 11:14:02 -07:00
Conor Mongey a4d03c9cd1 provider/vault: vault_policy resource (#10980) 
* provider/vault: vault_policy resource

* website: vault_policy resource

* Refresh state when reading vault policy
 2017-02-13 18:53:45 +00:00
Jake Champlin 8618973c5c Merge pull request #11523 from 2uinc/vault-init-fix 
Use vault api.DefaultConfig()
 2017-02-09 15:18:49 -05:00
Gerrit Tamboer 369c810072 Updated documentation 2017-02-08 13:37:37 +01:00
Gerrit Tamboer c7eee62b7b Finished the read implementation for vault generic secret 2017-02-08 13:08:39 +01:00
Gerrit Tamboer 86aea6b094 WIP: VaMaking vault allowed to read values 2017-02-08 11:18:18 +01:00
Jason Felice ab33435863 Fix error message for when home directory not found 2017-02-03 08:52:53 -08:00
Jason Felice 8a7a6c6059 Use go-homedir (as vault does) 2017-02-03 08:52:53 -08:00
Jason Felice bb1756c86a Read ~/.vault-token if token not supplied another way 
Closes #11365
 2017-02-03 08:52:53 -08:00
Jason Felice b5d891b109 Check result of config.ConfigureTLS() 2017-02-03 11:07:03 -05:00
Jason Felice 7da8e9285e Use vault api.DefaultConfig() 
Closes #11364
 2017-02-03 11:04:35 -05:00
Conor Mongey 77c8683281 provider/vault: Remove user input for optional vault provider fields (#11082) 
* Remove the need to input vault optional settings

* Allow TypeList to skip input

* Remove conflicts on vault ca_cert_* fields
 2017-01-17 12:06:55 +00:00
Martin Atkins 25f73dac83 provider/vault: vault_generic_secret data source 2016-10-29 23:16:57 -07:00
Martin Atkins c1d1f902f5 provider/vault: vault_generic_secret resource 
This resource allows writing a generic secret, and indeed anything else
that obeys the expected create/update/delete lifecycle, into vault via
writes to its logical path namespace.
 2016-10-29 23:16:57 -07:00
Martin Atkins b2b5831205 "vault" provider registration 
To reduce the risk of secret exposure via Terraform state and log output,
we default to creating a relatively-short-lived token (20 minutes) such
that Vault can, where possible, automatically revoke any retrieved
secrets shortly after Terraform has finished running.

This has some implications for usage of this provider that will be spelled
out in more detail in the docs that will be added in a later commit, but
the most significant implication is that a plan created by "terraform plan"
that includes secrets leased from Vault must be *applied* before the
lease period expires to ensure that the issued secrets remain valid.

No resources yet. They will follow in subsequent commits.
 2016-10-29 23:16:57 -07:00