[go: nahoru, domu]
Skip to content
/ terraform-hcp-vault-aws-tgw Public

Module used to provision HCP Vault on AWS using Transit Gateway

9 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

btkrausen/terraform-hcp-vault-aws-tgw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
examples
examples
 
 
images
images
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
hcp_vault.tf
hcp_vault.tf
 
 
hvn.tf
hvn.tf
 
 
providers.tf
providers.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

vault

hcp-vault-aws-tgw-module

This module is designed to provision a HashiCorp Virtual Network as well as a new HCP Vault cluster. Connectivity from the HCP environment is done using a Transit Gateway.

Since most organizations already have an established network strategy, or the network stack is defined in another Terraform configuration, this module assumes the following:

  • The VPC in the targeted account (Network account) already exists
  • The Transit Gateway in the targeted account (Network account) already exists
  • A private route table exists for the VPC in the targeted account

An example .tfvars file is included to configure values of required variables.


Vault

Requirements

Name Version
hcp 0.41.0

Providers

Name Version
aws n/a
hcp 0.41.0

Modules

No modules.

Resources

Name Type
aws_ec2_transit_gateway_vpc_attachment_accepter.hcp_vault_accepter resource
aws_ram_principal_association.hcp_vault_principal resource
aws_ram_resource_association.hcp-vault resource
aws_ram_resource_share.tgw_share resource
aws_route.hcp_route resource
hcp_aws_transit_gateway_attachment.hcp-vault_tgw_attachement resource
hcp_hvn.primary resource
hcp_hvn_route.route resource
hcp_vault_cluster.hcp-cluster resource
aws_ec2_transit_gateway.centralized_tgw data source
aws_vpc.primary_vpc data source

Inputs

Name Description Type Default Required
aws_cloud_region AWS Cloud Region that HCP Vault will be connected to string "us-east-1" no
client_id Client ID for HCP Organization string n/a yes
client_secret Client Secret for HCP Organization string n/a yes
cluster_id The ID of the Vault cluster string "primary-vault-cluster" no
hvn_cidr The CIDR block for HashiCorp Virtual Network string "172.31.0.0/16" no
hvn_id Name/ID of the HVN Network - displays in the UI string n/a yes
public_vault Should this Vault cluster have a public endpoint? bool false no
route_table_id The private route table in the network/transit account to route data to the HVN for Vault requests string n/a yes
tgw_id The ID of the existing TGW in your AWS network/transit account string n/a yes
vault_tier Tier of the HCP Vault cluster. Valid options for tiers - dev, starter_small, standard_small, standard_medium, standard_large, plus_small, plus_medium, plus_large string n/a yes
vpc_id VPC ID of an existing VPC in the Network (Transit) account string n/a yes

Outputs

No outputs.

About

Module used to provision HCP Vault on AWS using Transit Gateway

Resources

Readme
Activity

Stars

9 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages