Read GCP credentials from Vault in Terraform?
Question
Instead of having the GCP credentials somewhere locally, we decided to use Vault to manage them.
The below code is supposed to do the magic. However, when running terraform plan I always receive an error:
Error: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
The code we are using is below:
# Requires env variables VAULT_ADDR and VAULT_TOKEN set.
provider "vault" {
token_name = "terraform"
}
data "vault_generic_secret" "gcp_credentials" {
path = "kv/terraform/gcp/credentials"
}
provider "google-beta" {
credentials = data.vault_generic_secret.gcp_credentials.data_json
project = "mip-ppr"
}
1 answers
solution1
0 ACCPTED 2020-06-26 12:32:21
It turns out I also need to create a normal google provider.
Adding this solved my problem:
provider "google" {
credentials = data.vault_generic_secret.gcp_credentials.data_json
project = "mip-ppr"
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Decrypt gcp credentials in terraform?
Handling Openstack provider credentials in Terraform without vault
How to read a secret from GCP secret manager in terraform
Permisson error creating project with GCP token, terraform and vault
Movement from AWS to GCP with terraform
Terraform Populate secrets from central key vault
Health check for GCP Load balancer (from terraform)
How to enable bigtable api (read) on a GCP VM instance using terraform
Provider Configuration for vault in terraform
Terraform Script Copy Certificate from datasource Key Vault to new Key Vault
Related Tags