Skip to content

Terraform code to deploy Hashicorp Vault in an Azure Container Instance - for testing purposes

License

Notifications You must be signed in to change notification settings

nfrappart/lab-vault-on-aci

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

lab-vault-on-aci

Terraform code to deploy Hashicorp Vault in an Azure Container Instance - for testing purposes This project was made possible thanks to Ned Bellavence who made somthing similar. The intent here was to do everthing out of terraform, whereas Ned elegantly generate azcli commands with terraform outputs.

This project will deploy the folowing resources:

  • azure keyvault
  • azure storage account (with 3 file shares)
  • azure Container Instance (with hachicorp vault image from dockerhub)

Vault will deploy with:

  • self signed certificate
  • keyvault auto unseal

Terraform will generate the following outputs, to copy-paste in your terminal so you can interact with your vault instance:

  • To-Configure-Vault-Address = "export VAULT_ADDR=https://<your_intance_name>.westeurope.azurecontainer.io:8200"
  • To-Ignore-SelfSigned-Certs = "export VAULT_SKIP_VERIFY=true"
  • To-Initialize-Vault = "vault operator init -recovery-shares=1 -recovery-threshold=1"

If you plan to test for a long period, the Container Instance is setup with persistent volumes in the storage account. If you want to avoid paying for compute resources, you can destroy the Container Group only with the command:

terraform destroy -target=azurerm_container_group.vault-aci

About

Terraform code to deploy Hashicorp Vault in an Azure Container Instance - for testing purposes

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages