aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.terraform/2n_aws_c5n/deploy
diff options
context:
space:
mode:
authorpmikus <pmikus@cisco.com>2021-05-18 13:30:08 +0000
committerPeter Mikus <pmikus@cisco.com>2021-08-09 11:51:31 +0000
commit73440ab332c51eb11405767d320bc496d9ebdbe7 (patch)
tree003e06b7ab75c311009516a9872e77fdb00e47a8 /fdio.infra.terraform/2n_aws_c5n/deploy
parentbbfe9b5ba82a3998687909a833c2646bccbb6aa6 (diff)
Infra: Vault
Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: Ia6e728f98d20144c3771405b32933a77fe15b19b
Diffstat (limited to 'fdio.infra.terraform/2n_aws_c5n/deploy')
-rw-r--r--fdio.infra.terraform/2n_aws_c5n/deploy/main.tf7
-rw-r--r--fdio.infra.terraform/2n_aws_c5n/deploy/providers.tf11
-rw-r--r--fdio.infra.terraform/2n_aws_c5n/deploy/variables.tf4
-rw-r--r--fdio.infra.terraform/2n_aws_c5n/deploy/versions.tf23
4 files changed, 32 insertions, 13 deletions
diff --git a/fdio.infra.terraform/2n_aws_c5n/deploy/main.tf b/fdio.infra.terraform/2n_aws_c5n/deploy/main.tf
index b9d6f188bb..95464fa177 100644
--- a/fdio.infra.terraform/2n_aws_c5n/deploy/main.tf
+++ b/fdio.infra.terraform/2n_aws_c5n/deploy/main.tf
@@ -1,11 +1,12 @@
-provider "aws" {
- region = var.region
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault-name}-path"
+ role = "${var.vault-name}-role"
}
resource "aws_vpc" "CSITVPC" {
cidr_block = var.vpc_cidr_mgmt
- tags = {
+ tags = {
"Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
"Environment" = var.environment_name
}
diff --git a/fdio.infra.terraform/2n_aws_c5n/deploy/providers.tf b/fdio.infra.terraform/2n_aws_c5n/deploy/providers.tf
new file mode 100644
index 0000000000..a74ebb2455
--- /dev/null
+++ b/fdio.infra.terraform/2n_aws_c5n/deploy/providers.tf
@@ -0,0 +1,11 @@
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = "http://10.30.51.28:8200"
+ skip_tls_verify = true
+ token = "s.4z5PsufFwV3sHbCzK9Y2Cojd"
+} \ No newline at end of file
diff --git a/fdio.infra.terraform/2n_aws_c5n/deploy/variables.tf b/fdio.infra.terraform/2n_aws_c5n/deploy/variables.tf
index ca974709cd..429c5040de 100644
--- a/fdio.infra.terraform/2n_aws_c5n/deploy/variables.tf
+++ b/fdio.infra.terraform/2n_aws_c5n/deploy/variables.tf
@@ -3,6 +3,10 @@ variable "region" {
type = string
}
+variable "vault-name" {
+ default = "dynamic-aws-creds-vault-admin"
+}
+
variable "ami_image" {
description = "AWS AMI image name"
type = string
diff --git a/fdio.infra.terraform/2n_aws_c5n/deploy/versions.tf b/fdio.infra.terraform/2n_aws_c5n/deploy/versions.tf
index 8017bb9dc3..05fa5502b5 100644
--- a/fdio.infra.terraform/2n_aws_c5n/deploy/versions.tf
+++ b/fdio.infra.terraform/2n_aws_c5n/deploy/versions.tf
@@ -1,17 +1,20 @@
terraform {
required_providers {
- aws = {
- source = "hashicorp/aws"
- version = "~> 3.32.0"
+ aws = {
+ source = "hashicorp/aws"
+ version = "~> 3.32.0"
}
- null = {
- source = "hashicorp/null"
- version = "~> 3.0.0"
+ null = {
+ source = "hashicorp/null"
+ version = "~> 3.0.0"
}
- tls = {
- source = "hashicorp/tls"
- version = "~> 3.0.0"
+ tls = {
+ source = "hashicorp/tls"
+ version = "~> 3.0.0"
+ }
+ vault = {
+ version = ">=2.22.1"
}
}
- required_version = ">= 0.13"
+ required_version = ">= 1.0.3"
}