4e0963966d
- **docs: improve admonition for need to add useHttpPath** - **docs: fix list item nesting** - **docs: fix list item nesting** - **docs: improve admonition for authentication** - **docs: tidy and update vault guide** - **docs: improve admonitions** - **docs: improve admonitions** - **docs: content edits, reference links to make copy easier to read** previews: - <https://coder.com/docs/@fix-guides-list-numbers/admin/external-auth> - <https://coder.com/docs/@fix-guides-list-numbers/admin/integrations/island> --------- Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com> Co-authored-by: EdwardAngert <EdwardAngert@users.noreply.github.com>
1.7 KiB
Integrating HashiCorp Vault with Coder
August 05, 2024
This guide describes the process of integrating HashiCorp Vault into Coder workspaces.
Coder makes it easy to integrate HashiCorp Vault with your workspaces by providing official Terraform modules to integrate Vault with Coder. This guide will show you how to use these modules to integrate HashiCorp Vault with Coder.
The vault-github module
The vault-github module is a Terraform module that allows you to
authenticate with Vault using a GitHub token. This module uses the existing
GitHub external authentication to get the token and authenticate with Vault.
To use this module, add the following code to your Terraform configuration.
module "vault" {
source = "registry.coder.com/modules/vault-github/coder"
version = "1.0.7"
agent_id = coder_agent.example.id
vault_addr = "https://vault.example.com"
coder_github_auth_id = "my-github-auth-id"
}
This module installs and authenticates the vault CLI in your Coder workspace.
Users then can use the vault CLI to interact with Vault; for example, to fetch
a secret stored in the KV backend.
vault kv get -namespace=YOUR_NAMESPACE -mount=MOUNT_NAME SECRET_NAME