This is a Terraform provider for interacting with Berglas.
Secrets will be stored in plaintext in the Terraform state. You should only use this with provider with Terraform remote state. For more information, please see sensitive state.
-
Download the latest compiled binary from GitHub releases.
-
Unzip/untar the archive.
-
Move it into
$HOME/.terraform.d/plugins:$ mkdir -p $HOME/.terraform.d/plugins $ mv terraform-provider-berglas $HOME/.terraform.d/plugins/terraform-provider-berglas
-
Create your Terraform configurations as normal, and run
terraform init:$ terraform init
This will find the plugin locally.
-
If you haven't already, bootstrap berglas
If using terraform v0.13+ you can create a versions.tf file to pull the plugin during terraform init without installing it locally:
terraform {
required_providers {
berglas = {
source = "sethvargo/berglas"
version = "~> 0.1"
}
}
}-
Create a Terraform configuration file:
resource "berglas_secret" "demo" { bucket = "my-bucket" key = "projects/${var.project_id}/locations/global/keyRings/berglas/cryptoKeys/berglas-key" name = "demo" plaintext = "p@s$w0rd!" }
-
Run
terraform initto pull in the provider:$ terraform init
-
Run
terraform planandterraform apply:$ terraform plan $ terraform apply
For more examples, please see the examples folder in this repository.
See the documentation.