As we have already seen in Chapter 2, Provisioning Cloud Infrastructure with Terraform, it is very important to protect the infrastructure configuration information that we write in Terraform code. One way to protect this sensitive data is to store it in a secret manager such as Vault and recover it directly with Terraform dynamically.
Here is an example of Terraform code that allows you to retrieve the password of a VM that you want to provision from Vault. This example of Terraform code is composed of three blocks, which are as follows:
- First, we use the Vault provider for configuring the Vault URL:
provider "vault" { address = "http://127.0.0.1:8200" #Local Vault Url}
The Vault provider is configured ...