Add Hashicorp Vault Terraform demo #76
Conversation
There was a problem hiding this comment.
It's so cool to see this work! Thanks for working on it, @bobbyiliev. Left some suggestions, mostly around style and language.
There was a problem hiding this comment.
It's so cool to see this work! Thanks for working on it, @bobbyiliev. Left some suggestions, mostly around style and language.
| Open a new terminal and export the `VAULT_ADDR`: | ||
|
|
||
| ```bash | ||
| export VAULT_ADDR='http://127.0.0.1:8200' |
There was a problem hiding this comment.
I found this a little confusing since VAULT_ADDR is not used anywhere within the Terraform setup. Should we assume they already know how to sue Vault and have a secret?
There was a problem hiding this comment.
This is just to make sure that they create the secret in the locally running vault rather than their production one. The Vault address is defined on line 83.
Open to suggestions if we should remove the Interacting with Vault section cc @morsapaes
There was a problem hiding this comment.
Maybe the guide should assume users have a Vault in place that they want to read secrets from? This could also make it easier to include examples for multiple external stores using different providers in the same "demo".
There was a problem hiding this comment.
If we decide to do that, I can go ahead and close this PR as it is mainly focused on HashiCorp vault and it would be easier to start from scratch and build a more agnostic guide,
There was a problem hiding this comment.
Let's not do that! We can make it agnostic when (or if) we add another example.
There was a problem hiding this comment.
I've put together a list of some of the vaults that we might want to include besides HashiCorp Vault and also have official Terraform providers:
- AWS Secrets Manager: Terraform docs
- Azure Key Vault: Terraform docs
- Google Cloud Secret Manager: Terraform docs
Not sure if we want to include these, but they also have Terraform providers:
- 1Password: Terraform docs
- Akeyless Vault: Terraform docs
It should be straightforward to build such a guide as it will essentially be just a reference to each specific provider docs and on the Materialize side, it is just a single secret resource.
Any other suggestions are also welcome!
| # Create a Postgres Connection | ||
| resource "materialize_connection_postgres" "example_postgres_connection" { | ||
| name = "example_postgres_connection" | ||
| host = "instance.foo000.us-west-1.rds.amazonaws.com" |
There was a problem hiding this comment.
Should these be var as well to note what configurations would be user specific?
There was a problem hiding this comment.
Not sure if this will be useful for this specific example, the user might not have a Postgres instance on hand?
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Co-authored-by: Marta Paes <marta.paes.moreira@gmail.com>
Adding an example demo on how to use the Materialize terraform provider alongside the Vault provider.