Consul TF Provider - Using ca_pem from Vault as variable

mlindes · December 14, 2020, 11:23pm

I’m trying to use the consul terraform provider to write a consul config entry.
I’m setting the provider with:

provider "consul" {
  datacenter = var.west_region
  address    = var.consul_address
  token      = var.consul_token
  ca_pem = var.consul_ca_pem

The variables are pulled from Vault & set as TF_VAR_consul_...environment variables before performaing a terraform plan. But the ca_pem variable doesn’t parse. tf plan returns
Error: Failed to create http client: Error appending CA: Couldn't parse PEM

Should it be possible to do this?

If I write the CA to a file, I can use the provider with ca_file = <path-to-file> rather than ca_pem, but I’d rather keep it as a variable. What am I missing about using ca_pem ?

Topic		Replies	Views
Variable Use in the Terraform Consul Backend Terraform vault	2	426	August 19, 2022
Consul Deployment Guide Questions Consul	7	574	November 21, 2020
Terraform template conditional Terraform	4	6289	November 14, 2022
Issues using Vault 0.10.4 and Consul 1.8 Consul vault , consul-vault	15	1694	August 11, 2020
Pass complex variable into module with consul_key_prefix.shared_config Terraform Providers	2	634	January 25, 2022

Consul TF Provider - Using ca_pem from Vault as variable

Related topics