Hi there. I’ve been looking around for a little while now and I’m very surprised to not see any existing solution for managing Vault’s configuration in a efficient/declarative way aside from the Terraform provider. Specifically when using GitOps.
In our case, we have a pretty standard way of managing our kubernetes cluster via GitOps using ArgoCD, and we’re deployment Vault using the Helm chart as part of that setup. AFAICT, there doesn’t seem to be any elegant solution to handle the synchronisation of resources like policies, roles, etc… as part of that setup.
I would have expected the ability to load HCL configs from configmaps at bootstrap, or ideally an operator with Vault CRDs, or anything along those lines.
Am I missing something blatantly obvious? Or is there really no other way but to go through manual configuration and synchronisation of config and resources after bootstrap?