Hashicorp Vault

I am using the hashicorp vault to generate the Dynamic secret key and access key for aws and using terraform to create resources.

Now I am facing an issue that I want AWS CLI configured with the generated (Short lived keys) automatically.

Required for EKS setup

AWS CLI( Credentials file) …should have the vaults generated keys.

You could possibly use envconsul to query Vault for new credentials and set them as environment variables.

Or you can run the vault read -format=json aws/creds/<role> command and then parse through the output using jq to grab the username and password.

Just a few suggestions here.

1 Like