Manage boundary credential store with terraform

NegativeFeedback · May 26, 2022, 4:42pm

I am using the terraform provider to manage my credential store. I have been using vault to store the token for this, I have the token set to renewable but have not wrapped my head around why it still disappears at some point but when I attempt to re apply with a new valid token by replacing the one in vault the terraform provider complains about a duplicate resource. I have attempted to use replace but still fails. Am I do this wrong?

resource "boundary_credential_store_vault" "vault" {
  name        = "Vault"
  description = "Main Cred store from vault"
  address     = "https://active.vault.service.consul:8200"
  token       = data.vault_generic_secret.boundary_credstore_main.data["token"]
  scope_id    = boundary_scope.core_infra.id
}

terraform apply -replace=“boundary_credential_store_vault.vault[0]”

louisruch · June 16, 2022, 6:59pm

@NegativeFeedback thanks for reporting your issue. There should be a periodic job that renews your token, as long as the controller is up and running this job should keep the token alive. Can you confirm you controller is always up during the period the token begins to fail? If so we can dig into the job_run database and validate it is running as expected.

Re the duplicate resource, each Vault Credential store requires a unique token, if you get the duplicate resource error then token you are updating the store with is already being used?

Topic		Replies	Views
Boundary credential store token Boundary vault	8	1048	January 24, 2023
Error when trying to use Vault as a credential store in Boundary Boundary vault , boundary	1	436	August 15, 2023
Scope of credential store since version 0.10.x Boundary	2	286	November 3, 2022
Boundary Terraform Provider Boundary	4	206	February 21, 2024
Terraform Vault -> "vault_token" Vault	3	359	January 16, 2023

Manage boundary credential store with terraform

Related topics