I have a usecase where i have to use aws as authentication method for vault using terraform and obtain a token to get secrets.
Currently I have to first login to the vault by providing aws method and role outside the terraform and then use the token in terraform provider.This is very inconvenient as i have to run commands outside of terraform.
Is there any way I can do the whole process in the terraform itself and get the token without having to do it externally first?
Do you mean that you are wanting to setup the Vault provider to use AWS authentication instead of providing a token?
I don’t think there is built in support for AWS authentication specifically, but you might be able to get it working using the auth_login {} block. Which AWS auth method are you using?
However it is probably much simpler to just run the vault command just before Terraform. You could make a little wrapper script to do this.
Thank you for the reply,to answer your question:
yes I want to use vault provider to use AWS authenticaton instead of providing a token.
I am using AWS IAM role to authenticate to vault.
But to use auth_login block I still have to pass the token parameter to the vault provider as it is a required parameter.
My use case makes it impossible to use external script.It would be better If i could use just auth_login block for this.