Hi,
I’m trying to upload some secrets using vault_generic_secret
as follows:
resource "vault_generic_secret" "cloudflared_secrets" {
depends_on = [
vault_mount.cloudflared_secrets
]
path = "network/cloudflared/tunnel_001"
data_json = <<EOT
{
"account_tag": "${local.account_tag}",
"tunnel_secret": "${local.tunnel_secret}",
"tunnel_id": "${local.tunnel_id}"
}
EOT
}
And these are the variables:
locals {
account_tag = file("${path.module}/../shared/router/secrets/cfd_account_tag")
tunnel_secret = file("${path.module}/../shared/router/secrets/cfd_tunnel_secret")
tunnel_id = file("${path.module}/../shared/router/secrets/cfd_tunnel_id")
}
Each of these files contain one string with an usual newline at the end (just like you save the file using vim).
When I run this, I get the following error:
╷
│ Error: invalid character '\n' in string literal
│
│ with vault_generic_secret.cloudflared_secrets,
│ on main.tf line 250, in resource "vault_generic_secret" "cloudflared_secrets":
│ 250: data_json = <<EOT
│ 251: {
│ 252: "account_tag": "${local.account_tag}",
│ 253: "tunnel_secret": "${local.tunnel_secret}",
│ 254: "tunnel_id": "${local.tunnel_id}"
│ 255: }
│ 256: EOT
│
╵
I’m guessing json doesn’t like it that it gets newlines in the variable values.
Any way I could get around this?
I’ve also tried encoding all values with base64encode
:
data_json = <<EOT
{
"account_tag": base64encode(local.account_tag),
"tunnel_secret": base64encode(local.tunnel_secret),
"tunnel_id": base64encode(local.tunnel_id),
"cfd_privkey": base64encode(local.cfd_privkey),
"cfd_cert": base64encode(local.cfd_cert),
"cfd_token": base64encode(local.cfd_token),
}
EOT
}
but then I get:
╷
│ Error: invalid character 'b' looking for beginning of value
│
│ with vault_generic_secret.cloudflared_secrets,
│ on main.tf line 250, in resource "vault_generic_secret" "cloudflared_secrets":
│ 250: data_json = <<EOT
I might need to approach this differently.