Skip to content

Latest commit

 

History

History

secrets

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
data.tf
data.tf
 
 
outputs.tf
outputs.tf
 
 
tfdocs.md
tfdocs.md
 
 
variables.tf
variables.tf
 
 

README.md

AKS Secrets

Terraform code for extracting secrets from Azure Key Vaults.

Usage

module "infrastructure_secrets" {
  source = "git::https://github.com/DFE-Digital/terraform-modules.git//aks/secrets?ref=stable"

  azure_resource_prefix = "s189t01"
  service_short         = "afqts"
  config_short          = "dv"
  key_vault_short       = "inf"  # infrastructure
}
provider "statuscake" {
  api_token = module.infrastructure_secrets.map.STATUSCAKE_API_TOKEN
}

Key vault name

The name of the key vault is generated by joining the input variables by a dash, in the example above the name will be: s189t01-afqts-dv-inf-kv.

key_vault_short can be set to null (which is the default), in which case you would have: s189t01-afqts-dv-kv.

It’s recommended that complex services should have two key vaults, one for application secrets (app) and one for infrastructure secrets (inf).

Outputs

map

The map of secrets extracted from the Azure Key Vault.