terraform-secure-backend-release

A bosh release to deploy terraform-secure-backend.

Prerequisite

Assumption has been made that you are using BBL with cf-deployment which include a deployed credhub

git clone this repo
include ops-file /manifests/operators/cf/enable-tsb.yml from this repo to your Cloud Foundry deployment
Deploy with manifest in this repo /manifests/tsb.yml

bosh -d terraform-secure-backend deploy manifests/tsb.yml \
    -v director_name=<your bosh director name> \
    -v cf_deployment_name=cf

Retrieve user and password used for backend with credhub (the one in your bosh director): credhub get --name=/<your bosh director name>/terraform-secure-backend/tsb_user
(Optional) You probably want to make terraform-secure-backend available outside of your cf network, simply add ops-file /manifests/operators/enable-cf-route-registrar.yml to your deployment. This will register a tsb.((system_domain)) route to your gorouters.

/manifests/operators/enable-cef.yml: Enable security event in common event format which will be stored at /var/vcap/sys/log/terraform-secure-backend/security_events.log
/manifests/operators/enable-cf-route-registrar.yml: Register tsb.((system_domain)) route to your gorouter (Note: gorouter will talk to it in full tls). Do not forget to set var system_domain when deploying

Name		Name	Last commit message	Last commit date
Latest commit History 40 Commits
.final_builds		.final_builds
config		config
jobs/terraform-secure-backend		jobs/terraform-secure-backend
manifests		manifests
packages/terraform-secure-backend		packages/terraform-secure-backend
releases/terraform-secure-backend		releases/terraform-secure-backend
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md