vault
hashicorp/vault/google
A Terraform Module for how to run Vault on Google Cloud using Terraform and Packer
 !Terraform Version Vault for Google Cloud Platform (GCP) This repo contains a Terraform Module for how to deploy a Vault cluster on GCP using Terraform. Vault is an open source tool for managing secrets. This Module uses GCS as a storage backend and a Consul server cluster as a high availability backend: !Vault architecture This Module includes the following submodules: install-vault: This module can be used to install Vault. It can be used in a Packer template to create a Vault Google Image. run-vault: This module can be used to configure and run Vault. It can be used in a Startup Script to fire up Vault while the server is booting. install-nginx: This module can be used to install Nginx. It can be used in a Packer te
| Name | Type | Description | Default |
|---|---|---|---|
| vault_source_image | string | The Google Image used to launch each node in the Vault Server cluster. You can b | |
| image_project_id | string | The name of the GCP Project where the image is located. Useful when using a sepa | |
| gcp_project_id | string | The name of the GCP Project where all resources will be launched. | |
| gcp_region | string | The region in which all GCP resources will be launched. | |
| vault_cluster_name | string | The name of the Vault Server cluster. All resources will be namespaced by this v | |
| network_project_id | string | The name of the GCP Project where the network is located. Useful when using netw | |
| consul_server_cluster_name | string | The name of the Consul Server cluster. All resources will be namespaced by this | |
| consul_server_source_image | string | The Google Image used to launch each node in the Consul Server cluster. You can | |
| consul_server_machine_type | string | The machine type of the Compute Instance to run for each node in the Consul Serv | "g1-small" |
| consul_server_cluster_size | number | The number of nodes to have in the Consul Server cluster. We strongly recommende | 3 |
| root_volume_disk_size_gb | number | The size, in GB, of the root disk volume on each Consul node. | 30 |
| enable_vault_ui | bool | If true, enable the Vault UI | true |
| gcs_bucket_force_destroy | bool | If true, Terraform will delete the Google Cloud Storage Bucket even if it's non- | true |
| vault_cluster_size | number | The number of nodes to have in the Vault Server cluster. We strongly recommended | 3 |
| web_proxy_port | number | The port at which the HTTP proxy server will listen for incoming HTTP requests t | 8000 |
| vault_cluster_machine_type | string | The machine type of the Compute Instance to run for each node in the Vault clust | "g1-small" |
| gcs_bucket_location | string | The location of the Google Cloud Storage Bucket where Vault secrets will be stor | "US" |
| gcs_bucket_class | string | The Storage Class of the Google Cloud Storage Bucket where Vault secrets will be | "MULTI_REGIONAL" |
| root_volume_disk_type | string | The GCE disk type. Can be either pd-ssd, local-ssd, or pd-standard | "pd-standard" |
firewall_rule_allow_inbound_api_urlfirewall_rule_allow_inbound_health_check_urlbucket_name_idgcp_project_idvault_cluster_sizeinstance_group_idinstance_template_urlfirewall_rule_allow_intracluster_vault_idfirewall_rule_allow_inbound_api_idfirewall_rule_allow_intracluster_vault_urlfirewall_rule_allow_inbound_health_check_idbucket_name_urlcluster_tag_nameinstance_group_nameinstance_group_url