Source: www.hashicorp.com
Managing HashiCorp Consul Access Control Lists with Terraform & VaultCategory: Database, Data, Terraform, Infrastructure, Hashicorp, github, automation
For organizations with multiple teams, how do you empower those teams to securely use Consul?
When multiple teams use Consul, it becomes difficult to correlate manually managed policies in Consul with the identity accessing it.
While you can issue a management token for the Consul secrets engine manually, creating it with Terraform allows you to manage and revoke it more dynamically than through the CLI.
After creating the Consul management token and configuration for the Consul secrets engine, you can now define the app team’s Consul policies and roles with Terraform and request a dynamic Consul ACL token with Vault.
Using the Consul and Vault providers for Terraform, you created a management token to enable Vault to issue Consul ACL tokens using the Consul secrets engine.
When multiple teams use Consul, it becomes difficult to correlate manually managed policies in Consul with the identity accessing it.
While you can issue a management token for the Consul secrets engine manually, creating it with Terraform allows you to manage and revoke it more dynamically than through the CLI.
After creating the Consul management token and configuration for the Consul secrets engine, you can now define the app team’s Consul policies and roles with Terraform and request a dynamic Consul ACL token with Vault.
Using the Consul and Vault providers for Terraform, you created a management token to enable Vault to issue Consul ACL tokens using the Consul secrets engine.
Related Articles
Community Partners
DevOps Careers