Learn how to migrate secrets from #aws Secrets Manager to HashiCorp Vault with Terraform.

Andrew at Money Leaves Bank finally convinced Claire, his CIO, that HashiCorp #Vault should be their secrets management solution as they are becoming a multi-cloud company. Now he is faced with the challenge of migrating their secrets hosted in AWS Secrets Manager to HashiCorp Vault. In this blog post, learn why Andrew decides to use #terraform for this task and how he implements the solution.

To accomplish his task, Andrew considers a couple of options:

1. He could use a multi-purpose language such as Python to get the secrets from AWS Secrets Manager and populate them in HashiCorp Vault
2. Use a wide-spread domain-specific language such as Terraform to do the same task

While both options are valid, he considers the expertise within his platform engineering team and finds that his team is more comfortable with Terraform. Moreover, they are adopting a multi-cloud strategy. They just started adding apps to Azure and within 6 months the dev team will build some apps in Google cloud to leverage GCP's machine learning services. He wanted to encourage his team to continue working with Terraform.

One downside to using Terraform for this task is that the secrets will show up in Terraform's state file. He needs to plan for this. He decides to use Terraform Cloud to store the state file securely. Once the secrets are moved successfully he can destroy the Terraform workspace to remove all traces of these secrets.

▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
00:00 - Introduction
00:17 - Scenario
01:36 - Terraform Public Module Overview
03:49 - Terraform101 and Vault101 Announcements
07:07 - Demo Starts
11:52 - Secrets in the State File
12:39 - Important Closing Remarks

▬▬▬▬▬▬▬▬ Useful Links 🛠 ▬▬▬▬▬▬▬
- Blog post ► [ Ссылка ]
- Code ► [ Ссылка ]

▬▬▬▬▬▬▬▬▬ Courses 🎓 ▬▬▬▬▬▬▬▬
- TeKanAid Academy Subscription ► [ Ссылка ]
- Terraform 101 - Certified Terraform Associate ► [ Ссылка ]
🎟️ Get 15% off of my Terraform 101 Course with this coupon ► YOUTUBE15TF101
- HashiCorp Sentinel 101 ► [ Ссылка ]
- HashiCorp Vault 101 - Certified Vault Associate ► [ Ссылка ]
🎟️ Get 15% off of my Vault 101 Course with this coupon ► YOUTUBE15VAULT101
- HashiCorp Vault 201 - Vault for Apps in Kubernetes ► [ Ссылка ]
▬▬▬▬▬▬▬▬ Community 🌎 ▬▬▬▬▬▬▬▬▬
- TeKanAid Community Forum ► [ Ссылка ]

▬▬▬▬▬▬▬▬ Connect 👋 ▬▬▬▬▬▬▬▬▬
TeKanAid Academy ► [ Ссылка ]
Website ► [ Ссылка ]
Facebook Page ► [ Ссылка ]
Don't forget to subscribe ► [ Ссылка ]
MEDIUM ► [ Ссылка ]
TWITTER TeKanAid ► [ Ссылка ]
TWITTER Sam ► [ Ссылка ]
LINKEDIN TeKanAid ► [ Ссылка ]
LINKEDIN Sam ► [ Ссылка ]

свернуть