How to use terraform with hashicorp vault for openstack?

Question

I am using terraform to provision servers in a private openstack cloud. Running terraform requires that the terraform script can access my username and password for my openstack cloud. So I would like to store this info in a secret file and encrypt this (something along the lines of ansible vault). However the only examples I have found for using hashicorp vault with terraform have been for AWS. So how would I create a terraform script that can read a vault value containing two variables to use them for provisioning openstack instances?

For reference here is how I mounted my vault secret backend:

vault mount generic

Here is what my secret would look like (if I didn't write it into a json file):

vault write generic/logins usernames=myUserName psswrds=myPassword

Answer 1

I have just done this for mongo atlas, you can see an example on github here

provider "mongodbatlas" {
  public_key  = data.vault_generic_secret.example.data["public_key"]
  private_key = data.vault_generic_secret.example.data["private_key"]
}

provider "vault" {
  address = "http://127.0.0.1:8200"
}

data "vault_generic_secret" "example" {
  path = "mongodbatlas/creds/example"
}

I know this is for mongo atlas but it's very similar usage.

Answer 2

Terraform 0.8 will have a Vault provider.

data "vault_generic_secret" "login" {
  path = "generic/logins"
}

provider "something" {
  user = "${data.vault_generic_secret.login.data["username"]}"
  pass = "${data.vault_generic_secret.login.data["password"]}"
}