djhaskin987
Reputation: 10087
Lookup vault keys in hcl?
I am refactoring a Nomad job's HCL so that my developers can run it on their own machines instead of some central server. Currently I have this block:
...
task "internal-task" {
artifact {
source = "git::[email protected]:Corporation/internal-tool.git"
destination = "local/internal_tool"
options {
sshkey = "${base64encode(file("/etc/nomad.d/ssh/internal_tool_ssh_key"))}"
}
}
...
The problem is that sshkey line, it assumes there is a file in a specific spot since this job is normally run from a central server.
I want my developers to just run this on their laptops, so I put the SSH key in our Vault instance. I want to lookup the key from Vault using a function similar to file( above, like this:
sshkey = "${base64encode(vault_lookup("/vault/path/to/ssh/key/secret"))}"
Does such a function exist, or what are my options?
Upvotes: 0
Views: 29
Answers (0)
Related Questions
- Using terraform variable in hcl extention ( vault )
- Hashicorp Vault Reading Policy
- Create a Vault UI user using the vault CLI
- Error making API request when using Vault secrets
- Nomad Variables are not accessible in Job specification
- Vault Nested Namespace Limits
- Root policy in hcl for hashicorp vault
- Vault kv secrets and nomad jobs
- Vault: enabling unauthenticated "public" resources