Terraform code for extracting secrets from Azure Key Vaults.
For the list of requirement, inputs, outputs, resources... check the terraform module documentation.
module "infrastructure_secrets" {
source = "git::https://github.com/DFE-Digital/terraform-modules.git//aks/secrets?ref=stable"
azure_resource_prefix = "s189t01"
service_short = "afqts"
config_short = "dv"
key_vault_short = "inf" # infrastructure
}
provider "statuscake" {
api_token = module.infrastructure_secrets.map.STATUSCAKE_API_TOKEN
}
The name of the key vault is generated by joining the input variables by a dash, in the example above the name will be: s189t01-afqts-dv-inf-kv
.
key_vault_short
can be set to null
(which is the default), in which case you would have: s189t01-afqts-dv-kv
.
It’s recommended that complex services should have two key vaults, one for application secrets (app
) and one for infrastructure secrets (inf
).
The map of secrets extracted from the Azure Key Vault.