The Vault installation module requires an SSL certificate for the creation of the internal HTTPS load balancer. It also requires TLS certificates on all Vault nodes in the cluster. If you do not already have existing TLS certs that you can use for these requirements, you can use the example code in this directory to create them and upload them to GCP Secret Manager as well as create the necessary SSL certificate for the load balancer.
- Ensure your GCP credentials are configured correctly
- Enable the Secret Manager API
- Configure required (and optional if desired) variables
- Run
terraform initandterraform apply
- The Terraform State produced by this code has sensitive data (cert private keys) stored in it. Please secure your Terraform state using the recommendations listed here.
project_id- Name of the GCP project in which to deploy resourcesregion- GCP region to deploy resources into
- Please note the following output produced by this Terraform as this
information will be required input for the Vault installation module:
leader_tls_servernamessl_certificate_nametls_secret_id