Blog Details

How to Deploy IAC with your secrets in Terraform Vault – 100 days of Cloud: Day 23


DAY 23 – Deploying IAC with your secrets in Terraform Vault – Day Twenty three

Image tweet

100 days of Cloud on GitHub – Read On – Read on

What is Vault?

Securely accesses secrets , HashiCorp explains as Vault comes with various pluggable components called secrets engines and authentication methods allowing you to integrate with external systems. Vault issues temporary tokens to access the resources.

  • In the blog I will be demonstrating how to setup a vault
  • Accessing secrets from Vault to Deploy your infrastructure into a AWS environment.


Install AWS CLI and Configure with IAM credentialsGIF

Image click

Install Vault

Goto this link to install Vault
I Am using a WSL Linux on windows

  • Getting GPG key
curl -fsSL | sudo apt-key add -
  • Adding HashiCorp Linux repo
sudo apt-add-repository "deb [arch=amd64] $(lsb_release -cs) main"
  • install
sudo apt-get update && sudo apt-get install vault

Setup Vault Project folder

  • Lets create a project folder named Vault and cd into it

Setup Vault Server (Dev environment)

vault server -dev -dev-root-token-id="environment"
Image vault server

Note down the Vault Address, Unsealkey & Root token.

Sign into vault server

Enter token as “environment”

  • Select Secret & Click Create Secret.
  • Enter your IAM Programmatic access keys & Save.

Deploying with Vault

  • Create a file and copy paste this command
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "3.58.0"

data "vault_generic_secret" "aws_creds" {
    path = "secret/aws"

provider "aws" {
  region  =["region"]
    access_key =["aws_access_key_id"]
    secret_key =["aws_secret_access_key"]

resource "aws_instance" "my_server" {
  ami           = "ami-059af0b76ba105e7e"
  instance_type = "t2.nano"
    tags = {
        Name = "Vault-Server"

You have to change ami incase your region is not on ap-southeast-2

  • Initialize Terraform
terraform init
  • Plan terraform
terraform plan

You will be prompted to enter the vault url, in this case it is

Image url vault
  • Deploy infrastructure
terraform apply -auto-approve
  • Enter url of vault when its prompted.
Image result
  • Teardown your infrastructure

if you are happy with the deployment , you can tear down the deployed resources

terraform apply -auto-approve -destroy

😀🎉Congratulations🎉 you have successfully deployed IAC with Terraform VaultGIF


Image congratulations

✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼‍🤝‍🧑🏻 Read more post on or
💻 Connect with me on GitHub