vault-aws-tgw
btkrausen/vault-aws-tgw/hcp
Module used to provision HCP Vault on AWS using Transit Gateway
hcp-vault-aws-tgw-module This module is designed to provision a HashiCorp Virtual Network as well as a new HCP Vault cluster. Connectivity from the HCP environment is done using a Transit Gateway. Since most organizations already have an established network strategy, or the network stack is defined in another Terraform configuration, this module assumes the following: The VPC in the targeted account (Network account) already exists The Transit Gateway in the targeted account (Network account) already exists A private route table exists for the VPC in the targeted account An example .tfvars file is included to configure values of required variables. !Vault * Requirements | Name | Version | |------|---------| | hcp | 0.41.0 | Providers | Name | Version | |------|---------| | aws | n/a | | hc
| Name | Type | Description | Default |
|---|---|---|---|
| hvn_id | string | Name/ID of the HVN Network - displays in the UI | |
| vault_tier | string | Tier of the HCP Vault cluster. Valid options for tiers - dev, starter_small, sta | |
| client_id | string | Client ID for HCP Organization | |
| client_secret | string | Client Secret for HCP Organization | |
| vpc_id | string | VPC ID of an existing VPC in the Network (Transit) account | |
| tgw_id | string | The ID of the existing TGW in your AWS network/transit account | |
| route_table_id | string | The private route table in the network/transit account to route data to the HVN | |
| hvn_cidr | string | The CIDR block for HashiCorp Virtual Network | "172.31.0.0/16" |
| cluster_id | string | The ID of the Vault cluster | "primary-vault-cluster" |
| aws_cloud_region | string | AWS Cloud Region that HCP Vault will be connected to | "us-east-1" |
| public_vault | bool | Should this Vault cluster have a public endpoint? | false |