vault_secrets_sync_gcp_destination

Creates a GCP destination to synchronize secrets in Vault. Requires Vault 1.16+. Available only for Vault Enterprise.

For more information on syncing secrets with GCP, please refer to the Vault documentation.

Example Usage

resource "vault_secrets_sync_gcp_destination" "gcp" {
  name                 = "gcp-dest"
  project_id           = "gcp-project-id"
  credentials          = file(var.credentials_file)
  secret_name_template = "vault_{{ .MountAccessor | lowercase }}_{{ .SecretPath | lowercase }}"
  custom_tags          = {
    "foo" = "bar"
  }
}

Argument Reference

The following arguments are supported:

Attributes Reference

The following attributes are exported in addition to the above:

Import

GCP Secrets sync destinations can be imported using the name, e.g.

$ terraform import vault_secrets_sync_gcp_destination.gcp gcp-dest