vault_aws_static_credentials

Reads static role credentials from an AWS secret backend in Vault

Example Usage

resource "vault_aws_secret_backend" "aws" {
  path = "my-aws"
  description = "Obtain AWS credentials."
}

resource "vault_aws_secret_backend_static_role" "role" {
  backend = vault_aws_secret_backend.aws.path
  name = "test"
  username = "my-test-user"
  rotation_period = "3600"
}


# generally, these blocks would be in a different module
data "vault_aws_static_access_credentials" "creds" {
  backend = vault_aws_secret_backend.aws.path
  name    = vault_aws_secret_backend_static_role.role.role_name
}

provider "aws" {
  access_key = data.vault_aws_access_credentials.creds.access_key
  secret_key = data.vault_aws_access_credentials.creds.secret_key
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to the arguments above, the following attributes are exported: