Configuring Terraform

The Terraform configuration files, such as .tf files, are typically located within the executable directory or subdirectories. Therefore, executing the Terraform configuration commands in the specific directory is necessary.

To make an executable directory:

  1. Create an example.tf file in the directory containing the Terraform executable.

  2. Place the content into the example.tf file from:

    1. secrets_get.tf file: for retrieving a multiple secret.

    2. secret_create.tf file: for creating or updating a secret.

      You can find these files in the terraform-provider-tss>examples>secrets directory.

    These files are only for reference on how to fetch or create secrets. You can use the content of the files as a guide to make your actual .tf file.

  3. Update the Terraform and the terraform-provider-tss versions in the terraform block of the example.tf file according to your terraform and your terraform-provider-tss versions:

    4. Copy 
    terraform {

      required_version = "1.5.2"

      required_providers {

        tss = {

          source = "DelineaXPM/tss"

          version = "3.0.0"

        }

      }

    }

  4. Create a terraform.tfvars file in the directory containing the Terraform executable.

  5. Place the variables into the file with the appropriate values corresponding to getting, creating, or updating a secret.
    You can find the list of variables in the terraform-provider-ts>vars>secrets directory.

    6. Using the direct Secret Server instance

    If you want to access the Secret Server instance directly without the platform, provide the Secret Server URL as an input to tss_server_url and the Secret Server user credentials to tss_username and tss_password.

    Examples of commands for possible variables:

    1. Variables for getting a secret by ID:

      tss_username = "username"

      tss_password = "password"

      tss_server_url = "https://example/SecretServer"

      tss_secret_id = ["1", "2", "3"]

    2. Variables to create/update a secret:

      3. Copy 
      tss_username   = "username"
      tss_password   = "password"
      tss_server_url = "https://example/SecretServer"
      tss_secret_name = "Windows Account"
      tss_secret_siteid = 1
      tss_secret_folderid = 0
      tss_secret_templateid = 6000
      fields = [
        {
          fieldname   = "Machine"
          itemvalue = "enter the hostname/ip of the machine"
        },
        {
          fieldname   = "Username"
          itemvalue = "enter my_app_user"
        },
        {
          fieldname   = "Password"
          itemvalue = "enter the password"
        },
        {
          fieldname   = "Notes"
          itemvalue = "enter additional notes for your secret"
        }
      ]

     

To create variables for supporting the different secret template:

  1. In Secret Server, go to the Administration panel > Secret Templates and select the necessary template.

  2. Replace the tss_secret_templateid value with the template ID. You can see the ID in the URL when you select any template in Secret Server.

  3. Select the Fields tab.

  4. Based on the template fields, you can add or update a field (using the field name and the item value) as per the examples above in steps 5.a and 5.b.

    The above example has four fields in the template, but the number of fields can vary from template to template.

After completing the configuration instructions above, the Terraform executable directory should look like this: