Feature request: Chef Vault resources

[joerg]

Hi,

It would be great to have resources for chef vaults in Terraform. Our current use case is that we have all configuration, including secrets, in Chef Vault but for ECS we need certain passwords etc. in AWS Secrets Manager. Of course we don't want do duplicate the secrets and we also need to keep them in sync when passwords/keys are rotated.

Terraform Configuration Files

A possible terraform code could look like this

data "chef_vault" "prod_environment" {
  "vault" = "secrets"
  "item" = "production"
}

resource "aws_secretsmanager_secret_version" "example" {
  secret_id     = aws_secretsmanager_secret.example.id
  secret_string = data.chef_vault.prod_environment.json["database"]["password"]
}