Skip to content
This repository was archived by the owner on Jul 16, 2024. It is now read-only.

Commit e9caf81

Browse files
authored
Updates to enable the vault UI (#4)
Feature update to enable the vault UI that was released in vault 0.10.0 Also updated the ECS Task definition template to make it mo-betta
1 parent 5fdc919 commit e9caf81

File tree

3 files changed

+40
-0
lines changed

3 files changed

+40
-0
lines changed

files/vault.json

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,10 @@
1616
{
1717
"name": "VAULT_LOCAL_CONFIG",
1818
"value": "{ \"backend\": {\"consul\": {\"address\": \"127.0.0.1:8500\", \"path\": \"vault\"}}, \"default_lease_ttl\": \"168h\", \"max_lease_ttl\": \"720h\", \"listener\": [{ \"tcp\": { \"address\": \"0.0.0.0:8200\", \"tls_disable\": true }}] }"
19+
},
20+
{
21+
"name": "VAULT_UI",
22+
"value": "${vault_ui}"
1923
}
2024
],
2125
"command": [
@@ -51,6 +55,16 @@
5155
],
5256
"command": [
5357
"sh", "-c", "sleep 10; vault unseal ${unseal_key0} "
58+
],
59+
"cpu": 0,
60+
"volumesFrom": [
61+
62+
],
63+
"mountPoints": [
64+
65+
],
66+
"portMappings": [
67+
5468
],
5569
"logConfiguration": {
5670
"logDriver": "awslogs",
@@ -75,6 +89,16 @@
7589
],
7690
"command": [
7791
"sh", "-c", "sleep 10; vault unseal ${unseal_key1} "
92+
],
93+
"cpu": 0,
94+
"volumesFrom": [
95+
96+
],
97+
"mountPoints": [
98+
99+
],
100+
"portMappings": [
101+
78102
],
79103
"logConfiguration": {
80104
"logDriver": "awslogs",
@@ -99,6 +123,16 @@
99123
],
100124
"command": [
101125
"sh", "-c", "sleep 10; vault unseal ${unseal_key2} "
126+
],
127+
"cpu": 0,
128+
"volumesFrom": [
129+
130+
],
131+
"mountPoints": [
132+
133+
],
134+
"portMappings": [
135+
102136
],
103137
"logConfiguration": {
104138
"logDriver": "awslogs",

main.tf

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ data "template_file" "vault" {
2828
awslogs_group = "vault-${var.env}"
2929
awslogs_stream_prefix = "vault-${var.env}"
3030
awslogs_region = "${data.aws_region.current.name}"
31+
vault_ui = "${var.enable_vault_ui ? "true" : "false"}"
3132
}
3233
}
3334

variables.tf

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,4 +64,9 @@ variable "unseal_keys" {
6464
description = "List of 3 Vault Unseal keys"
6565
}
6666

67+
variable "enable_vault_ui" {
68+
description = "Enables the built-in web UI, which is available on all listeners (address + port) at the /ui path. (Vault Enterprise, or Vault OSS 0.10+) Browsers accessing the standard Vault API address will automatically redirect there."
69+
default = true
70+
}
71+
6772
variable "vpc_id" {}

0 commit comments

Comments
 (0)