Day-7 | Terraform Vault Integration | Secrets Management |
ฝัง
- เผยแพร่เมื่อ 26 ก.ย. 2024
- Support my work
www.buymeacoff... Hi Everyone, My Name is Abhishek and my channel is focused on delivering Free content on DevOps and Cloud. Follow my channel for practical learning of DevOps and Cloud. Don't miss the FREE DEVOPS COURSE and FREE AWS COURSE from Playlists section.
Doubts Clearing Group
www.youtube.co...
GitHub Repo for the Series
github.com/iam...
Instagram: / abhishekveeramalla_off...
Book 1:1 with me on TopMate for career guidance
topmate.io/abh...
Public Telegram Channel For Notes and Updates
t.me/abhishekv...
About me:
========
LinkedIn: / abhishek-veeramalla-77...
GitHub: github.com/iam...
Medium: / abhishekveeramalla-av
What is Terraform ?
Learn Terraform from basics
Terraform real world examples
Terraform course
Best terraform course
Terraform modules
Terraform workspaces
#devops #futureofdevops #kubernetes #sre #aws #azure
DEVOPS FAQ
DEVOPS
WHAT IS DEVOPS ?
WHY DEVOPS ?
HOW TO LEARN DEVOPS ?
LEARN DEVOPS IN 60 DAYS ?
NON IT TO IT BACKGROUND ?
IS DEVOPS EASY TO LEARN ?
BEST DEVOPS COURSE
FREE DEVOPS COURSE
#AbhishekVeeramalla
BEST DEVOPS VIDEOS
DEVOPS INTERVIEW QUESTIONS
EASY DEVOPS VIDEOS
BEST WAY TO LEARN DEVOPS
PYTHON FOR DEVOPS
PYTHON PROJECTS FOR DEVOPS
LEARN PYTHON
PYTHON PROJECTS FOR AWS
AWS PYTHON PROJECTS
AWS LAMBDA FUNCTIONS
WHAT IS GITOPS ?
WHY GITOPS ?
LEARN GITOPS ?
GITOPS FREE COURSE
What is AWS ?
LEARN AWS FOR FREE
AWS COURSE
AWS COURSE FOR DEVOPS
AWS CLI Deep Dive
Terraform Vault
Secrets Management with Terraform .
.
Disclaimer: Unauthorized copying, reproduction, or distribution of this video content, in whole or in part, is strictly prohibited. Any attempt to upload, share, or use this content for commercial or non-commercial purposes without explicit permission from the owner will be subject to legal action. All rights reserved.
Hi Abhishek, Thank you for this wonderful demo regarding implementation of Hashicorp vault. Big Fan!!
The Error at 35:23 "Error making API request - Invalid secret id" is due to TTL configuration of secrets_id in the AppRole which is set to 10 mins during the AppRole configuration and hence after 10 mins the secrets are invalidated.
Nice catch buddy. I totally missed it.
Thank you Yogendra , i had the same issue .. thanks for the tip
Thankyou Yogendra,i had the same issue.I was wondering what to do and found your comment. Appreciate it :)
Thanks a lot!
One of the best explanations bro.. Though i have worked a little bit on Vault. Your explanation helped me to understand the whole flow..10/10 for you! 👏👏👏
Awesome, thank you!
Hi annaya i watched all terraform videos!!! you saved me with this videos which are really clear !!! great work annaya thankyou
This Abhishekh is really explaining tough things in as simple as possible. Tons of thanks to you 🙂
My pleasure 😊
'📢📢🥇🥇Best terraform Series ❤❤thankyou Guru Ji❤❤
😍😍
Hats off to your commitment 👏👏
😍😍
minikube start
eval $(minikube docker-env)
This is awesome Abhishek, able to apply secret as a tag to the ec2 instance, by following your video and able to successfully authenticate [terraform to Vault]. Moreover, you have cleared the functioning of Access and Policies similar to AWS IAM roles and policies. Thanks a lot Abhishek for helping us to implement this project.
Thank you so much Abhishek for TF series with live demo, @Hats off to you.
Hii ,Abhishek Sir!!
Thank you so much for Terraform series😊
Hi Abhishek, Thanks a ton for this wonderful series, i cant thank you enough , i was not sure if i will be able to understand terraform, after this series i got confidence and am confident that i can ace it. Keep inspiring everyone as always :) :)
😍😍😍
Thank you so much for wonderful knowledge sharing series, Almost finished most of your courses and now revising and practising to clear loop holes, then will start giving interview, again heartfelt thanks bro for sharing it for FREEEEEEEE,
Thanks for the Video Abhishek, Its very informative. we are using Vault in our Tomcat instance to encrypt the SSL password of the server certificate.
Great to know
Thank you @Abhishek garu for terraform course.
Got same error, I just regenerated secret-Id & it was working. Thnkq sir 👌👌
😍
Hi Abhishek, Just now completed AWS zero to hero course. It was an amazing experience. Could you please do a complete series on the security side ? Like Security hub, guardduty, inspector
sure, will try
Thank you very much Abhishek!!!
Most welcome!
Hi Abhishek,
Learned a lot guruji.
Thanks
Thank you very much Abhishek.
Absolutely wonderful. Vault concept is cleared now.
Could you please also show how in production vault is beneficial, like integrating with LDAP / OIDC concept, please?
Hope you are doing well now!. Was waiting for the video and it’s here. Thank you.
😍
Thank you so much Abhishek!!
Life saviour , makes everything easier. thank you. thank you so much, abhi bro. i did not understand from others video or docs so i started waching yours , i m sure i will understand from here. so in advance i am commenting . but here my requirement is to save ssh key and token in vault which i have created that keys as k8s secret. any how it will help me at least to get some idea .
You are most welcome
Hi Abhishek, I have a question: since we need to provide role_id and secret_id to connect to the Hashicorp vault in the Terraform project, how can I be sure that these are not compromised? Having access to a repository is one thing. Besides that, is there a better practice to handle those values?
Great tutorial by the way. Enjoying the series thoroughly.
Today lecture we just understood Terraform vault integration but need to know how to used it real-time scenario.
Hi Abhishek,
First of all thanks for this amazing series. Totally love your work.
While practicing the vault demo I observed secret id is being updated every 10 minutes which is giving error while provisioning resources. I want to know is this common? every time I am running terraform plan it is asking to update secret id
It is configurable. You can change that
Hi #abhishekveeramalla,
This is a great initiative and deserves lot of appreciation. Kudos to you for bringing such useful quality content. May I request you to bring a tutorial on terraform cloud (TFC). Now a days organizations heavily use TFC (Terraform Cloud) with version control systems to create infra for multiple environments like DEV. STAGING, PROD etc..
Next we need Ansible anna
Please do as 7 days ansible like this .
😀
Thanks Abhishek for this wonderful series. It’s helping a lot to enhance knowledge.Can you please create one demo video to build Terraform code in Jenkins and kubernetes with some real time use cases?
Thank you so much Sir
Welcome
Hi @Abhishek, thank you so much for this terraform series, this helps a lot for me to understand the concept. Can you please do a ansible zero to hero series as well.
😍😍
Please make on Ansible hero to zero
Very good demo. plz try to have a similar demo using the Ansible scenario cases project. Thank YOU
Its exactly the same for ansible. Do you wnat to give it a try ?
yes, please. Thank you @@AbhishekVeeramalla
thankyou sir
thanks Abhishek sir
Welcome
🙌 hats off to you
Thanks
excellent!
❤❤❤
😍😍
Anna k aage koi bol sakta hai kya.
Anna you are helping a lot of student respect from Bihar.
I will pray to lord shivA for your good health
😍😍😍
@abhishek Veeramalla, The Secret id while creating you are giving ttl is 10, i thought it might be 10 mins, so it might be valid for 10 mins, we need to keep more time as per my understanding, correct me if i am wrong.
Hi Abhishek, can you please make a video on provisioning the infra using terraform and automate It using azure devops.. can you please include it in this series as we are in terraform series please...
Please start azure devops master series. thank you
Python and azure devops are the pending ones
Great content as usual and more blessings. Please correct me if am wrong, I thought this part `data.vault_kv_secret_v2.example.data["username"]` sould be applied to the tag block instead like this ` tags = {
Name = "test"
Secret = data.vault_kv_secret_v2.example.data["username"]
}`
Or what do you think?
Hi @Abhishek codespace is not working since yesterday
Ah ok
Would have been nice to see Vault installation via Terrafrom & not directly
The error is due to time out you have provided which is 10m. You need to generate new secret id and use it.
Anna after this series request for one Ansible series. Thank you in advance
Thank you ^^
Super anna.
Thanks !!
Can we use aws secrets in this Vault place ??
Hi,abhishek please do a video on hashicorp vault with jenkins
Noted
Its quite similar. Please watch this and you will learn
Hi Anna few more concepts like functions, conditions, loops, are missing; and also interview questions and answers.
Noted
Hello abhishek, Thanks for this series, While doing demo this lesson on Azure got a query like suppose in dev workspace i have created a vm with size "standard_ds2_v2" and now i have to create another instance in staging workspace with vm size "standard_ds3_v2" , i chnagesd the vm size accordingly but got the error like resource group already exist . So here can we create another instance in staging workspace using same vnet and resource group which are created in dev workspace? if its possible please help me how to do that.
Hi Abhishek, why we are storing secret id in main.tf can't pass it through cmd on run time due to security reasons
Kindly do Ansible series
sure, noted
Hi Abhishek, unsealing vault using tokens required only for prod vault server's?
Yes
Hi Abhishek .. getting error while installing vault on ubuntu like "E: Unable to locate package vault"
Did u add the hashicorp repo as I showed in the video ?
after adding the hashicorp repo, also run the command "sudo apt update" and then try to run "sudo apt install vault"
Hi @nikhilnanekar6745. I'm getting the same error. Did you found a solution?
Hi Abhishek, can you tell after learning from this Terraform series, how much experience we can show?
Hi Abhishek, i am stored in some secret key value in vault , using github action will do use this frontend application ( how to configure secret in code side node js ).. how can i do it .. please reply
❤😊
😍
Just completed your terrific terraform course. 😅
Hi Abhishek, I am about to complete TF series, DevOps i already completed. Also, Azure i know.
What should i do next before appearing interviews?
Shall i go for AKS? please suggest
Hi bro when you are going to post the 1 to 1 person meeting venue
Registered people will start getting mails tomorrow
Hi anna. I tried adding harshicorp repository. I also did sudo apt update command. And then when i tried to install vault, I'm getting an error saying unable to locate the package. How to resolve it?
I got the same do as what error says to correct there will be the answer in error u do
Next Azure DevOps
Soon
Please do bro with arm templates please
Anna please do ansible series as well😊
Commitment 🎉❤
Hello anna is aws devops a good carrier or web development has a good carrier.? In india .?
Can u plz tell .!!
Thanks
Devops is good
Hai anna...
Can i try this hashicorp vault integration with terraform using azure and the document that have provided in git hub is same for azure?
Video is same for azure
Hi abhishek Thank you for the great video
I got error at 30:00 with data.vault_kv_secret_v2.example,
│ on main.tf line 19, in data "vault_kv_secret_v2" "example":
│ 19: data "vault_kv_secret_v2" "example" {
as this i exactly did same as urs in github u shared as "secret" as mount but in video put as kv i did both ways still got error can anyone help ?
same error
31k views and 500 likes. come on guys what are you doing he is doing such great job and you useless fellow not even appreciating the content
need eks demo video using terraform
Anna please do ansible series
minikube start
eval $(minikube docker-env)
👍
Bro, with this class Terraform completed??
All terraform Concepts are completed as planned.
I will do a project in future
@@AbhishekVeeramalla ok bro thank you
Thanks Abhi
if possible can you please create a video for kubernetes vault integration please ?
Noted
Was waiting for the video and it’s here🤜🏻🤛🏻. Hoping you are fine now as you are unwell from past few days😊
Recovering
@@AbhishekVeeramalla Take care 😊
I am completed diploma after 12th shall I get the job in devops
Any degree is fine
Hi Abhishek,
Thanks for the video, please make a video like this how we can inject secrets from vault via side car, dynamically , via annotation or dynamically in kubernetes🙏thanks in advance 😊
Unique content on Hashicorp vault in Yt & best too 😊😊. One query can we create the same syntax for each resource such as S3 in a separate main.tf file ?
First view🎉
Thanks