1

I need to setup Hashicorp vault on aws with cross region setup in HA. And I gotta do it with complete automation , what would be the best IAC tool , Cloudformation- I found very less documentation on this for vault setup. Or Terraform - ?

has some one achieved it by complete automation method on aws. ?

Rajesh Thakur
  • 31
  • 1
  • 1
  • 5

1 Answers1

0

Terraform is not a Configuration Management tool, It's an IaC tool. You can use Terraform to create underline infrastructure for your Vault setup and it should not use to provision applications in the infrastructure. Of course, you can install applications in your EC2s using exec remote provisioner, but you should use provisioners as the last resort.

So I think of using Terraform for creating the infrastructure of the Vault setup. But you need to use some other tools like Ansible or Puppet to provision software in your infrastructure. Using IaC tools for configuration management will create major technical confusion in the long run.

Vidura Dantanarayana
  • 481
  • 4
  • 14
  • 1
    Thanks for the update @vidura -Idea here is to get the setup done with one tool either by CFT or terraform to avoid the management of multiple tool- But I then think it technically its tedious as IAC is something which CFT or Terraform can take care off but about the application configuration I gotta probably go down on Ansible path or so .. – Rajesh Thakur Jun 17 '21 at 11:38