terraform-aws-hashicorp-vault-eks-addon icon indicating copy to clipboard operation
terraform-aws-hashicorp-vault-eks-addon copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Customize values.yaml using Bueprints and GitOps

Open dkravetz opened this issue 2 years ago • 1 comments

Hi,

I'm exploring the use cases of AWS Blueprints, and when trying to deploy Vault using GitOps, the customization options are virtually non-existant compared to the Terraform managed flow. In particular, I'm trying to do:

  enable_vault = true
  vault_helm_config = {
    create_service_account_secret_token = "true"
    values = [templatefile("${path.module}/helm_values/vault_values.yaml", {
      iam_role_arn = module.vault_irsa_iam_role.iam_role_arn,
      region       = var.region,
      kms_key_id   = aws_kms_key.vault.id
    })]
  }

but the only option that seems to propagate to the ArgoCD app of Apps used here is simply to toggle enabled. Am I missing something here, or does the GitOps approach not cover 1:1 the customizable settings?

Thank you for the development of the add-on and for taking the time!

dkravetz avatar Feb 14 '23 12:02 dkravetz

I am having the same issue while deploying vault with eks blueprints addons and argocd (argocd_manage_add_ons=true). The issue comes from this code. See similar implementation for external-dns. I will make a PR to address this.

adabuleanu avatar May 13 '23 08:05 adabuleanu