Bitwarden has a Secrets Manager that has been specifically designed for storing secrets that can be used for machine-to-machine interaction.
In this demo, we will be integrating Terraform with Bitwarden. For this there are some pre-requisites:
- bws command line utility
- BitWarden Account
bws command line utility can simply be installed using the bash script. Also, we would need a account, and need to activate the Secrets Manager. We would also need to create a machine account. This will be used to authenticate with bitwarden.
Keep in mind that tokens are not saved, you will need to save it somewhere. Now we will be using configuring the providers:
providers.tf
terraform {
required_providers {
bitwarden-secrets = {
source = "sebastiaan-dev/bitwarden-secrets"
version = "0.1.2"
}
random = {
source = "hashicorp/random"
version = "3.6.3"
}
}
}
provider "random" {}
provider "bitwarden-secrets" {
access_token = "#Acces_Token_From_the_Machine_Accounts"
}
I addition to bitwarden-secrets, i have also included random, as we will be creating a radom strong password and store it in the bitwarden.
Now we can go ahead and create project and secret within that.
# Create a project managed by Terraform
resource "bitwarden-secrets_project" "project" {
name = "MyAwesomeProject"
}
# Create Random Password
resource "random_password" "password" {
length = 16
special = true
override_special = "!#$%&*()-_=+[]{}<>:?"
}
# Create a secret in project managed by Terraform
resource "bitwarden-secrets_secret" "password" {
key = "password"
value = random_password.password.result
project_id = bitwarden-secrets_project.project.id
}
Screenshot from the UI:
This way we can leverage the awesome BitWarden to store secrets and share with the team.
Top comments (0)