Adding Consul as the storage backend

[cgriggs01]

This Vault module uses the Google Cloud storage backend.
https://github.com/hashicorp/terraform-google-vault/blob/master/modules/run-vault/run-vault#L138
It would be preferred for this module to use the Consul storage backend.

Would it be possible to update this module to use the Consul storage backend?

[josh-padnick]

Sure, that's a very reasonable request, but it will require some rework of the run-vault script since it currently assumes users will use a GCS Bucket. The script even requires --gcs-bucket as a parameter.

One option is to add a param like --storage-type that accepts one of gcs or consul for the value, and errors out otherwise. We can then add in params like --consul-address and --consul-path, both of which will require that --storage-type is set to consul.

A more general approach would allow the user to pass arbitrary key-value pairs multiple times, something like run-vault --storage-type "consul" --storage-param "address=127.0.0.1", but that's harder to write and possibly more confusing for users.

Thoughts on the preferred approach? Also, PRs welcome for this!

[cgriggs01]

Great, I would prefer the former option, with the ability to define the storage backend gcp or consul from an input variable in the module. As well as some documentation describing the different backends.

Thank you for your great work!

[josh-padnick]

After seeing this with fresh-eyes, I think the section option is the better approach. It's not much more work and can be used with an arbitrary storage backend, making it future compatible.

PRs are welcome on this!

[aktarali]

+1