Use Vault to manage API tokens for the Terraform Cloud Operator

The HashiCorp Terraform Cloud Operator for Kubernetes continuously reconciles infrastructure resources using Terraform Cloud. To better secure secrets, such as API tokens, instead of hard-coding them, they can be stored and managed in a centralized secrets manager like HashiCorp Vault. In this approach, the Vault Secrets Operator (VSO) retrieves secrets from an external secrets manager and stores them in a Kubernetes secret for workloads to use. This post demonstrates how to use VSO to retrieve dynamic secrets from Vault and write them to a Kubernetes secret for the Terraform Cloud Operator to reference when creating a workspace.