terraform-provider-vault
terraform-provider-vault copied to clipboard
hashicorp
[New]: Ephemeral types and write-only support
Description
Running list of all the requested enhancements for provider ephemerality. If one is missing, please comment below and ill add to the list. Thank you for kicking this issue off @xeivieni & @freddo3000 https://github.com/hashicorp/terraform-provider-vault/issues/2373#issue-2706016101
Ephemeral retrieves
These are data source like ephemeral resources that only retrieve secret info
- [ ]
vault_generic_secret - [ ]
vault_aws_access_credentials - [ ]
vault_aws_static_credentials - [ ]
vault_azure_access_credentials - [ ]
vault_kv_secret - [ ]
vault_kv_secrets_list - [x]
vault_kv_secret_v2 - [ ]
vault_kv_secrets_list_v2 - [ ]
vault_kv_subkeys_v2 - [ ]
vault_ldap_dynamic_credentials - [ ]
vault_ldap_static_credentials - [ ]
vault_nomad_access_token - [ ]
vault_transform_decode - [ ]
vault_transit_decrypt - [ ]
vault_ad_access_credentials - [ ]
vault_identity_oidc_client_creds - [ ]
vault_kubernetes_service_account_token - [ ]
vault_transform_decode - [ ]
vault_transit_decrypt - [x]
vault_database_secret
Ephemeral creates
These are resource like ephemeral resources that create and returns secret info
- [ ]
vault_generic_endpoint - [ ]
vault_generic_secret - [ ]
vault_pki_secret_backend_cert - [ ]
vault_token - [ ]
vault_approle_auth_backend_login - [ ]
vault_aws_auth_backend_login - [ ]
vault_pki_secret_backend_acme_eab - [ ]
vault_pki_secret_backend_cert - [ ]
vault_pki_secret_backend_intermediate_cert_request - [ ]
vault_pki_secret_backend_sign - [ ]
vault_ssh_secret_backend_sign - [ ]
vault_transform_encode - [ ]
vault_transit_encrypt - [ ]
vault_transit_sign
Write-only
These are existing resources that need write-only support because they receive secret information from another source (variable or other resource/ds)
- [ ]
vault_terraform_cloud_secret_backend: issue link - [ ]
vault_ad_secret_backend - [ ]
vault_ldap_secret_backend_library_set - [ ]
vault_alicloud_auth_backend_role - [ ]
vault_aws_auth_backend_client - [ ]
vault_aws_secret_backend - [ ]
vault_azure_auth_backend_config - [ ]
vault_azure_secret_backend - [ ]
vault_consul_secret_backend - [x]
vault_database_secret_backend_connection - [ ]
vault_database_secret_backend_role - [ ]
vault_database_secret_backend_static_role - [ ]
vault_gcp_auth_backend - [x]
vault_gcp_secret_backend - [ ]
vault_jwt_auth_backend - [ ]
vault_jwt_auth_backend_role: issue link - [ ]
vault_kubernetes_auth_backend_config - [ ]
vault_kubernetes_secret_backend - [ ]
vault_ldap_auth_backend - [ ]
vault_ldap_secret_backend - [ ]
vault_mongodbatlas_secret_backend - [ ]
vault_nomad_secret_backend - [ ]
vault_okta_auth_backend - [ ]
vault_pki_secret_backend_config_ca - [ ]
vault_pki_secret_backend_key - [ ]
vault_rabbitmq_secret_backend - [ ]
vault_ssh_secret_backend_ca - [x]
vault_kv_secret_v2: issue link
Request to community:
In order to prioritize these ephemeral resources, we would appreciate help creating and voting on specific resource GitHub issues. Please look through the issues to see if a issue exists for the corresponding resource, if it does, vote on it.
Note: If you are an enterprise customers please also forward the issue to your account rep.
If an issue does not exist, please create one and include the following info (example):
- resource type and desired new type
- parameters that are sensitive
- sample shape of final hcl
Once complete please include the issue in a comment below and ill add it to the description
Potential Terraform Configuration
References
No response
Would you like to implement a fix?
None
