terraform-provider-vault icon indicating copy to clipboard operation
terraform-provider-vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

[Bug]: The `vault_kv_secret_v2` resource's `cas` field does not work (again)

Open gui-don opened this issue 5 months ago • 0 comments
trafficstars

Terraform Core Version

1.12.0

Terraform Vault Provider Version

5.0.0

Vault Server Version

1.18

Affected Resource(s)

  • vault_kv_secret_v2

Expected Behavior

Works with Vault 4.X.X provider:

resource "vault_kv_secret_v2" "my_secret" {
  mount = vault_mount.sdlc_vault_kv.path
  name  = "my_secret"
  cas   = 1
  data_json = jsonencode(
    {
      raw = "test"
    }
  )
  custom_metadata {
    cas_required         = true
  }
}

Actual Behavior

Fails with Vault 5.0.0 provider:

resource "vault_kv_secret_v2" "my_secret" {
  mount = vault_mount.sdlc_vault_kv.path
  name  = "my_secret"
  cas   = 1
  data_json_wo_version = 1
  data_json_wo = jsonencode(
    {
      raw = "test"
    }
  )
  custom_metadata {
    cas_required         = true
  }
}

Relevant Error/Panic Output Snippet

│ 
│ URL: PUT https://xxx.yyyy/v1/yyy/path/kv/data/my_secret
│ Code: 400. Errors:
│ 
│ * check-and-set parameter required for this call

Terraform Configuration Files

resource "vault_kv_secret_v2" "my_secret" {
  mount = vault_mount.sdlc_vault_kv.path
  name  = "my_secret"
  cas   = 1
  data_json_wo_version = 1
  data_json_wo = jsonencode(
    {
      raw = "test"
    }
  )
  custom_metadata {
    cas_required         = true
  }
}

Steps to Reproduce

See above*

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

  • https://github.com/hashicorp/terraform-provider-vault/issues/1727: is outdated.

Would you like to implement a fix?

None

gui-don avatar May 22 '25 17:05 gui-don