Support for ca_pem and client_auth/client_pem+key_pem arguments

[imcitius]

Hi All,

Both terraform-provider-consul and terraform-provider-nomad supports ca_pem/cert_pem+key_pem arguments for tls client auth allowing to pass those secrets directly from data sources. But terraform-provider-vault lacks this support, and has only the ca_cert_file and client_auth/cert_file+key_file, thus using of intermediate files on disk is mandatory.

Is it not possible to support *_pem arguments, or this is some security concern? May this feature be implemened?

Thanks.

[oinkbark]

Same issue. I must write the data from my gcloud resource that contains the CA cert to disk and provide the file path instead of just directly referencing the output from that resource.

[drtbz]

Is there any update on this issue?

Having to provide an actual file instead of being able to just pass the ca_cert_file as a string means that we have a pointless step to write out the ca chain to disk for our pipeline runners so it can be used by the vault provider