Skip to content

Update Terraform vault to v3.8.1

Renovate Bot requested to merge renovate/vault-3.x into main

This MR contains the following updates:

Package Type Update Change
vault (source) required_provider minor 3.5.0 -> 3.8.1

Release Notes

hashicorp/terraform-provider-vault

v3.8.1

Compare Source

IMMROVEMENTS:

  • docs: Fix broken provider.namespace links: (#​1562)
  • docs: Add Azure example for r/raft_snapshot_agent_config: (#​1534)
  • docs: Document namespaced resource import: (#​1561)
  • docs: Add more visible note that d/aws_access_credentials cannot be renewed: (#​1464)

BUGS:

  • fix: Persist namespace to state on resource import: (#​1563)
  • fix: Update all transform resources with namespace support: (#​1558)
  • fix: Make password_policy conflict with the formatter field: (#​1557)
  • fix: Correct typo in r/pki_secret_backend_root_cert description: (#​1511)

v3.8.0

Compare Source

FEATURES:

  • Adds support for Kubernetes secrets engine: (#​1515)
  • PKI: Add support for CPS URL in custom policy identifiers: (#​1495)

IMMROVEMENTS:

  • Fix Import for OIDC Scope resource: (#​1548)
  • Update entity alias creation to use entity lookup api: (#​1517) (#​1552)
  • Add support for Consul secrets engine enhancements: (#​1518)
  • auth/gcp: adds custom_endpoint parameter to backend config: (#​1482)
  • auth/jwt: adds user_claim_json_pointer and max_age to roles: (#​1478)

BUGS:

  • Support updating backend descriptions: (#​1550) (#​1543)
  • Properly set the base64_pem in Vault for Couchbase: (#​1545)
  • Fix bug where some rabbitmq config changes trigger erroneous mount recreation: (#​1542)
  • Update *kv_secrets* resources to support namespaces: (#​1529)
  • Do not validate JSON on OIDC scope template: (#​1547)

v3.7.0

Compare Source

FEATURES:

  • Support setting namespace by resource (#​1305) (#​1479)
  • Add dedicated KV (v1/v2) secret engine resources, and data sources, supersedes vault_generic_secret (#​1457)

IMMROVEMENTS:

  • Update vault libs to v1.10.3 (#​1483)
  • Drop debug log calls containing the full vault response (#​1477)
  • resource/token: Add metadata support (#​1470)
  • resource/vault_ldap_auth_backend: support LDAP username_as_alias attribute: (#​1460)
  • resource/vault_quota_rate_limit: Add support for interval and block_interval: (#​1084)
  • ci: Test against vault-enterprise 1.10.3-ent: (#​1461)

BUGS:

  • resource/auth_backend: validate path, disallowing leading/trailing / (#​1471)
  • resource/vault_jwt_auth_backend_role: fix bound_claims not being unset when empty (#​1469)
  • resource/cert_auth_backend: add the correct field name: allowed_organizational_units (#​1496)

v3.6.0

Compare Source

IMMROVEMENTS:

  • resource/pki_secret_backend_root_cert: Force new root CA resource creation on out-of-band changes.
    (#​1428)
  • resource/pki_secret_backend_intermediate_set_signed: Document complete usage example.
    (#​1452)
  • resource/pki_secret_backend_config_urls: Add support for importing PKI config URLs
    (#​1451)
  • vault/resource_pki_secret_backend*: Extend revocation support to other resources
    (#​1446)
  • vault/resource_pki_secret_backend*: Force new root CA/cert resource creation on out-of-band changes.
    (#​1432)
  • datasource/generic_secret: Improve documentation.
    (#​1390)
  • resource/ldap_auth_backend: Support setting userfilter.
    (#​1378)
  • resource/aws_auth_backend_role: Add role_id as a computed field.
    (#​1377)
  • Auth: Handle CIDR prefix being stripped for hosts in token_bound_cidrs
    (#​1346)
  • Add allowed_serial_numbers support
    (#​1119)
  • resource/pki_secret_backend_role: Allow key_type to be set to any.
    (#​791)
  • resource/aws_secret_backend_role: Add user_path and permissions_boundary_arn arguments.
    (#​781)

BUGS:

  • resource/pki_secret_backend_root_sign_intermediate: Ensure that the certificate_bundle, and ca_chain do not contain duplicate certificates.
    (#​1428)
  • resource/identity_entity_alias: Serialize create, update, and delete operations in order to prevent alias mismatches.
    (#​1429)
  • database_secret*: Ignore mongodb-atlas private_key on read from Vault. mismatches.
    (#​1438)
  • resource/auth_backend: Remove ForceNew behavior when updating description.
    (#​1439)
  • resource/identity_group_member_entity_ids: Properly handle nil member_entity_ids in response.
    (#​1448)
  • resource/pki_secret_backend_role: Fix TTL handling in PKI role.
    (#​1447)
  • resource/pki_secret_backend_role: key_usage value should be computed.
    (#​1443)
  • resource/vault_pki_secret_backend_{cert,sign}: Properly force a new resource whenever the cert is near expiry.
    (#​1440)
  • resource/identity_entity_alias: Remove read operation on entity alias update.
    (#​1434)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Edited by Renovate Bot

Merge request reports