From 9941820b7961bdefb1b8eee7003b279ba6dd07ae Mon Sep 17 00:00:00 2001 From: Tao <104055472+teowa@users.noreply.github.com> Date: Thu, 31 Aug 2023 11:04:34 +0800 Subject: [PATCH 1/3] point to new version when import updated --- .../keyvault/key_vault_certificate_resource.go | 11 +++++++++-- website/docs/r/key_vault_certificate.html.markdown | 4 ++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/internal/services/keyvault/key_vault_certificate_resource.go b/internal/services/keyvault/key_vault_certificate_resource.go index 93e5e5939637..f872971b34e7 100644 --- a/internal/services/keyvault/key_vault_certificate_resource.go +++ b/internal/services/keyvault/key_vault_certificate_resource.go @@ -605,9 +605,16 @@ func resourceKeyVaultCertificateUpdate(d *schema.ResourceData, meta interface{}) if err != nil { return err } - if resp.ID != nil { - d.SetId(id.ID()) + + if resp.ID == nil { + return fmt.Errorf("error: Certificate %q in Vault %q get nil ID from server", id.Name, id.KeyVaultBaseUrl) + } + + certificateId, err := parse.ParseNestedItemID(*resp.ID) + if err != nil { + return err } + d.SetId(certificateId.ID()) } } if d.HasChange("certificate_policy") { diff --git a/website/docs/r/key_vault_certificate.html.markdown b/website/docs/r/key_vault_certificate.html.markdown index 513d19f56c6d..77d4325b6926 100644 --- a/website/docs/r/key_vault_certificate.html.markdown +++ b/website/docs/r/key_vault_certificate.html.markdown @@ -236,9 +236,9 @@ The following arguments are supported: * `key_vault_id` - (Required) The ID of the Key Vault where the Certificate should be created. Changing this forces a new resource to be created. -* `certificate` - (Optional) A `certificate` block as defined below, used to Import an existing certificate. +* `certificate` - (Optional) A `certificate` block as defined below, used to Import an existing certificate. Changing this will create a new version of the Key Vault Certificate. -* `certificate_policy` - (Optional) A `certificate_policy` block as defined below. Changing this forces a new resource to be created. +* `certificate_policy` - (Optional) A `certificate_policy` block as defined below. Changing this will create a new version of the Key Vault Certificate. ~> **NOTE:** When creating a Key Vault Certificate, at least one of `certificate` or `certificate_policy` is required. Provide `certificate` to import an existing certificate, `certificate_policy` to generate a new certificate. From a4e949ee2de9d26ecdd1a52b8915f75c1523d851 Mon Sep 17 00:00:00 2001 From: Tao <104055472+teowa@users.noreply.github.com> Date: Thu, 31 Aug 2023 11:13:08 +0800 Subject: [PATCH 2/3] update secret doc --- website/docs/r/key_vault_secret.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/key_vault_secret.html.markdown b/website/docs/r/key_vault_secret.html.markdown index d97d53b42dee..fdf1494dc62e 100644 --- a/website/docs/r/key_vault_secret.html.markdown +++ b/website/docs/r/key_vault_secret.html.markdown @@ -75,7 +75,7 @@ The following arguments are supported: * `name` - (Required) Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created. -* `value` - (Required) Specifies the value of the Key Vault Secret. +* `value` - (Required) Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret. ~> **Note:** Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with `\n` or by base 64 encoding them with `replace(file("my_secret_file"), "/\n/", "\n")` or `base64encode(file("my_secret_file"))`, respectively. From 49376da84bf463334a42532de9ed708ad9b699fb Mon Sep 17 00:00:00 2001 From: Tao <104055472+teowa@users.noreply.github.com> Date: Thu, 31 Aug 2023 11:21:50 +0800 Subject: [PATCH 3/3] fix doc char case --- website/docs/r/key_vault_certificate.html.markdown | 2 +- website/docs/r/key_vault_key.html.markdown | 2 +- .../r/key_vault_managed_hardware_security_module.html.markdown | 2 +- website/docs/r/key_vault_secret.html.markdown | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/website/docs/r/key_vault_certificate.html.markdown b/website/docs/r/key_vault_certificate.html.markdown index 77d4325b6926..ffb3cbf0bc53 100644 --- a/website/docs/r/key_vault_certificate.html.markdown +++ b/website/docs/r/key_vault_certificate.html.markdown @@ -11,7 +11,7 @@ description: |- Manages a Key Vault Certificate. -~> **Note:** the Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_certificates_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_certificates_on_destroy) for more information. +~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_certificates_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_certificates_on_destroy) for more information. ## Example Usage (Importing a PFX) diff --git a/website/docs/r/key_vault_key.html.markdown b/website/docs/r/key_vault_key.html.markdown index 34c061f85469..4633b590a03b 100644 --- a/website/docs/r/key_vault_key.html.markdown +++ b/website/docs/r/key_vault_key.html.markdown @@ -15,7 +15,7 @@ Manages a Key Vault Key. ~> **Note:** To use this resource, your client should have RBAC roles with permissions like `Key Vault Crypto Officer` or `Key Vault Administrator` or an assigned Key Vault Access Policy with permissions `Create`,`Delete`,`Get`,`Purge`,`Recover`,`Update` and `GetRotationPolicy` for keys without Rotation Policy. Include `SetRotationPolicy` for keys with Rotation Policy. -~> **Note:** the Azure Provider includes a Feature Toggle which will purge a Key Vault Key resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_keys_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_keys_on_destroy) for more information. +~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Key resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_keys_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_keys_on_destroy) for more information. ## Example Usage diff --git a/website/docs/r/key_vault_managed_hardware_security_module.html.markdown b/website/docs/r/key_vault_managed_hardware_security_module.html.markdown index 2ddcdbb8e84d..06e26b7672e6 100644 --- a/website/docs/r/key_vault_managed_hardware_security_module.html.markdown +++ b/website/docs/r/key_vault_managed_hardware_security_module.html.markdown @@ -10,7 +10,7 @@ description: |- Manages a Key Vault Managed Hardware Security Module. -~> **Note:** the Azure Provider includes a Feature Toggle which will purge a Key Vault Managed Hardware Security Module resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_hardware_security_modules_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_hardware_security_modules_on_destroy) for more information. +~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Managed Hardware Security Module resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_hardware_security_modules_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_hardware_security_modules_on_destroy) for more information. ## Example Usage diff --git a/website/docs/r/key_vault_secret.html.markdown b/website/docs/r/key_vault_secret.html.markdown index fdf1494dc62e..c6387f8e3731 100644 --- a/website/docs/r/key_vault_secret.html.markdown +++ b/website/docs/r/key_vault_secret.html.markdown @@ -14,7 +14,7 @@ Manages a Key Vault Secret. ~> **Note:** All arguments including the secret value will be stored in the raw state as plain-text. [Read more about sensitive data in state](/docs/state/sensitive-data.html). -~> **Note:** the Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_secrets_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_secrets_on_destroy) for more information. +~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_secrets_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_secrets_on_destroy) for more information. ## Example Usage