You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.
Terraform Version
Terraform v0.12.18
+ provider.vault v2.7.0
Affected Resource(s)
vault_aws_secret_backend
Terraform Configuration Files
resource"vault_aws_secret_backend""aws" {}
Expected Behavior
Should apply and create a new aws secret backend
Actual Behavior
Error: Missing required argument
on aws-secret.tf line 10, in resource "vault_aws_secret_backend" "aws":
10: resource "vault_aws_secret_backend" "aws" {
The argument "secret_key" is required, but no definition was found.
Error: Missing required argument
on aws-secret.tf line 10, in resource "vault_aws_secret_backend" "aws":
10: resource "vault_aws_secret_backend" "aws" {
The argument "access_key" is required, but no definition was found.
Hi there,
Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.
Terraform Version
Affected Resource(s)
Terraform Configuration Files
Expected Behavior
Should apply and create a new aws secret backend
Actual Behavior
Steps to Reproduce
terraform plan
Explanation
https://github.com/terraform-providers/terraform-provider-vault/blob/bd8d994d16147ea49d1f2408927773584ea447bf/vault/resource_aws_secret_backend.go#L60-L71
These arguments are marked as required, but the Vault documentation says they are not:
https://www.vaultproject.io/docs/secrets/aws/index.html
You can also specify the credentials via the standard AWS environment credentials, shared file credentials, or IAM role/ECS task credentials.
https://github.com/hashicorp/vault/blob/bfb63d7220a67d720634a9c2e1f3aa1d75b9c8ad/builtin/logical/aws/client.go#L58-L69
https://github.com/hashicorp/vault/blob/bfb63d7220a67d720634a9c2e1f3aa1d75b9c8ad/helper/awsutil/generate_credentials.go#L49-L51
Simple fix is to simply drop the requirement.
Thanks!
The text was updated successfully, but these errors were encountered: