Feature/allow vault resource to update #11776
Conversation
|
+1 |
|
@apparentlymart , any idea in which version this might be merged? This is actually a feature I am waiting for. |
|
@apparentlymart , any update? |
|
+1 |
|
Hi @gerr1t! Sorry for the silence here. This looks good to me. Ideally we'd have some acceptance test coverage for having this set both on and off, but it's a bit of a tricky thing to test so I think we can pass on it for right now given the relative simplicity of this additional feature and that the rest of the behavior is already tested. I just merged this. Thanks! |
|
Thanks @apparentlymart ! |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
By default the vault_generic_secret resource is not configured to read back from vault. This means that changes cannot properly be compared. This is done for security reasons (see: Required Vault Capabilities on https://www.terraform.io/docs/providers/vault/r/generic_secret.html), so that a token can be limited to only writing to the vault server.
However, there are reason why you would want to be able to compare and update resources. This change allows this by setting allow_read value to true on the resource.