Merge branch 'master' into add-mysql-container-for-db-tests

* master: fix code blocks formatting and vault_azure_secret_* links titles (hashicorp#588) Update CHANGELOG.md Add information about Vault 1.2 for `token_*` fields (hashicorp#565) Fix grammar Add missing docs for `identity_group_policies` Fix missing quote that breaks documentation rendering. repushing Adding sidebar link to crl_config Add whitelines to address hanging "```"
martinssipenko · Oct 31, 2019 · c75b159 · c75b159
2 parents 611eb1d + 56073ab
commit c75b159
Show file tree

Hide file tree

Showing 27 changed files with 258 additions and 103 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 IMPROVEMENTS:
 
+* Improved deprecation notices for Vault 1.2 token.* fields ([#565](https://github.com/terraform-providers/terraform-provider-vault/pull/565))
 * Adds new JWT Auth role fields introduced with Vault 1.2 ([#566](https://github.com/terraform-providers/terraform-provider-vault/pull/566))
 
 ## 2.5.0 (October 17, 2019)

diff --git a/vault/data_source_kubernetes_auth_backend_role.go b/vault/data_source_kubernetes_auth_backend_role.go
@@ -49,31 +49,31 @@ func kubernetesAuthBackendRoleDataSource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description: "Policies to be set on tokens issued using this role.",
-			Deprecated:  "use `token_policies` instead",
+			Deprecated:  "use `token_policies` instead if you are running Vault >= 1.2",
 		},
 		"ttl": {
 			Type:        schema.TypeInt,
 			Optional:    true,
 			Description: "Default number of seconds to set as the TTL for issued tokens and at renewal time.",
-			Deprecated:  "use `token_ttl` instead",
+			Deprecated:  "use `token_ttl` instead if you are running Vault >= 1.2",
 		},
 		"max_ttl": {
 			Type:        schema.TypeInt,
 			Optional:    true,
 			Description: "Number of seconds after which issued tokens can no longer be renewed.",
-			Deprecated:  "use `token_max_ttl` instead",
+			Deprecated:  "use `token_max_ttl` instead if you are running Vault >= 1.2",
 		},
 		"period": {
 			Type:        schema.TypeInt,
 			Optional:    true,
 			Description: "Number of seconds to set the TTL to for issued tokens upon renewal. Makes the token a periodic token, which will never expire as long as it is renewed before the TTL each period.",
-			Deprecated:  "use `token_period` instead",
+			Deprecated:  "use `token_period` instead if you are running Vault >= 1.2",
 		},
 		"num_uses": {
 			Type:        schema.TypeInt,
 			Optional:    true,
 			Description: "Number of times issued tokens can be used. Setting this to 0 or leaving it unset means unlimited uses.",
-			Deprecated:  "use `token_num_uses` instead",
+			Deprecated:  "use `token_num_uses` instead if you are running Vault >= 1.2",
 		},
 		"bound_cidrs": {
 			Type:        schema.TypeSet,
@@ -82,7 +82,7 @@ func kubernetesAuthBackendRoleDataSource() *schema.Resource {
 			Elem: &schema.Schema{
 				Type: schema.TypeString,
 			},
-			Deprecated: "use `token_bound_cidrs` instead",
+			Deprecated: "use `token_bound_cidrs` instead if you are running Vault >= 1.2",
 		},
 	}
 

diff --git a/vault/resource_approle_auth_backend_role.go b/vault/resource_approle_auth_backend_role.go
@@ -85,14 +85,14 @@ func approleAuthBackendRoleResource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description:   "Policies to be set on tokens issued using this AppRole.",
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 		"period": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of seconds to set the TTL to for issued tokens upon renewal. Makes the token a periodic token, which will never expire as long as it is renewed before the TTL each period.",
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_period"},
 		},
 	}

diff --git a/vault/resource_aws_auth_backend_role.go b/vault/resource_aws_auth_backend_role.go
@@ -210,21 +210,21 @@ func awsAuthBackendRoleResource() *schema.Resource {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "The TTL period of tokens issued using this role, provided as the number of seconds.",
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_ttl"},
 		},
 		"max_ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "The maximum allowed lifetime of tokens issued using this role, provided as the number of seconds.",
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "If set, indicates that the token generated using this role should never expire. The token should be renewed within the duration specified by this value. At each renewal, the token's TTL will be set to the value of this field. The maximum allowed lifetime of token issued using this role. Specified as a number of seconds.",
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_period"},
 		},
 		"policies": {
@@ -234,7 +234,7 @@ func awsAuthBackendRoleResource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description:   "Policies to be set on tokens issued using this role.",
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 	}

diff --git a/vault/resource_azure_auth_backend_role.go b/vault/resource_azure_auth_backend_role.go
@@ -88,21 +88,21 @@ func azureAuthBackendRoleResource() *schema.Resource {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "The TTL period of tokens issued using this role, provided as the number of seconds.",
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_ttl"},
 		},
 		"max_ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "The maximum allowed lifetime of tokens issued using this role, provided as the number of seconds.",
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "If set, indicates that the token generated using this role should never expire. The token should be renewed within the duration specified by this value. At each renewal, the token's TTL will be set to the value of this field. The maximum allowed lifetime of token issued using this role. Specified as a number of seconds.",
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_period"},
 		},
 		"policies": {
@@ -112,7 +112,7 @@ func azureAuthBackendRoleResource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description:   "Policies to be set on tokens issued using this role.",
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 	}

diff --git a/vault/resource_cert_auth_backend_role.go b/vault/resource_cert_auth_backend_role.go
@@ -101,28 +101,28 @@ func certAuthBackendRoleResource() *schema.Resource {
 			},
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_bound_cidrs` instead",
+			Deprecated:    "use `token_bound_cidrs` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_bound_cidrs"},
 		},
 		"ttl": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_ttl"},
 		},
 		"max_ttl": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_period"},
 		},
 		"policies": {
@@ -132,7 +132,7 @@ func certAuthBackendRoleResource() *schema.Resource {
 			},
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 	}

diff --git a/vault/resource_gcp_auth_backend_role.go b/vault/resource_gcp_auth_backend_role.go
@@ -107,20 +107,20 @@ func gcpAuthBackendRoleResource() *schema.Resource {
 			Optional:      true,
 			Computed:      true,
 			ConflictsWith: []string{"token_ttl"},
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 		},
 		"max_ttl": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_period"},
 		},
 		"policies": {
@@ -130,7 +130,7 @@ func gcpAuthBackendRoleResource() *schema.Resource {
 			},
 			Optional:      true,
 			Computed:      true,
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 	}

diff --git a/vault/resource_github_auth_backend.go b/vault/resource_github_auth_backend.go
@@ -42,15 +42,15 @@ func githubAuthBackendResource() *schema.Resource {
 			Optional:      true,
 			Description:   "Duration after which authentication will be expired, in seconds.",
 			ValidateFunc:  validateDuration,
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_ttl"},
 		},
 		"max_ttl": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Description:   "Maximum duration after which authentication will be expired, in seconds.",
 			ValidateFunc:  validateDuration,
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"accessor": {

diff --git a/vault/resource_jwt_auth_backend_role.go b/vault/resource_jwt_auth_backend_role.go
@@ -130,35 +130,35 @@ func jwtAuthBackendRoleResource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description:   "Policies to be set on tokens issued using this role.",
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 		"ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Default number of seconds to set as the TTL for issued tokens and at renewal time.",
 			ConflictsWith: []string{"period", "token_ttl", "token_period"},
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 		},
 		"max_ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of seconds after which issued tokens can no longer be renewed.",
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of seconds to set the TTL to for issued tokens upon renewal. Makes the token a periodic token, which will never expire as long as it is renewed before the TTL each period.",
 			ConflictsWith: []string{"ttl", "token_period", "token_ttl"},
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 		},
 		"num_uses": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of times issued tokens can be used. Setting this to 0 or leaving it unset means unlimited uses.",
-			Deprecated:    "use `token_num_uses` instead",
+			Deprecated:    "use `token_num_uses` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_num_uses"},
 		},
 		"bound_cidrs": {
@@ -168,7 +168,7 @@ func jwtAuthBackendRoleResource() *schema.Resource {
 			Elem: &schema.Schema{
 				Type: schema.TypeString,
 			},
-			Deprecated:    "use `token_bound_cidrs` instead",
+			Deprecated:    "use `token_bound_cidrs` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_bound_cidrs"},
 		},
 	}

diff --git a/vault/resource_kubernetes_auth_backend_role.go b/vault/resource_kubernetes_auth_backend_role.go
@@ -56,35 +56,35 @@ func kubernetesAuthBackendRoleResource() *schema.Resource {
 				Type: schema.TypeString,
 			},
 			Description:   "Policies to be set on tokens issued using this role.",
-			Deprecated:    "use `token_policies` instead",
+			Deprecated:    "use `token_policies` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_policies"},
 		},
 		"ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Default number of seconds to set as the TTL for issued tokens and at renewal time.",
 			ConflictsWith: []string{"token_ttl"},
-			Deprecated:    "use `token_ttl` instead",
+			Deprecated:    "use `token_ttl` instead if you are running Vault >= 1.2",
 		},
 		"max_ttl": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of seconds after which issued tokens can no longer be renewed.",
-			Deprecated:    "use `token_max_ttl` instead",
+			Deprecated:    "use `token_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_max_ttl"},
 		},
 		"period": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of seconds to set the TTL to for issued tokens upon renewal. Makes the token a periodic token, which will never expire as long as it is renewed before the TTL each period.",
 			ConflictsWith: []string{"token_period"},
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 		},
 		"num_uses": {
 			Type:          schema.TypeInt,
 			Optional:      true,
 			Description:   "Number of times issued tokens can be used. Setting this to 0 or leaving it unset means unlimited uses.",
-			Deprecated:    "use `token_num_uses` instead",
+			Deprecated:    "use `token_num_uses` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_num_uses"},
 		},
 		"bound_cidrs": {
@@ -94,7 +94,7 @@ func kubernetesAuthBackendRoleResource() *schema.Resource {
 			Elem: &schema.Schema{
 				Type: schema.TypeString,
 			},
-			Deprecated:    "use `token_bound_cidrs` instead",
+			Deprecated:    "use `token_bound_cidrs` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_bound_cidrs"},
 		},
 	}

diff --git a/vault/resource_token_auth_backend_role.go b/vault/resource_token_auth_backend_role.go
@@ -81,13 +81,13 @@ func tokenAuthBackendRoleResource() *schema.Resource {
 			Optional:      true,
 			Description:   "Number of seconds to set the TTL to for issued tokens upon renewal. Makes the token a periodic token, which will never expire as long as it is renewed before the TTL each period.",
 			ConflictsWith: []string{"token_period", "token_ttl"},
-			Deprecated:    "use `token_period` instead",
+			Deprecated:    "use `token_period` instead if you are running Vault >= 1.2",
 		},
 		"explicit_max_ttl": {
 			Type:          schema.TypeString,
 			Optional:      true,
 			Description:   "Number of seconds after which issued tokens can no longer be renewed.",
-			Deprecated:    "use `token_explicit_max_ttl` instead",
+			Deprecated:    "use `token_explicit_max_ttl` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_explicit_max_ttl"},
 		},
 		"bound_cidrs": {
@@ -97,7 +97,7 @@ func tokenAuthBackendRoleResource() *schema.Resource {
 			Elem: &schema.Schema{
 				Type: schema.TypeString,
 			},
-			Deprecated:    "use `token_bound_cidrs` instead",
+			Deprecated:    "use `token_bound_cidrs` instead if you are running Vault >= 1.2",
 			ConflictsWith: []string{"token_bound_cidrs"},
 		},
 	}