Bump hashicorp/vault from 3.25.0 to 4.2.0 in /example/vault/environments/local

[dependabot]

Bumps hashicorp/vault from 3.25.0 to 4.2.0.

Release notes

Sourced from hashicorp/vault's releases.

v4.2.0

4.2.0 (Mar 27, 2024)

FEATURES:

• Add granularity to Secrets Sync destination resources. Requires Vault 1.16+ Enterprise. (#2202)
• Add support for allowed_kubernetes_namespace_selector in vault_kubernetes_secret_backend_role (#2180).
• Add new data source vault_namespace. Requires Vault Enterprise: (#2208).
• Add new data source vault_namespaces. Requires Vault Enterprise: (#2212).

IMPROVEMENTS:

• Enable Secrets Sync Association resource to track sync status across all subkeys of a secret. Requires Vault 1.16+ Enterprise. (#2202)

BUGS:

• fix vault_approle_auth_backend_role_secret_id regression to handle 404 errors (#2204)
• fix vault_kv_secret and vault_kv_secret_v2 failure to update secret data modified outside terraform (#2207)
• fix vault_kv_secret_v2 failing on imported resource when data_json should be ignored (#2207)

v4.1.0

4.1.0 (Mar 20, 2024)

CHANGES TO VAULT POLICY REQUIREMENTS:

• Important: This release requires read policies to be set at the path level for mount metadata. The v4.0.0 release required read permissions at sys/auth/:path which was a sudo endpoint. The v4.1.0 release changed that to instead require permissions at the sys/mounts/auth/:path level and sudo is no longer required. Please refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.

FEATURES:

• Add new resource vault_config_ui_custom_message. Requires Vault 1.16+ Enterprise: (#2154).

IMPROVEMENTS:

• do not require sudo permissions for auth read operations (#2198)

BUGS:

• fix vault_azure_access_credentials to default to Azure Public Cloud (#2190)

v4.0.0

4.0.0 (Mar 13, 2024)

Important: This major version release includes performance improvements for deployments that manage many Vault secret or auth engine mounts. This release requires read policies to be set at the path level for mount metadata. For example, instead of permissions at sys/auth you must set permissions at the sys/auth/:path level. Please refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.

FEATURES:

• Add support for PKI Secrets Engine cluster configuration with the vault_pki_secret_backend_config_cluster resource. Requires Vault 1.13+ (#1949).
• Add support to enable_templating in vault_pki_secret_backend_config_urls (#2147).
• Add support for skip_import_rotation and skip_static_role_import_rotation in ldap_secret_backend_static_role and ldap_secret_backend respectively. Requires Vault 1.16+ (#2128).
• Improve logging to track full API exchanges between the provider and Vault (#2139)

... (truncated)

Changelog

Sourced from hashicorp/vault's changelog.

4.2.0 (Mar 27, 2024)

FEATURES:

• Add granularity to Secrets Sync destination resources. Requires Vault 1.16+ Enterprise. (#2202)
• Add support for allowed_kubernetes_namespace_selector in vault_kubernetes_secret_backend_role (#2180).
• Add new data source vault_namespace. Requires Vault Enterprise: (#2208).
• Add new data source vault_namespaces. Requires Vault Enterprise: (#2212).

IMPROVEMENTS:

• Enable Secrets Sync Association resource to track sync status across all subkeys of a secret. Requires Vault 1.16+ Enterprise. (#2202)

BUGS:

• fix vault_approle_auth_backend_role_secret_id regression to handle 404 errors (#2204)
• fix vault_kv_secret and vault_kv_secret_v2 failure to update secret data modified outside terraform (#2207)
• fix vault_kv_secret_v2 failing on imported resource when data_json should be ignored (#2207)

4.1.0 (Mar 20, 2024)

CHANGES TO VAULT POLICY REQUIREMENTS:

• Important: This release requires read policies to be set at the path level for mount metadata. The v4.0.0 release required read permissions at sys/auth/:path which was a sudo endpoint. The v4.1.0 release changed that to instead require permissions at the sys/mounts/auth/:path level and sudo is no longer required. Please refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.

FEATURES:

• Add new resource vault_config_ui_custom_message. Requires Vault 1.16+ Enterprise: (#2154).

IMPROVEMENTS:

• do not require sudo permissions for auth read operations (#2198)

BUGS:

• fix vault_azure_access_credentials to default to Azure Public Cloud (#2190)

4.0.0 (Mar 13, 2024)

Important: This release requires read policies to be set at the path level for mount metadata. For example, instead of permissions at sys/auth you must set permissions at the sys/auth/:path level. Please refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.

FEATURES:

• Add support for PKI Secrets Engine cluster configuration with the vault_pki_secret_backend_config_cluster resource. Requires Vault 1.13+ (#1949).
• Add support to enable_templating in vault_pki_secret_backend_config_urls (#2147).
• Add support for skip_import_rotation and skip_static_role_import_rotation in ldap_secret_backend_static_role and ldap_secret_backend respectively. Requires Vault 1.16+ (#2128).
• Improve logging to track full API exchanges between the provider and Vault (#2139)

IMPROVEMENTS:

• Improve performance of READ operations across many resources: (#2145), (#2152)

... (truncated)

Commits

• 2822bae Prep for v4.2.0 release (#2214)
• 7b81a2a add namespaces data source (#2212)
• c89a45a Update Sync Association resource to include sync metadata for all subkeys (#2...
• 786118f docs: fix error in vault_mongodbatlas_secret_backend and `vault_mongodbatl...
• e73b010 add namespace data source (#2208)
• b18d2d3 allow syncing with out-of-band changes for kv v1 and v2 (#2207)
• cd36775 approle: handle 404 on state refresh (#2204)
• 3790d6a Add version check to max_page_size in LDAP Auth Backend resource (#2187)
• 2916688 feat: add support for allowed_kubernetes_namespace_selector flag in `vault_...
• 7325966 docs: fix outstanding docs issues (#2199)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[marcofranssen]

LGTM 🚀