Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[terraform-ibm-secrets-manager] Add support to create service specific role credentials in the secrets submodule #269

Closed
ocofaigh opened this issue Jan 22, 2025 · 1 comment
Closed

[terraform-ibm-secrets-manager] Add support to create service specific role credentials in the secrets submodule #269

ocofaigh opened this issue Jan 22, 2025 · 1 comment
Assignees
@shemau
Labels
internal-synced

Comments

@ocofaigh
Copy link
Member

ocofaigh commented Jan 22, 2025
edited
Loading

The changes in terraform-ibm-modules/terraform-ibm-secrets-manager-secret#249 need to be made in the secrets submodule:

variable "secrets" {
  type = list(object({
    secret_group_name        = string
    secret_group_description = optional(string)
    existing_secret_group    = optional(bool, false)
    secrets = optional(list(object({
      secret_name                             = string
      secret_description                      = optional(string)
      secret_type                             = optional(string)
      imported_cert_certificate               = optional(string)
      imported_cert_private_key               = optional(string)
      imported_cert_intermediate              = optional(string)
      secret_username                         = optional(string)
      secret_labels                           = optional(list(string), [])
      secret_payload_password                 = optional(string, "")
      secret_auto_rotation                    = optional(bool, true)
      secret_auto_rotation_unit               = optional(string, "day")
      secret_auto_rotation_interval           = optional(number, 89)
      service_credentials_ttl                 = optional(string, "7776000") # 90 days
      service_credentials_source_service_crn  = optional(string)
      service_credentials_source_service_role_crn = optional(string)  ## <----- updated to `service_credentials_source_service_role_crn`
      service_credentials_source_service_hmac = optional(bool, false)
    })))
  }))

Suggest to add variable validation to use regex to ensure the value is in the format of a CRN string
@ocofaigh ocofaigh mentioned this issue Jan 22, 2025
Open
@ocofaigh ocofaigh changed the title [terraform-ibm-secrets-manager-secret] Add support to create service specific role credentials in the secrets submodule [terraform-ibm-secrets-manager] Add support to create service specific role credentials in the secrets submodule Jan 22, 2025
@shemau shemau self-assigned this Jan 22, 2025
@shemau
Copy link
Contributor

shemau commented Feb 5, 2025

Resolved in #273, version 1.22.0.

@shemau shemau closed this as completed Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shemau shemau

Labels
internal-synced
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@shemau @ocofaigh @terraform-ibm-modules-ops