Add support for allowed_kubernetes_namespace_selector in vault_kubernetes_secret_backend_role (#2180).
Add new data source vault_namespace. Requires Vault Enterprise: (#2208).
Add new data source vault_namespaces. Requires Vault Enterprise: (#2212).
IMPROVEMENTS:
Enable Secrets Sync Association resource to track sync status across all subkeys of a secret. Requires Vault 1.16+ Enterprise. (#2202)
BUGS:
fix vault_approle_auth_backend_role_secret_id regression to handle 404 errors (#2204)
fix vault_kv_secret and vault_kv_secret_v2 failure to update secret data modified outside terraform (#2207)
fix vault_kv_secret_v2 failing on imported resource when data_json should be ignored (#2207)
v4.1.0
4.1.0 (Mar 20, 2024)
CHANGES TO VAULT POLICY REQUIREMENTS:
Important: This release requires read policies to be set at the path level for mount metadata.
The v4.0.0 release required read permissions at sys/auth/:path which was a
sudo endpoint. The v4.1.0 release changed that to instead require permissions
at the sys/mounts/auth/:path level and sudo is no longer required. Please
refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.
FEATURES:
Add new resource vault_config_ui_custom_message. Requires Vault 1.16+ Enterprise: (#2154).
IMPROVEMENTS:
do not require sudo permissions for auth read operations (#2198)
BUGS:
fix vault_azure_access_credentials to default to Azure Public Cloud (#2190)
Add support for allowed_kubernetes_namespace_selector in vault_kubernetes_secret_backend_role (#2180).
Add new data source vault_namespace. Requires Vault Enterprise: (#2208).
Add new data source vault_namespaces. Requires Vault Enterprise: (#2212).
IMPROVEMENTS:
Enable Secrets Sync Association resource to track sync status across all subkeys of a secret. Requires Vault 1.16+ Enterprise. (#2202)
BUGS:
fix vault_approle_auth_backend_role_secret_id regression to handle 404 errors (#2204)
fix vault_kv_secret and vault_kv_secret_v2 failure to update secret data modified outside terraform (#2207)
fix vault_kv_secret_v2 failing on imported resource when data_json should be ignored (#2207)
4.1.0 (Mar 20, 2024)
CHANGES TO VAULT POLICY REQUIREMENTS:
Important: This release requires read policies to be set at the path level for mount metadata.
The v4.0.0 release required read permissions at sys/auth/:path which was a
sudo endpoint. The v4.1.0 release changed that to instead require permissions
at the sys/mounts/auth/:path level and sudo is no longer required. Please
refer to the details in the Terraform Vault Provider 4.0.0 Upgrade Guide.
FEATURES:
Add new resource vault_config_ui_custom_message. Requires Vault 1.16+ Enterprise: (#2154).
IMPROVEMENTS:
do not require sudo permissions for auth read operations (#2198)
BUGS:
fix vault_azure_access_credentials to default to Azure Public Cloud (#2190)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps hashicorp/vault from 4.0.0 to 4.2.0.
Release notes
Sourced from hashicorp/vault's releases.
Changelog
Sourced from hashicorp/vault's changelog.
Commits
2822bae
Prep for v4.2.0 release (#2214)7b81a2a
add namespaces data source (#2212)c89a45a
Update Sync Association resource to include sync metadata for all subkeys (#2...786118f
docs: fix error invault_mongodbatlas_secret_backend
and `vault_mongodbatl...e73b010
add namespace data source (#2208)b18d2d3
allow syncing with out-of-band changes for kv v1 and v2 (#2207)cd36775
approle: handle 404 on state refresh (#2204)3790d6a
Add version check tomax_page_size
in LDAP Auth Backend resource (#2187)2916688
feat: add support forallowed_kubernetes_namespace_selector
flag in `vault_...7325966
docs: fix outstanding docs issues (#2199)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show