Open tobsval opened 9 months ago
tobsval
commented
9 months ago Looking at the Go code, perhaps the issue is at this line? https://github.com/hashicorp/terraform-provider-vault/blob/e3f8bc994c895ec7a7538cee9cf0b30cf9368975/vault/resource_pki_secret_backend_config_ca.go#L63C2-L63C18
The Id seems set to "backend" rather than the actual Vault-side ID of the issuer.
hariscodes
commented
9 months ago We're running into this problem as well. Our state demonstrates the issue pretty clearly, I feel:
resource "vault_pki_secret_backend_config_ca" "ca" {
backend = "pki"
id = "pki"
pem_bundle = (sensitive value)
}We can't chain this into setting the issuer name and setting it as the default issuer on the mount. This is a pretty big problem.
kwohlfahrt
commented
9 months ago +1, I am also affected by this issue. It doesn't seem to be possible to name the resultant issuer, or set it as default, as I have no way to access the issuer.
It may be related or a different issue, but when deleting the vault_pki_secret_config_ca resource, the issuer is not correctly removed from Vault.
Terraform Core Version
1.5.7
Terraform Vault Provider Version
3.23.0
Vault Server Version
1.15.2
Affected Resource(s)
https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/pki_secret_backend_config_ca
Expected Behavior
The resource should return the actual ID and not the mount point of the secret engine.
The ID should look something like: fea6b09f-40a2-178a-eb34-9b3a139b2825
Actual Behavior
When we try to access the id of pki_secret_backend_config_ca, the provider returns "pki" instead of the actual ID of the resource on Vault
Relevant Error/Panic Output Snippet
Terraform Configuration Files
https://gist.github.com/tobsval/09e698a9a5a876c272248c34b17a7ee3
Steps to Reproduce
See attached code
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
No