search

hashicorp / terraform-provider-vault

Terraform Vault provider
https://www.terraform.io/docs/providers/vault/
Mozilla Public License 2.0
457 stars 536 forks source link

Remove deprecated fields from resources #2112

Closed vinay-gopalan closed 6 months ago

vinay-gopalan commented 8 months ago

Removes all fields, resources and data sources marked as Deprecated in preparation for the major version release with the multiplexed provider

List of deprecations —

Deprecated resources:
AD Secret Backend
AD Secret Library
AD Secret Role

Deprecated data sources:
AD Access Credentials

Deprecated fields:
`allowed_organization_units` — Cert Auth Backend
`length` — LDAP Secret Backend
`auto_rotate_interval` — Transit Secret Backend Key
`allowed_user_key_lengths` — SSH Backend Role
`token_type` — Consul Backend Role
`serial` — PKI Root Cert
`serial` — PKI Root Sign Intermediate
`serial` — PKI Sign
austingebauer commented 8 months ago

One question I have is if we should consider not removing the AD resources/datasources for now. My understanding is there has been some friction with some customers migrating from AD to LDAP. I am not sure if removing them would cause more pain for customers that haven't found a good migration path? I think @austingebauer may have some more context here?

That's right @fairclothjm. I would suggest leaving the AD resources in. We might end up leaving the AD secrets engine in Vault with the disclaimer that we aren't adding new features to it instead of our original plan to completely remove it. It's still a bit TBD as we work through migrations with customers.

vinay-gopalan commented 8 months ago

One question I have is if we should consider not removing the AD resources/datasources for now. My understanding is there has been some friction with some customers migrating from AD to LDAP. I am not sure if removing them would cause more pain for customers that haven't found a good migration path? I think @austingebauer may have some more context here?

That's right @fairclothjm. I would suggest leaving the AD resources in. We might end up leaving the AD secrets engine in Vault with the disclaimer that we aren't adding new features to it instead of our original plan to completely remove it. It's still a bit TBD as we work through migrations with customers.

Sounds good, thanks for the feedback y'all! I'll add the AD resources back in

fairclothjm commented 6 months ago

Closing as we will not be pursuing multiplexing at this time.