search

hashicorp / terraform-provider-vault

Terraform Vault provider
https://www.terraform.io/docs/providers/vault/
Mozilla Public License 2.0
467 stars 542 forks source link

[Enhancement]: Support allowed_domains as HCL list instead of CSV string on vault_ssh_secret_backend_role #2333

Open smaddock opened 1 month ago

smaddock commented 1 month ago

Description

Currently the allowed_domains field of the vault_ssh_secret_backend_role resource accepts multiple domains as a comma-separated string. HCL supports lists natively, but using one currently returns:

Inappropriate value for attribute "allowed_domains": string required.

This makes configurations less readable, harder to debug, and requires more overhead to concatenate the string.

Affected Resource(s) and/or Data Source(s)

Potential Terraform Configuration

resource "vault_ssh_secret_backend_role" "host" {
  allow_host_certificates = true
  allowed_domains         = ["host1.com", "host2.com"]
  backend                 = vault_mount.ssh.path
  key_type                = "ca"
  name                    = "host"
}

References

No response

Would you like to implement a fix?

None