v3.1.1

3.1.1 (December 22, 2021)

BUGS:

• Prevent new entity read failures when the VAULT_TOKEN environment variable is not set (#1270)

v3.1.0

3.1.0 (December 22, 2021)

FEATURES:

• provider: Add support retrying entity reads for Client Controlled Consistency type operations (#1263)
• provider: Add support for optionally creating a batch child token via the skip_child_token option (#775)

IMPROVEMENTS:

• data/policy_document: Add support for patch capability for vault-1.9+. (#1238)
• resource/database_secret_backend_connection: Add support for InfluxDB connections (#1121)
• resource/generic_secret: Add support for deleting all version data for a KV-V2 secret (#1254)
• resource/database_secret_backend_connection: Add support configuring Contained Databases for mssql #1259)
• resource/vault_jwt_auth_backend: Add oidc_response_mode, oidc_response_types, and namespace_in_state fields #1244
• Add better error reporting whenever invalid JSON metadata is encountered (#1262)
• resource/vault_identity_entity_alias: Add custom_metadata support for entity aliases (#1235)
• resource/approle_auth_backend_role_secret_id: Update Vault provider to be compatible with Vault 1.9 changes (#1242)
• provider: Encrypt logged HTTP secret header values (#1250)
• provider: Optionally log request and response bodies (#1251)

BUGS:

• resource/identity_group_policies: Fix potential nil panic in type conversion for API policies (#1245)
• resource/aws_secret_backend_role: Fix for properly detecting changes in the JSON policy document (#1014)

v3.0.1

3.0.1 (November 23, 2021)

BUGS:

• resource/aws_secret_backend_role: Prevent invalid policy_arns from being created (#1229)
• resource/approle_auth_backend_secret_id: Handle nil cidr_list introduced in vault-1.9.0 (#1230)
• resource/kubernetes_auth_backend_config: Ensure disable_iss_validation is properly set in vault-1.9+ (#1231)

v3.0.0

3.0.0 (November 17, 2021)

FEATURES:

• New Resource vault_raft_autopilot: Configure Vault's Raft Autopilot settings (#1210)

IMPROVEMENTS:

• Upgrade Terraform Plugin SDK to v2
• Add support for client controlled consistency on Vault Enterprise (#1188)
• resource/jwt_auth_backend_role: Add field disable_bound_claims_parsing to disable bound claim value parsing, which is useful when values contain commas (#1200)
• resource/transform_template: Add encode_format and decode_formats fields for Vault Enterprise with the Advanced Data Protection Transform Module (#1214)
• data/generic_secret: Store lease_start_time UTC. (#1216)

BUGS:

• data/gcp_auth_backend_role: Report an error when attempting to access a nonexistent role. (#1184)
• data/generic_secret: Ensure lease_start_time is stored in RFC3339 format. (#770)

v2.24.1

2.24.1 (October 05, 2021)

BUGS:

• resource/vault_raft_snapshot_agent_config: Fix bug where cloud provider was missing and google_endpoint is returned as false instead of null (#1173)

v2.24.0

FEATURES:

• New Database Resource: Added support for the snowflake-database-plugin to vault_database_secret_backend_connection (#983)
• resource/vault_raft_snapshot_agent_config: Provision Raft Snapshot Agent Configurations in Vault Enterprise. (#1139)

IMPROVEMENTS:

• resource/database_secret_backend_connection: Add username_template to vault_database_secret_backend_connection (#1103)
• resource/ldap_auth_backend: Allow the creation of local mounts (#1115)
• resource/jwt_auth_backend: Allow the creation of local mounts (#1115)
• resource/consul_secret_backend: Allow the creation of local mounts (#1115)

BUGS:

• resource/vault_identity_group: Fix bug where member_entity_ids & member_group_ids were attempted to be managed on external identity groups (#1134)

v2.23.0

FEATURES:

• New Resource vault_gcp_secret_static_account: Provision Static Accounts in the GCP Secrets Engine (#1094)

IMPROVEMENTS:

• resource/database_secret_backend/mysql: Add tls_certificate_key and tls_ca options (#1098)

BUGS:

• resource/jwt_auth_backend: Fixed bug where provider_config did not configure non-string values correctly (#1118)
• resource/gcp_auth_backend: Support importing resource (#1125)
• resource/okta_auth_backend: Support importing resource (#1123)
• resource/audit: List audit only once during read (#1138)
• resource/identity_oidc_key: Error handling for identity oidc key vault calls (#1142)

v2.22.1

BUGS:

• resource/vault_identity_group: Correctly handle the case of a preexisting identity group, suggest resource import in this case (#1014)
• resource/jwt_auth_backend: Reverted (#960) due to migration errors (#1114)

v2.22.0

FEATURES:

• New Resource vault_quota_lease_count: Adds ability to manage lease-count quota's (Vault Enterprise Feature) (#948)

IMPROVEMENTS:

• Remove last dependency on github.com/terraform-providers (#1090)

BUGS:

• resource/vault_identity_group: Fix bug where metadata values are not removed if removed from file (#1061)
• resource/jwt_auth_backend: Fixed bug where provider_config only supported string values (#960)
• provider: Fix inconsistent handling of namespace when wrapping_ttl was specified in any resource (#1107)

v2.21.0

FEATURES

• data/vault_gcp_auth_backend_role: Added GCP auth role data source to fetch role ID (#1011)

IMPROVEMENTS

• provider/auth_login: Supprt AWS STS signing when method=aws for in auth_type (#1060)
• resource/vault_ldap_auth_backend: Add client_tls_cert and client_tls_key options (#1074)
• resource/vault_identity_entityAdded additional logging information about entity (#987)