hashicorp · katbyte · Feb 28, 2023 · Sep 29, 2022 · Oct 15, 2022 · Nov 2, 2022
@@ -2,8 +2,8 @@ package client
 
 import (
 	"github.com/Azure/azure-sdk-for-go/services/keyvault/mgmt/2021-10-01/keyvault" // nolint: staticcheck
-	keyvaultmgmt "github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/common"
+	keyvaultmgmt "github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 type Client struct {

@@ -6,13 +6,13 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 var _ sdk.DataSource = EncryptedValueDataSource{}
@@ -37,9 +37,9 @@ func (EncryptedValueDataSource) Arguments() map[string]*schema.Schema {
 			Type:     schema.TypeString,
 			Required: true,
 			ValidateFunc: validation.StringInSlice([]string{
-				string(keyvault.RSA15),
-				string(keyvault.RSAOAEP),
-				string(keyvault.RSAOAEP256),
+				string(keyvault.JSONWebKeyEncryptionAlgorithmRSA15),
+				string(keyvault.JSONWebKeyEncryptionAlgorithmRSAOAEP),
+				string(keyvault.JSONWebKeyEncryptionAlgorithmRSAOAEP256),
 			}, false),
 		},
 		"encrypted_data": {

@@ -79,6 +79,7 @@ resource "azurerm_key_vault" "test" {
       "Purge",
       "Recover",
       "Update",
+      "GetRotationPolicy",
     ]
   }
 }

@@ -5,7 +5,6 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/locks"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
@@ -14,6 +13,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 type KeyVaultCertificateContactsResource struct{}

@@ -7,14 +7,14 @@ import (
 	"strings"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
 	keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tags"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 func dataSourceKeyVaultCertificate() *pluginsdk.Resource {

@@ -5,7 +5,6 @@ import (
 	"log"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
@@ -14,6 +13,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 func resourceKeyVaultCertificateIssuer() *pluginsdk.Resource {

@@ -11,7 +11,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
@@ -24,6 +23,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 func resourceKeyVaultCertificate() *pluginsdk.Resource {
@@ -125,10 +125,10 @@ func resourceKeyVaultCertificate() *pluginsdk.Resource {
 										Computed: true,
 										ForceNew: true,
 										ValidateFunc: validation.StringInSlice([]string{
-											string(keyvault.P256),
-											string(keyvault.P256K),
-											string(keyvault.P384),
-											string(keyvault.P521),
+											string(keyvault.JSONWebKeyCurveNameP256),
+											string(keyvault.JSONWebKeyCurveNameP256K),
+											string(keyvault.JSONWebKeyCurveNameP384),
+											string(keyvault.JSONWebKeyCurveNameP521),
 										}, false),
 									},
 									"exportable": {
@@ -155,11 +155,11 @@ func resourceKeyVaultCertificate() *pluginsdk.Resource {
 										Required: true,
 										ForceNew: true,
 										ValidateFunc: validation.StringInSlice([]string{
-											string(keyvault.EC),
-											string(keyvault.ECHSM),
-											string(keyvault.RSA),
-											string(keyvault.RSAHSM),
-											string(keyvault.Oct),
+											string(keyvault.JSONWebKeyTypeEC),
+											string(keyvault.JSONWebKeyTypeECHSM),
+											string(keyvault.JSONWebKeyTypeRSA),
+											string(keyvault.JSONWebKeyTypeRSAHSM),
+											string(keyvault.JSONWebKeyTypeOct),
 										}, false),
 									},
 									"reuse_key": {
@@ -186,8 +186,8 @@ func resourceKeyVaultCertificate() *pluginsdk.Resource {
 													Required: true,
 													ForceNew: true,
 													ValidateFunc: validation.StringInSlice([]string{
-														string(keyvault.AutoRenew),
-														string(keyvault.EmailContacts),
+														string(keyvault.CertificatePolicyActionAutoRenew),
+														string(keyvault.CertificatePolicyActionEmailContacts),
 													}, false),
 												},
 											},
@@ -255,15 +255,15 @@ func resourceKeyVaultCertificate() *pluginsdk.Resource {
 										Elem: &pluginsdk.Schema{
 											Type: pluginsdk.TypeString,
 											ValidateFunc: validation.StringInSlice([]string{
-												string(keyvault.CRLSign),
-												string(keyvault.DataEncipherment),
-												string(keyvault.DecipherOnly),
-												string(keyvault.DigitalSignature),
-												string(keyvault.EncipherOnly),
-												string(keyvault.KeyAgreement),
-												string(keyvault.KeyCertSign),
-												string(keyvault.KeyEncipherment),
-												string(keyvault.NonRepudiation),
+												string(keyvault.KeyUsageTypeCRLSign),
+												string(keyvault.KeyUsageTypeDataEncipherment),
+												string(keyvault.KeyUsageTypeDecipherOnly),
+												string(keyvault.KeyUsageTypeDigitalSignature),
+												string(keyvault.KeyUsageTypeEncipherOnly),
+												string(keyvault.KeyUsageTypeKeyAgreement),
+												string(keyvault.KeyUsageTypeKeyCertSign),
+												string(keyvault.KeyUsageTypeKeyEncipherment),
+												string(keyvault.KeyUsageTypeNonRepudiation),
 											}, false),
 										},
 									},
@@ -819,22 +819,22 @@ func expandKeyVaultCertificatePolicy(d *pluginsdk.ResourceData) (*keyvault.Certi
 	keyType := props["key_type"].(string)
 	keySize := props["key_size"].(int)
 
-	if keyType == string(keyvault.EC) || keyType == string(keyvault.ECHSM) {
+	if keyType == string(keyvault.JSONWebKeyTypeEC) || keyType == string(keyvault.JSONWebKeyTypeECHSM) {
 		if curve == "" {
 			return nil, fmt.Errorf("`curve` is required when creating an EC key")
 		}
 		// determine key_size if not specified
 		if keySize == 0 {
 			switch curve {
-			case string(keyvault.P256), string(keyvault.P256K):
+			case string(keyvault.JSONWebKeyCurveNameP256), string(keyvault.JSONWebKeyCurveNameP256K):
 				keySize = 256
-			case string(keyvault.P384):
+			case string(keyvault.JSONWebKeyCurveNameP384):
 				keySize = 384
-			case string(keyvault.P521):
+			case string(keyvault.JSONWebKeyCurveNameP521):
 				keySize = 521
 			}
 		}
-	} else if keyType == string(keyvault.RSA) || keyType == string(keyvault.RSAHSM) {
+	} else if keyType == string(keyvault.JSONWebKeyTypeRSA) || keyType == string(keyvault.JSONWebKeyTypeRSAHSM) {
 		if keySize == 0 {
 			return nil, fmt.Errorf("`key_size` is required when creating an RSA key")
 		}
@@ -858,7 +858,7 @@ func expandKeyVaultCertificatePolicy(d *pluginsdk.ResourceData) (*keyvault.Certi
 			as := v.([]interface{})
 			a := as[0].(map[string]interface{})
 			lifetimeAction.Action = &keyvault.Action{
-				ActionType: keyvault.ActionType(a["action_type"].(string)),
+				ActionType: keyvault.CertificatePolicyAction(a["action_type"].(string)),
 			}
 		}
 

@@ -4,14 +4,14 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
 	keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 func dataSourceKeyVaultCertificates() *pluginsdk.Resource {

@@ -9,14 +9,14 @@ import (
 	"math/big"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
 	keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tags"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
+	"github.com/tombuildsstuff/kermit/sdk/keyvault/7.4/keyvault"
 )
 
 func dataSourceKeyVaultKey() *pluginsdk.Resource {
@@ -170,7 +170,7 @@ func dataSourceKeyVaultKeyRead(d *pluginsdk.ResourceData, meta interface{}) erro
 		d.Set("curve", key.Crv)
 
 		if key := resp.Key; key != nil {
-			if key.Kty == keyvault.RSA || key.Kty == keyvault.RSAHSM {
+			if key.Kty == keyvault.JSONWebKeyTypeRSA || key.Kty == keyvault.JSONWebKeyTypeRSAHSM {
 				nBytes, err := base64.RawURLEncoding.DecodeString(*key.N)
 				if err != nil {
 					return fmt.Errorf("failed to decode N: %+v", err)
@@ -187,7 +187,7 @@ func dataSourceKeyVaultKeyRead(d *pluginsdk.ResourceData, meta interface{}) erro
 				if err != nil {
 					return fmt.Errorf("failed to read public key: %+v", err)
 				}
-			} else if key.Kty == keyvault.EC || key.Kty == keyvault.ECHSM {
+			} else if key.Kty == keyvault.JSONWebKeyTypeEC || key.Kty == keyvault.JSONWebKeyTypeECHSM {
 				// do ec keys
 				xBytes, err := base64.RawURLEncoding.DecodeString(*key.X)
 				if err != nil {
@@ -202,11 +202,11 @@ func dataSourceKeyVaultKeyRead(d *pluginsdk.ResourceData, meta interface{}) erro
 					Y: big.NewInt(0).SetBytes(yBytes),
 				}
 				switch key.Crv {
-				case keyvault.P256:
+				case keyvault.JSONWebKeyCurveNameP256:
 					publicKey.Curve = elliptic.P256()
-				case keyvault.P384:
+				case keyvault.JSONWebKeyCurveNameP384:
 					publicKey.Curve = elliptic.P384()
-				case keyvault.P521:
+				case keyvault.JSONWebKeyCurveNameP521:
 					publicKey.Curve = elliptic.P521()
 				}
 				if publicKey.Curve != nil {