-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add tag maps to azurerm_key_vault_secrets and azurerm_key_vault_certificates data sources #24857
feat: add tag maps to azurerm_key_vault_secrets and azurerm_key_vault_certificates data sources #24857
Conversation
…_certificates data sources It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @arylatt ! LGTM 🌴
<Actions> <action id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8"> <h3>Bump Terraform `azurerm` provider version</h3> <details id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24"> <summary>Update Terraform lock file</summary> <p>changes detected:
	"hashicorp/azurerm" updated from "3.91.0" to "3.92.0" in file ".terraform.lock.hcl"</p> <details> <summary>3.92.0</summary> <pre>Changelog retrieved from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.92.0
FEATURES:

* **New Data Source**: `azurerm_virtual_desktop_application_group` ([#24771](https://github.com/hashicorp/terraform-provider-azurerm/issues/24771))

ENHANCEMENTS:

* provider: support for the feature flag `postgresql_flexible_server.restart_server_on_configuration_value_change property` ([#23811](hashicorp/terraform-provider-azurerm#23811 dependencies: updating to v0.20240214.1142753 of `github.com/hashicorp/go-azure-sdk` ([#24889](hashicorp/terraform-provider-azurerm#24889 `automation`: updating to use the transport layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` ([#24858](hashicorp/terraform-provider-azurerm#24858 `maintenance`: updating to use the transport layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` ([#24819](hashicorp/terraform-provider-azurerm#24819 `containerapps`: updating to use the transport layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` ([#24862](hashicorp/terraform-provider-azurerm#24862 `containerservices`: updating to use the transport layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` ([#24872](hashicorp/terraform-provider-azurerm#24872 `timeseriesinsights`: updating to use the transport layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` ([#24889](hashicorp/terraform-provider-azurerm#24889 `azurerm_container_app_environment`: support for the `infrastructure_resource_group_name` property ([#24361](hashicorp/terraform-provider-azurerm#24361 `azurerm_cost_anomaly_alert` - support for the `subscription_id` property ([#24258](hashicorp/terraform-provider-azurerm#24258 `azurerm_cosmosdb_account` - add default values for the `consistency_policy` code block ([#24830](hashicorp/terraform-provider-azurerm#24830 `azurerm_dashboard_grafana` - support for the `smtp` block ([#24717](hashicorp/terraform-provider-azurerm#24717 `azurerm_key_vault_certificates` - support for the `tags` property ([#24857](hashicorp/terraform-provider-azurerm#24857 `azurerm_key_vault_secrets` - support for the `tags` property ([#24857](hashicorp/terraform-provider-azurerm#24857 `azurerm_orchestrated_virtual_machine_scale_set` - support for the `additional_unattend_content` block ([#24292](hashicorp/terraform-provider-azurerm#24292 `azurerm_virtual_desktop_host_pool` - support for the `vm_template` property ([#24369](https://github.com/hashicorp/terraform-provider-azurerm/issues/24369))

BUG FIXES:

* `azurerm_container_app_environment`: avoid unwanted changes when updating and using `log_analytics_workspace_id` ([#24303](hashicorp/terraform-provider-azurerm#24303 `azurerm_cosmosdb_account` - fixed regression in the `backup` code block ([#24830](hashicorp/terraform-provider-azurerm#24830 `azurerm_data_factory` - allow the `git_url` property to be blank/empty ([#24879](hashicorp/terraform-provider-azurerm#24879 `azurerm_linux_web_app_slot` - the `worker_count` property now works correctly in the `site_config` block ([#24515](hashicorp/terraform-provider-azurerm#24515 `azurerm_linux_web_app` - support `off` for the `file_system_level` property ([#24877](hashicorp/terraform-provider-azurerm#24877 `azurerm_linux_web_app_slot` - support `off` for the `file_system_level` property ([#24877](hashicorp/terraform-provider-azurerm#24877 `azurerm_private_endpoint` - fixing an issue where updating the Private Endpoint would remove any Application Security Group Association ([#24846](hashicorp/terraform-provider-azurerm#24846 `azurerm_search_service` - fixed the update function to adjust for changed API behaviour ([#24837](hashicorp/terraform-provider-azurerm#24837 `azurerm_search_service` - fixed the update function to adjust for changed API behaviour ([#24903](hashicorp/terraform-provider-azurerm#24903 `azurerm_windows_web_app` - support `off` for the `file_system_level` property ([#24877](hashicorp/terraform-provider-azurerm#24877 `azurerm_windows_web_app_slot` - support `off` for the `file_system_level` property ([#24877](https://github.com/hashicorp/terraform-provider-azurerm/issues/24877))


</pre> </details> </details> <a href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/3/">Jenkins pipeline link</a> </action> </Actions> --- <table> <tr> <td width="77"> <img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli logo" width="50" height="50"> </td> <td> <p> Created automatically by <a href="https://www.updatecli.io/">Updatecli</a> </p> <details><summary>Options:</summary> <br /> <p>Most of Updatecli configuration is done via <a href="https://www.updatecli.io/docs/prologue/quick-start/">its manifest(s)</a>.</p> <ul> <li>If you close this pull request, Updatecli will automatically reopen it, the next time it runs.</li> <li>If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.</li> </ul> <p> Feel free to report any issues at <a href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br /> If you find this tool useful, do not hesitate to star <a href="https://github.com/updatecli/updatecli/stargazers">our GitHub repository</a> as a sign of appreciation, and/or to tell us directly on our <a href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>! </p> </details> </td> </tr> </table> Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com> Co-authored-by: Damien Duportal <damien.duportal@gmail.com>
…_certificates data sources (hashicorp#24857) It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
…_certificates data sources (hashicorp#24857) It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags.
This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal.
This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
Looking at the existing tests in
key_vault_certificates_data_source_test.go
andkey_vault_secrets_data_source_test.go
the existing tests weren't doing any checks on the inner attributes ofcertificates
andsecrets
so I've not updated the tests for this change.