[Enhancement]: Allow updating vault_kv_secret_v2 metadata
with disable_read=true
#2273
Labels
vault_kv_secret_v2 metadata
with disable_read=true
#2273
Description
We are using Terraform to provision our Vault, but we cannot have any secrets show up in the state. We would like to use
vault_kv_secret_v2
to create keys and optionally set non-secret metadata. Withdisable_read=true
, we understand that drift would not be detected, but the desired behavior is that any updates to the metadata in Terraform config would be applied.Currently, this does not work because with
data_json
set to"{}"
, any metadata changes wipe all the actual data that was set via the Vault CLI.Affected Resource(s) and/or Data Source(s)
Potential Terraform Configuration
References
No response
Would you like to implement a fix?
No
The text was updated successfully, but these errors were encountered: