fix: Remove hmac-md5-96 authentication from IPSec VPN policy

Signed-off-by: Yussuf Shaikh <yussuf.shaikh@ibm.com> Fixes IBM-Cloud#3515
yussufsh · Jan 24, 2022 · 34d79e7 · 34d79e7
1 parent e588feb
commit 34d79e7
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 6 deletions.
diff --git a/ibm/service/power/resource_ibm_pi_ipsec_policy.go b/ibm/service/power/resource_ibm_pi_ipsec_policy.go
@@ -74,7 +74,7 @@ func ResourceIBMPIIPSecPolicy() *schema.Resource {
 				Type:         schema.TypeString,
 				Optional:     true,
 				Default:      "none",
-				ValidateFunc: validate.ValidateAllowedStringValues([]string{"hmac-md5-96", "hmac-sha-256-128", "hmac-sha1-96", "none"}),
+				ValidateFunc: validate.ValidateAllowedStringValues([]string{"hmac-sha-256-128", "hmac-sha1-96", "none"}),
 				Description:  "Authentication for the IPSec Policy",
 			},
 

diff --git a/ibm/service/power/resource_ibm_pi_ipsec_policy_test.go b/ibm/service/power/resource_ibm_pi_ipsec_policy_test.go
@@ -33,7 +33,7 @@ func TestAccIBMPIIPSecPolicyBasic(t *testing.T) {
 					testAccCheckIBMPIIPSecPolicyExists(policyRes),
 					resource.TestCheckResourceAttr(policyRes, "pi_policy_name", name),
 					resource.TestCheckResourceAttrSet(policyRes, "policy_id"),
-					resource.TestCheckResourceAttr(policyRes, "pi_policy_authentication", "hmac-md5-96"),
+					resource.TestCheckResourceAttr(policyRes, "pi_policy_authentication", "hmac-sha-256-128"),
 				),
 			},
 		},
@@ -98,7 +98,7 @@ func testAccCheckIBMPIIPSecPolicyConfig(name string) string {
 		pi_policy_encryption = "3des-cbc"
 		pi_policy_key_lifetime = 180
 		pi_policy_pfs = true
-		pi_policy_authentication = "hmac-md5-96"
+		pi_policy_authentication = "hmac-sha-256-128"
 	}
 	`, acc.Pi_cloud_instance_id, name)
 }
diff --git a/ibm/service/power/resource_ibm_pi_vpn_connection_test.go b/ibm/service/power/resource_ibm_pi_vpn_connection_test.go
@@ -129,7 +129,7 @@ func testAccCheckIBMPIVPNConnectionConfig(name string) string {
 		pi_policy_encryption = "3des-cbc"
 		pi_policy_key_lifetime = 180
 		pi_policy_pfs = true
-		pi_policy_authentication = "hmac-md5-96"
+		pi_policy_authentication = "hmac-sha-256-128"
 	}
 	resource "ibm_pi_network" "private_network1" {
 		pi_cloud_instance_id	= "%[1]s"
@@ -168,7 +168,7 @@ func testAccCheckIBMPIVPNConnectionNetworkSubnetConfig(name string) string {
 		pi_policy_encryption = "3des-cbc"
 		pi_policy_key_lifetime = 180
 		pi_policy_pfs = true
-		pi_policy_authentication = "hmac-md5-96"
+		pi_policy_authentication = "hmac-sha-256-128"
 	}
 	resource "ibm_pi_network" "private_network1" {
 		pi_cloud_instance_id	= "%[1]s"

diff --git a/website/docs/r/pi_vpn_ipsec_policy.html.markdown b/website/docs/r/pi_vpn_ipsec_policy.html.markdown
@@ -21,7 +21,7 @@ The following example creates a IPSec Policy.
 		pi_policy_encryption = "3des-cbc"
 		pi_policy_key_lifetime = 180
 		pi_policy_pfs = true
-		pi_policy_authentication = "hmac-md5-96"
+		pi_policy_authentication = "hmac-sha-256-128"
 	}
 ```