feat: add tag maps to azurerm_key_vault_secrets and azurerm_key_vault_certificates data sources #24857
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…_certificates data sources It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
katbyte
added a commit
that referenced
this pull request
Feb 15, 2024
dduportal
added a commit
to jenkins-infra/azure
that referenced
this pull request
Feb 19, 2024
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
<h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
<summary>Update Terraform lock file</summary>
<p>changes detected:
	"hashicorp/azurerm" updated from
"3.91.0" to "3.92.0" in file
".terraform.lock.hcl"</p>
<details>
<summary>3.92.0</summary>
<pre>Changelog retrieved
from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.92.0
FEATURES:

*
**New Data Source**: `azurerm_virtual_desktop_application_group`
([#24771](https://github.com/hashicorp/terraform-provider-azurerm/issues/24771))

ENHANCEMENTS:

*
provider: support for the feature flag
`postgresql_flexible_server.restart_server_on_configuration_value_change
property`
([#23811](hashicorp/terraform-provider-azurerm#23811
dependencies: updating to v0.20240214.1142753 of
`github.com/hashicorp/go-azure-sdk`
([#24889](hashicorp/terraform-provider-azurerm#24889
`automation`: updating to use the transport layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
([#24858](hashicorp/terraform-provider-azurerm#24858
`maintenance`: updating to use the transport layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
([#24819](hashicorp/terraform-provider-azurerm#24819
`containerapps`: updating to use the transport layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
([#24862](hashicorp/terraform-provider-azurerm#24862
`containerservices`: updating to use the transport layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
([#24872](hashicorp/terraform-provider-azurerm#24872
`timeseriesinsights`: updating to use the transport layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
([#24889](hashicorp/terraform-provider-azurerm#24889
`azurerm_container_app_environment`: support for the
`infrastructure_resource_group_name` property
([#24361](hashicorp/terraform-provider-azurerm#24361
`azurerm_cost_anomaly_alert` - support for the `subscription_id`
property
([#24258](hashicorp/terraform-provider-azurerm#24258
`azurerm_cosmosdb_account` - add default values for the
`consistency_policy` code block
([#24830](hashicorp/terraform-provider-azurerm#24830
`azurerm_dashboard_grafana` - support for the `smtp` block
([#24717](hashicorp/terraform-provider-azurerm#24717
`azurerm_key_vault_certificates` - support for the `tags` property
([#24857](hashicorp/terraform-provider-azurerm#24857
`azurerm_key_vault_secrets` - support for the `tags` property
([#24857](hashicorp/terraform-provider-azurerm#24857
`azurerm_orchestrated_virtual_machine_scale_set` - support for the
`additional_unattend_content` block
([#24292](hashicorp/terraform-provider-azurerm#24292
`azurerm_virtual_desktop_host_pool` - support for the `vm_template`
property
([#24369](https://github.com/hashicorp/terraform-provider-azurerm/issues/24369))

BUG
FIXES:

* `azurerm_container_app_environment`: avoid unwanted
changes when updating and using `log_analytics_workspace_id`
([#24303](hashicorp/terraform-provider-azurerm#24303
`azurerm_cosmosdb_account` - fixed regression in the `backup` code block
([#24830](hashicorp/terraform-provider-azurerm#24830
`azurerm_data_factory` - allow the `git_url` property to be blank/empty
([#24879](hashicorp/terraform-provider-azurerm#24879
`azurerm_linux_web_app_slot` - the `worker_count` property now works
correctly in the `site_config` block
([#24515](hashicorp/terraform-provider-azurerm#24515
`azurerm_linux_web_app` - support `off` for the `file_system_level`
property
([#24877](hashicorp/terraform-provider-azurerm#24877
`azurerm_linux_web_app_slot` - support `off` for the `file_system_level`
property
([#24877](hashicorp/terraform-provider-azurerm#24877
`azurerm_private_endpoint` - fixing an issue where updating the Private
Endpoint would remove any Application Security Group Association
([#24846](hashicorp/terraform-provider-azurerm#24846
`azurerm_search_service` - fixed the update function to adjust for
changed API behaviour
([#24837](hashicorp/terraform-provider-azurerm#24837
`azurerm_search_service` - fixed the update function to adjust for
changed API behaviour
([#24903](hashicorp/terraform-provider-azurerm#24903
`azurerm_windows_web_app` - support `off` for the `file_system_level`
property
([#24877](hashicorp/terraform-provider-azurerm#24877
`azurerm_windows_web_app_slot` - support `off` for the
`file_system_level` property
([#24877](https://github.com/hashicorp/terraform-provider-azurerm/issues/24877))


</pre>
</details>
</details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/3/">Jenkins
pipeline link</a>
</action>
</Actions>
---
<table>
<tr>
<td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
</td>
<td>
<p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
</p>
<details><summary>Options:</summary>
<br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
<ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
</ul>
<p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
</p>
</details>
</td>
</tr>
</table>
Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
Co-authored-by: Damien Duportal <damien.duportal@gmail.com>
rizkybiz
pushed a commit
to rizkybiz/terraform-provider-azurerm
that referenced
this pull request
Feb 21, 2024
…_certificates data sources (hashicorp#24857) It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
rizkybiz
pushed a commit
to rizkybiz/terraform-provider-azurerm
that referenced
this pull request
Feb 21, 2024
rizkybiz
pushed a commit
to rizkybiz/terraform-provider-azurerm
that referenced
this pull request
Feb 29, 2024
…_certificates data sources (hashicorp#24857) It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags. This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal. This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
rizkybiz
pushed a commit
to rizkybiz/terraform-provider-azurerm
that referenced
this pull request
Feb 29, 2024
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It can be useful when looking up secrets/certificates in Azure Key Vault to find them by tags instead of by names. Currently if you want to achieve this, you have to use the list (e.g. azurerm_key_vault_secrets) data source, and then pull in the actual data (e.g. azurerm_key_vault_secret) to be able to find secrets/certs by tags.
This also results in the (secret) values for every secret/cert in the Key Vault being pulled in to the state file to achieve the behaviour, which is not necessarily ideal.
This change allows accessing the tags of the secrets/certs without necessarily needing to pull in all the secret values.
Looking at the existing tests in
key_vault_certificates_data_source_test.goandkey_vault_secrets_data_source_test.gothe existing tests weren't doing any checks on the inner attributes ofcertificatesandsecretsso I've not updated the tests for this change.