Skip to content

Feat response wrapping for ephemeral vault_approle_auth_backend_role_secret_id#2829

Open
sanadhis wants to merge 1 commit intohashicorp:mainfrom
sanadhis:feat-response-wrapping-for-ephemeral-approle-auth-backend
Open

Feat response wrapping for ephemeral vault_approle_auth_backend_role_secret_id#2829
sanadhis wants to merge 1 commit intohashicorp:mainfrom
sanadhis:feat-response-wrapping-for-ephemeral-approle-auth-backend

Conversation

@sanadhis
Copy link
Copy Markdown

@sanadhis sanadhis commented Mar 16, 2026

Description

This PR updates ephemeral resource of vault_approle_auth_backend_role_secret_id, allowing us to us vault's response-wrapping by specifying wrapping_ttl

Closes #2785

Checklist

  • Added CHANGELOG entry (only for user-facing changes)
  • Acceptance tests where run against all supported Vault Versions

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccApproleAuthBackendRoleSecretID_wrapped'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test -run=TestAccApproleAuthBackendRoleSecretID_wrapped -timeout 30m ./...
?       github.com/hashicorp/terraform-provider-vault   [no test files]
?       github.com/hashicorp/terraform-provider-vault/acctestutil       [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/coverage      [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/generate      [no test files]
ok      github.com/hashicorp/terraform-provider-vault/codegen   (cached) [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/helper    [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/consts   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/framework/base   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/framework/client [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/framework/errutil        [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/framework/model  [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/framework/token  [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/framework/validators     (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/identity/entity  (cached) [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/group   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/mfa     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/pki      [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/provider (cached) [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/provider/fwprovider      [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/providertest     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/rotation [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/sync     [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/auth/cloudfoundry  (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/auth/ephemeral     1.402s
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/auth/spiffe        (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/secrets/azure      (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/secrets/ephemeral  (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/secrets/kmip       (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/secrets/pki-external-ca    (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/secrets/spiffe     (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/vault/sys        (cached) [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/schema    [no test files]
ok      github.com/hashicorp/terraform-provider-vault/testutil  (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util      (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util/mountutil    (cached) [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/vault     (cached) [no tests to run]
...

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

PCI review checklist

  • I have documented a clear reason for, and description of, the change I am making.

  • If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

  • If applicable, I've documented the impact of any changes to security controls.

    Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

@sanadhis sanadhis requested review from a team as code owners March 16, 2026 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nishthapanchratna nishthapanchratna Awaiting requested review from nishthapanchratna nishthapanchratna is a code owner automatically assigned from hashicorp/vault

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Enhancement]: ephemeral vault_approle_auth_backend_role_secret_id, missing wrapping_ttl attribute

1 participant

@sanadhis