* Fix db getpluginname (#2704)
* Update resource_database_secret_backend_connection.go
Modify getDatabaseAPIDataForEngine to use unifiedSchema and then been able to getPluginName:
- with the prefix (UnifiedSchema = true)
- without the prefix (UnifiedSchema = false)
* modified: vault/resource_database_secret_backend_connection_test.go
* modified: vault/resource_database_secret_backend_connection_test.go
* modified: vault/resource_database_secret_backend_connection_test.go
* modified: vault/resource_database_secret_backend_connection_test.go
* Update CHANGELOG.md
* Added configuration parameters for Github destination
* CHANGELOG.md updated with PR request
* Example usage snippet and description updated for the added configuration and networking paramameters
* Formatting correction
* typeSet implemented for ipv4address, ipv6address and allowed_port paramaters. Review comments accomodated
* SyncDestinationCreateUpdateWithOptions added to mitigate code duplication due to typeSet implementation for ipv4address, ipv6address, allowed_port parameters
* auth/aws: Enhance AWS authentication with role assumption and custom endpoints.
- Refactor `getLoginData` to support role assumption using STS.
- Introduce custom endpoint resolvers for STS and IAM services.
- Update `getCredentialsConfig` to utilize new options for role ARN and session name.
- Implement `generateLoginData` to create presigned requests for AWS API calls.
- Add unit tests for role assumption logic, session token handling, and custom endpoint configuration.
- Migrate to `awsutil/v2` for improved credential management.
* auth/aws: Update CHANGELOG.
* Refactor AWS credential retrieval in generateLoginData for clear error handling.
* added support in mongodb database plugin for for tls_ca,tls_certificate_key,write_concern
* added changelog and docs
* read all fields from vault api response
* add normalization and validation for json field write_concern
* ephemeral/aws: Add Vault AWS static access credentials ephemeral resource.
* Refactor: Use mount field attribute instead of deprecated backend.
* Add docstrings to AWS ephemeral resource functions and models.
* Update docs to reflect backend to mount changes.
* Add ephemeral AWS access credentials resource, tests and docs.
* Add lease start time and security token constants.
* Code and test added for aws_access_credentials ephemeral resource
* Mount implemented and retry logic removed
* Mount added in the test case, and test case on assume role removed.
* Setting ephemeral name as creds
* WriteWithContext added for credType=sts
* Comments added for the code implementation
* Comments added for Open method
* Removed duplicate field from consts.go
---------
Co-authored-by: Balaji <balaji.b@hashicorp.com>
* added azure_access_credentials ephemeral resource
* minor refactor
* added doc
* added changelog entry
* minor fix
* fixed test
* added retry with backoff and removed changelog
* rename var and use consts in schema
* checking status code as well for retry
* minor refactor
* reduced defaultNumSequentialSuccesses to 4
* fix doc
* add token_auth_metadata field
* add token_auth_metadata field to auth role endpoints
* add skip functions for tests
* add docs and changelog
* add description
* change name to alias_metadata
* fix merge errors
* fix formatting
* VAULT-39758 add ttl and max_ttl to gcp secret backend
* VAULT-39758 added change log
* VAULT-39758 GetImportTestStep update for ttl and max_ttl field
* VAULT-39758 logic change for v1.16 and negative testing scenario added
* VAULT-39758 Negative testing by removing ttl
* VAULT-39758 Removed 1.16 version check as the fields are available since 1.16
* VAULT-39760 alias attributes and role id added to gcp auth backend
* VAULT-39760 Updating PR link to change log
* VAULT-39760 Updated computed as true
* VAULT-39760 Acceptance test update
* Code modified to add following parameters:request_timeout,dereference_aliases,enable_samaccountname_login,anonymous_group_search in ldap_auth_backend resource
* TestFieldRequestTimeoutValidation method modified in resource_ldap_auth_backend_test.go file
* Version check condition added for enable_samaccountname_login parameter in resource_ldap_auth_backend_test.go file
* test cases are updated with SkipFunc method for vault version check
* Removing unused method isSamAccountNameLoginSupported
* Handled the test failure in acceptance test
* Optional field details added
* Test case added for req_timeout, dereference_aliases, enable_samaccountname_login, anonymous_group_search parameters
* Test case added to verify defaults for the added parameters in LDAP Auth Config
* Added backward compatibility check for enable_samaccountname_login parameter
* Removing FieldEnableSamaccountnameLogin from ldapAuthBackendFields list
* PR link updated
* Comments updated for argument:enable_samaccountname_login
* Removed duplicated
* WIP: Add support for SPIFFE auth configuration
* use api model technique
* Address import issues
* Rename spiffe object to SpiffeAuthConfigModel
* Import without ID
* Leverage API model again with StringNull setting
* Rename and implement ResourceWithImportState
* Fix comment
* Remove support for parsing namespaces from import ID
* WIP Add SPIFFE role resource
* Add new generic token model for auth roles and new framework
* godocs and various small tweaks
* Rename resource name to match existing pattern and add docs
* Add cl
* Add ability to filter tests by Vault version
* Revert "Add ability to filter tests by Vault version"
This reverts commit 0a8c445a199230113ffac763171730fdaa8dfd9c.
* Review feedback
* Filter tests by Vault version - take 2
* Apply suggestions from code review
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
* PR feedback, remove text pre checks and a bad comment
* PR feedback: Rename helper methods names to match old names
---------
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
* add retry fields to azure backend config
* added docs and changelog
* used consts
* fix test
* fix default handling logic
* addressed review comments
* change schema type to int for max retry fields
* minor fix
* fix tests
* refactor import tests
* added pr link in changelog
* secrets/aws: Add max_retries field to AWS Secret Backend.
* secrets/aws: Update CHANGELOG.
* Fix max_retries handling in AWS Secret Backend and add tests for various configurations.
* Update max_retries handling in AWS Secret Backend to set default value and enhance tests.
* Update AWS Secret Backend tests to use updated lease TTL field names.
* merge tune block fields using user provided values and tune API response - JWT (#2560)
* merge tune block fields using user provided values and tune API response - GitHub and generic auth (#2565)
* document behavior changes on CHANGELOG and 5.X upgrade guide
* add tune block and merge its fields using user provided values and tune API response - SAML (#2566)
* merge tune block fields using user provided values and tune API response - GCP and OCI (#2596)
* change tune type from schema.TypeSet to schema.TypeList and add tune block to LDAP and Okta (#2602)
* change tune type from schema.Set to schema.TypeList with MatItems:1 to ref individual fields using .0.field syntax
* mark token_max_ttl, token_ttl, and token_type conflict with tune block fields
* Fix vault_pki_secret_backend_crl_config to set disable to false
- Fix `vault_pki_secret_backend_crl_config` to send fields to the
Vault endpoint when they are set to the zero based value.
This mainly allows it to now disable options that had been
previously set.
* Add cl
* Limit new testCrlZeroValues test to enterprise runs
- Instead of using a reserved oid from LetsEncrypt in our
documentation (1.3.6.1.4.1.44947.1.2.4),
use 1.3.6.1.4.1.32473.1.2.4, which is in the reserved space
for docs and examples based on RFC 5612
