diff --git a/.secrets.baseline b/.secrets.baseline index 1a32c01fea..767cf2a4ed 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.mod|go.sum|.*.map|^.secrets.baseline$", "lines": null }, - "generated_at": "2023-03-30T15:45:05Z", + "generated_at": "2023-04-10T12:58:09Z", "plugins_used": [ { "name": "ArtifactoryDetector" @@ -704,7 +704,7 @@ "hashed_secret": "813274ccae5b6b509379ab56982d862f7b5969b6", "is_secret": false, "is_verified": false, - "line_number": 912, + "line_number": 925, "type": "Base64 High Entropy String", "verified_result": null } @@ -764,7 +764,7 @@ "hashed_secret": "9982fcad895acdfd083f1f38a5e9b44a084e4747", "is_secret": false, "is_verified": false, - "line_number": 97, + "line_number": 99, "type": "Secret Keyword", "verified_result": null } @@ -774,7 +774,7 @@ "hashed_secret": "da8cae6284528565678de15e03d461e23fe22538", "is_secret": false, "is_verified": false, - "line_number": 1712, + "line_number": 1714, "type": "Secret Keyword", "verified_result": null } @@ -784,7 +784,7 @@ "hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9", "is_secret": false, "is_verified": false, - "line_number": 1628, + "line_number": 1646, "type": "Secret Keyword", "verified_result": null }, @@ -792,7 +792,7 @@ "hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437", "is_secret": false, "is_verified": false, - "line_number": 1634, + "line_number": 1652, "type": "Secret Keyword", "verified_result": null } @@ -1084,7 +1084,7 @@ "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4", "is_secret": false, "is_verified": false, - "line_number": 441, + "line_number": 442, "type": "Secret Keyword", "verified_result": null } @@ -1094,7 +1094,7 @@ "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4", "is_secret": false, "is_verified": false, - "line_number": 87, + "line_number": 88, "type": "Secret Keyword", "verified_result": null }, @@ -1102,7 +1102,7 @@ "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f", "is_secret": false, "is_verified": false, - "line_number": 447, + "line_number": 450, "type": "Secret Keyword", "verified_result": null } @@ -1378,7 +1378,7 @@ "hashed_secret": "5a18bef73f31ac1a84a963be1a2c6cdbb7830c93", "is_secret": false, "is_verified": false, - "line_number": 41, + "line_number": 42, "type": "Secret Keyword", "verified_result": null } @@ -1798,7 +1798,7 @@ "hashed_secret": "884a58e4c2c5d195d3876787bdc63af6c5af2924", "is_secret": false, "is_verified": false, - "line_number": 504, + "line_number": 499, "type": "Secret Keyword", "verified_result": null } @@ -1818,7 +1818,7 @@ "hashed_secret": "b02fa7fd7ca08b5dc86c2548e40f8a21171ef977", "is_secret": false, "is_verified": false, - "line_number": 513, + "line_number": 492, "type": "Secret Keyword", "verified_result": null } @@ -1848,7 +1848,7 @@ "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4", "is_secret": false, "is_verified": false, - "line_number": 1570, + "line_number": 1575, "type": "Secret Keyword", "verified_result": null }, @@ -1856,7 +1856,7 @@ "hashed_secret": "2c7d1e61c036dc18b2e9b3e6392c8e59c8437f23", "is_secret": false, "is_verified": false, - "line_number": 1923, + "line_number": 1932, "type": "Secret Keyword", "verified_result": null } @@ -3416,7 +3416,7 @@ "hashed_secret": "f855f5027fd8fdb2df3f6a6f1cf858fffcbedb0c", "is_secret": false, "is_verified": false, - "line_number": 85021, + "line_number": 84849, "type": "Secret Keyword", "verified_result": null }, @@ -3424,7 +3424,7 @@ "hashed_secret": "5fb0fa884132a8724a8d7cba55853737e442adbd", "is_secret": false, "is_verified": false, - "line_number": 104155, + "line_number": 104163, "type": "Secret Keyword", "verified_result": null }, @@ -3432,7 +3432,7 @@ "hashed_secret": "1e5c2f367f02e47a8c160cda1cd9d91decbac441", "is_secret": false, "is_verified": false, - "line_number": 131088, + "line_number": 131106, "type": "Secret Keyword", "verified_result": null } @@ -4166,7 +4166,7 @@ "hashed_secret": "da7a68734367828e30b94927f4c2b43ed2c0f652", "is_secret": false, "is_verified": false, - "line_number": 103, + "line_number": 106, "type": "Secret Keyword", "verified_result": null } @@ -4308,7 +4308,7 @@ "hashed_secret": "622cc1dc32381e378d6cfb7301f03a71d93d2fe4", "is_secret": false, "is_verified": false, - "line_number": 28, + "line_number": 43, "type": "Hex High Entropy String", "verified_result": null } @@ -4826,7 +4826,7 @@ } ] }, - "version": "0.13.1+ibm.57.dss", + "version": "0.13.1+ibm.58.dss", "word_list": { "file": null, "hash": null diff --git a/go.mod b/go.mod index b15b637c5b..68755c73a6 100644 --- a/go.mod +++ b/go.mod @@ -178,4 +178,4 @@ replace github.com/softlayer/softlayer-go v1.0.3 => github.com/IBM-Cloud/softlay replace github.com/dgrijalva/jwt-go v3.2.0+incompatible => github.com/golang-jwt/jwt v3.2.1+incompatible -replace github.com/IBM/secrets-manager-go-sdk v1.0.49 => github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230316070833-1e1d44fe67be +replace github.com/IBM/secrets-manager-go-sdk v1.0.49 => github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230404201829-49a38f9b9a6e diff --git a/go.sum b/go.sum index d78710fd2b..d2ddbb492e 100644 --- a/go.sum +++ b/go.sum @@ -99,8 +99,8 @@ github.com/IBM/scc-go-sdk/v4 v4.0.2 h1:8BHMRobCFurZwKaUhxWi8CdAA9+CvyzmlBOmo7KmX github.com/IBM/scc-go-sdk/v4 v4.0.2/go.mod h1:ufqf/kBtRn3Pq/pFXF6zQGHXV2P2EzPsntw1Sw19clE= github.com/IBM/schematics-go-sdk v0.2.1 h1:byATysGD+Z1k/wdtNqQmKALcAPjgSLuSyzcabh1jRAw= github.com/IBM/schematics-go-sdk v0.2.1/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ= -github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230316070833-1e1d44fe67be h1:fSMzsH48lTFPWFi4ulS0DYa6uK/l2oz5JiJEbFhwdjc= -github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230316070833-1e1d44fe67be/go.mod h1:qv+tQg8Z3Vb11DQYxDjEGeROHDtTLQxUWuOIrIdWg6E= +github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230404201829-49a38f9b9a6e h1:FaEVX404uS7J+veC3SghJPKl5bsL4lDxwxRelZ262Ws= +github.com/IBM/secrets-manager-go-sdk v1.0.50-0.20230404201829-49a38f9b9a6e/go.mod h1:qv+tQg8Z3Vb11DQYxDjEGeROHDtTLQxUWuOIrIdWg6E= github.com/IBM/vpc-beta-go-sdk v0.1.0 h1:+kdF+Y/0KY189HhpkqDrue9o0LluAr7rlOU5Zhu7hck= github.com/IBM/vpc-beta-go-sdk v0.1.0/go.mod h1:TGfLgJVmgQy6XvXc4lya8Vxvw7fvk83nqs5hdP+/VGo= github.com/IBM/vpc-go-sdk v0.33.0 h1:HU0yEQmMGQoODlFJIAiQAOp2vE4i2PUvnjdcd8/9Kyw= @@ -996,7 +996,6 @@ golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220817070843-5a390386f1f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/ibm/service/secretsmanager/data_source_ibm_sm_configurations.go b/ibm/service/secretsmanager/data_source_ibm_sm_configurations.go index d6bd76101e..31ce456af7 100644 --- a/ibm/service/secretsmanager/data_source_ibm_sm_configurations.go +++ b/ibm/service/secretsmanager/data_source_ibm_sm_configurations.go @@ -77,6 +77,61 @@ func DataSourceIbmSmConfigurations() *schema.Resource { Computed: true, Description: "The date when a resource was recently modified. The date format follows RFC 3339.", }, + "lets_encrypt_environment": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The configuration of the Let's Encrypt CA environment.", + }, + "lets_encrypt_preferred_chain": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Prefer the chain with an issuer matching this Subject Common Name.", + }, + "common_name": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The Common Name (AKA CN) represents the server name that is protected by the SSL certificate.", + }, + "crl_distribution_points_encoded": &schema.Schema{ + Type: schema.TypeBool, + Computed: true, + Description: "Determines whether to encode the certificate revocation list (CRL) distribution points in the certificates that are issued by this certificate authority.", + }, + "expiration_date": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The date a secret is expired. The date format follows RFC 3339.", + }, + "key_type": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The type of private key to generate.", + }, + "key_bits": &schema.Schema{ + Type: schema.TypeInt, + Computed: true, + Description: "The number of bits to use to generate the private key.Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and `521`. The default for RSA keys is `2048`. The default for EC keys is `256`.", + }, + "status": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,`signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.", + }, + "issuer": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The distinguished name that identifies the entity that signed and issued the certificate.", + }, + "signing_method": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The signing method to use with this certificate authority to generate private certificates.You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).", + }, + "certificate_authority": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The name of the intermediate certificate authority.", + }, }, }, }, @@ -180,6 +235,39 @@ func dataSourceIbmSmConfigurationsConfigurationMetadataToMap(model secretsmanage if model.UpdatedAt != nil { modelMap["updated_at"] = model.UpdatedAt.String() } + if model.LetsEncryptEnvironment != nil { + modelMap["lets_encrypt_environment"] = *model.LetsEncryptEnvironment + } + if model.LetsEncryptPreferredChain != nil { + modelMap["lets_encrypt_preferred_chain"] = *model.LetsEncryptPreferredChain + } + if model.CommonName != nil { + modelMap["common_name"] = *model.CommonName + } + if model.CrlDistributionPointsEncoded != nil { + modelMap["crl_distribution_points_encoded"] = *model.CrlDistributionPointsEncoded + } + if model.ExpirationDate != nil { + modelMap["expiration_date"] = model.ExpirationDate.String() + } + if model.KeyType != nil { + modelMap["key_type"] = *model.KeyType + } + if model.KeyBits != nil { + modelMap["key_bits"] = *model.KeyBits + } + if model.Status != nil { + modelMap["status"] = *model.Status + } + if model.Issuer != nil { + modelMap["issuer"] = *model.Issuer + } + if model.SigningMethod != nil { + modelMap["signing_method"] = *model.SigningMethod + } + if model.CertificateAuthority != nil { + modelMap["certificate_authority"] = *model.CertificateAuthority + } return modelMap, nil } else { return nil, fmt.Errorf("Unrecognized secretsmanagerv2.ConfigurationMetadataIntf subtype encountered") @@ -206,6 +294,30 @@ func dataSourceIbmSmConfigurationsPrivateCertificateConfigurationIntermediateCAM if model.UpdatedAt != nil { modelMap["updated_at"] = model.UpdatedAt.String() } + if model.CommonName != nil { + modelMap["common_name"] = *model.CommonName + } + if model.CrlDistributionPointsEncoded != nil { + modelMap["crl_distribution_points_encoded"] = *model.CrlDistributionPointsEncoded + } + if model.ExpirationDate != nil { + modelMap["expiration_date"] = model.ExpirationDate.String() + } + if model.KeyType != nil { + modelMap["key_type"] = *model.KeyType + } + if model.KeyBits != nil { + modelMap["key_bits"] = *model.KeyBits + } + if model.Status != nil { + modelMap["status"] = *model.Status + } + if model.Issuer != nil { + modelMap["issuer"] = *model.Issuer + } + if model.SigningMethod != nil { + modelMap["signing_method"] = *model.SigningMethod + } return modelMap, nil } @@ -252,6 +364,24 @@ func dataSourceIbmSmConfigurationsPrivateCertificateConfigurationRootCAMetadataT if model.UpdatedAt != nil { modelMap["updated_at"] = model.UpdatedAt.String() } + if model.CommonName != nil { + modelMap["common_name"] = *model.CommonName + } + if model.CrlDistributionPointsEncoded != nil { + modelMap["crl_distribution_points_encoded"] = *model.CrlDistributionPointsEncoded + } + if model.ExpirationDate != nil { + modelMap["expiration_date"] = model.ExpirationDate.String() + } + if model.KeyType != nil { + modelMap["key_type"] = *model.KeyType + } + if model.KeyBits != nil { + modelMap["key_bits"] = *model.KeyBits + } + if model.Status != nil { + modelMap["status"] = *model.Status + } return modelMap, nil } @@ -298,6 +428,12 @@ func dataSourceIbmSmConfigurationsPublicCertificateConfigurationCALetsEncryptMet if model.UpdatedAt != nil { modelMap["updated_at"] = model.UpdatedAt.String() } + if model.LetsEncryptEnvironment != nil { + modelMap["lets_encrypt_environment"] = *model.LetsEncryptEnvironment + } + if model.LetsEncryptPreferredChain != nil { + modelMap["lets_encrypt_preferred_chain"] = *model.LetsEncryptPreferredChain + } return modelMap, nil } @@ -344,5 +480,8 @@ func dataSourceIbmSmConfigurationsPrivateCertificateConfigurationTemplateMetadat if model.UpdatedAt != nil { modelMap["updated_at"] = model.UpdatedAt.String() } + if model.CertificateAuthority != nil { + modelMap["certificate_authority"] = *model.CertificateAuthority + } return modelMap, nil } diff --git a/website/docs/d/sm_configurations.html.markdown b/website/docs/d/sm_configurations.html.markdown index 1dc94e05c7..80f979a88a 100644 --- a/website/docs/d/sm_configurations.html.markdown +++ b/website/docs/d/sm_configurations.html.markdown @@ -34,16 +34,34 @@ In addition to all argument references listed, you can access the following attr * `id` - The unique identifier of the data source. * `configurations` - (List) A collection of configuration metadata. - * Constraints: The maximum length is `1000` items. The minimum length is `0` items. -Nested scheme for **configurations**: - * `config_type` - (String) Th configuration type. - * Constraints: Allowable values are: `public_cert_configuration_ca_lets_encrypt`, `public_cert_configuration_dns_classic_infrastructure`, `public_cert_configuration_dns_cloud_internet_services`, `iam_credentials_configuration`, `private_cert_configuration_root_ca`, `private_cert_configuration_intermediate_ca`, `private_cert_configuration_template`. - * `created_at` - (String) The date when a resource was created. The date format follows RFC 3339. - * `created_by` - (String) The unique identifier that is associated with the entity that created the secret. - * Constraints: The maximum length is `128` characters. The minimum length is `4` characters. - * `name` - (String) The unique name of your configuration. - * Constraints: The maximum length is `128` characters. The minimum length is `2` characters. The value must match regular expression `/(.*?)/`. - * `secret_type` - (String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials. - * Constraints: Allowable values are: `arbitrary`, `imported_cert`, `public_cert`, `iam_credentials`, `kv`, `username_password`, `private_cert`. - * `updated_at` - (String) The date when a resource was recently modified. The date format follows RFC 3339. - + * Constraints: The maximum length is `1000` items. The minimum length is `0` items. + Nested scheme for **configurations**: + * `config_type` - (String) Th configuration type. + * Constraints: Allowable values are: `public_cert_configuration_ca_lets_encrypt`, `public_cert_configuration_dns_classic_infrastructure`, `public_cert_configuration_dns_cloud_internet_services`, `iam_credentials_configuration`, `private_cert_configuration_root_ca`, `private_cert_configuration_intermediate_ca`, `private_cert_configuration_template`. + * `created_at` - (String) The date when a resource was created. The date format follows RFC 3339. + * `created_by` - (String) The unique identifier that is associated with the entity that created the secret. + * Constraints: The maximum length is `128` characters. The minimum length is `4` characters. + * `name` - (String) The unique name of your configuration. + * Constraints: The maximum length is `128` characters. The minimum length is `2` characters. The value must match regular expression `/(.*?)/`. + * `secret_type` - (String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials. + * Constraints: Allowable values are: `arbitrary`, `imported_cert`, `public_cert`, `iam_credentials`, `kv`, `username_password`, `private_cert`. + * `updated_at` - (String) The date when a resource was recently modified. The date format follows RFC 3339. + * `lets_encrypt_environment` - (String) The configuration of the Let's Encrypt CA environment. + * Constraints: Allowable values are: `production`, `staging`. + * `lets_encrypt_preferred_chain` - (String) Prefer the chain with an issuer matching this Subject Common Name. + * Constraints: The maximum length is `30` characters. The minimum length is `2` characters. The value must match regular expression `/(.*?)/`. + * `common_name` - (String) The Common Name (AKA CN) represents the server name that is protected by the SSL certificate. + * Constraints: The maximum length is `128` characters. The minimum length is `4` characters. The value must match regular expression `/(.*?)/`. + * `crl_distribution_points_encoded` - (Boolean) Determines whether to encode the certificate revocation list (CRL) distribution points in the certificates that are issued by this certificate authority. + * `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339. + * `key_type` - (String) The type of private key to generate. + * Constraints: Allowable values are: `rsa`, `ec`. + * `key_bits` - (Integer) The number of bits to use to generate the private key.Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and `521`. The default for RSA keys is `2048`. The default for EC keys is `256`. + * `status` - (String) The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,`signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. + * Constraints: Allowable values are: `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired`, `revoked`. + * `issuer` - (String) The distinguished name that identifies the entity that signed and issued the certificate. + * Constraints: The maximum length is `128` characters. The minimum length is `2` characters. The value must match regular expression `/(.*?)/`. + * `signing_method` - (String) The signing method to use with this certificate authority to generate private certificates.You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). + * Constraints: Allowable values are: `internal`, `external`. + * `certificate_authority` - (String) The name of the intermediate certificate authority. + * Constraints: The maximum length is `128` characters. The minimum length is `2` characters. The value must match regular expression `/^[A-Za-z0-9][A-Za-z0-9]*(?:_?-?\\.?[A-Za-z0-9]+)*$/`.