Skip to content

Update Terraform tls to ~> 3.4.0

Renovate [bot] requested to merge renovate/tls-3.x into master

This MR contains the following updates:

Package Type Update Change
tls (source) required_provider minor ~> 3.1.0 -> ~> 3.4.0

Release Notes

hashicorp/terraform-provider-tls

v3.4.0

Compare Source

NEW FEATURES:

  • data-source/tls_certificate: New attribute content that can be used in alternative to url, to provide the certificate in PEM format (#​189).

  • data-source/tls_certificate: Objects in the certificates chain attribute expose a new attribute cert_pem (PEM format) (#​208).

  • resource/tls_self_signed_cert: New attribute set_authority_key_id to make the generated certificate include an authority key identifier (#​212).

ENHANCEMENTS:

  • resource/tls_locally_signed_cert: If CA provided via ca_cert_pem is not an actual CA, a warning will be raised, but the certificate will still be created (#​209).

NOTES:

  • data-source/tls_certificate: The id attribute has changed to the hashing of all certificates information in the chain. The first apply of this updated data source may show this difference (#​189).

BUG FIXES:

  • data-source/tls_certificate: Prevent plan differences with the id attribute (#​79, #​189).

  • resource/tls_cert_request: Allow for absent or empty subject block (#​209).

  • resource/tls_self_signed_cert: Allow for absent or empty subject block (#​209).

v3.3.0

Compare Source

NEW FEATURES:

  • provider: Added (opt-in) HTTP proxy configuration (#​179).

  • data-source/tls_certificate: Support for tls:// scheme in url argument. When used, the provider will fetch certificates via a direct Secure Socket (i.e. ignores proxy) (#​179).

ENHANCEMENTS:

  • data-source/tls_certificate: When proxy is configured on provider, certificates fetched via url with scheme https:// will go through the specified HTTP proxy (#​179).

  • resource/tls_locally_signed_cert: Validate allowed_uses contains documented values, but raise warning instead of error when it does not (#​184).

v3.2.1

Compare Source

BUG FIXES:

v3.2.0

Compare Source

NEW FEATURES:

  • resource/tls_private_key: Added support for ED25519 key algorithm (#​151).

  • data-source/tls_public_key: Added support for ED25519 key algorithm (#​160).

  • resource/tls_cert_request: Added support for ED25519 key algorithm (#​173).

  • resource/tls_self_signed_cert: Added support for ED25519 key algorithm (#​173).

  • resource/tls_locally_signed_cert: Added support for ED25519 key algorithm (#​173).

ENHANCEMENTS:

  • resource/tls_private_key: New attributes private_key_openssh (OpenSSH PEM format) and public_key_fingerprint_sha256 (#​151).

  • data-source/tls_public_key: Can now be configured by passing a private key either via private_key_pem or private_key_openssh (#​160).

  • resource/tls_locally_signed_cert: Validate validity_period_hours and early_renewal_hours are greater or equal then zero (#​169).

  • resource/tls_locally_signed_cert: Validate allowed_uses contains documented values, instead of silently ignoring unknowns (#​169).

  • resource/tls_locally_signed_cert: ca_key_algorithm is now optional and deprecated, as it's now inferred from ca_private_key_pem. It will be read-only in the next major release (#​173).

  • resource/tls_self_signed_cert: Validate validity_period_hours and early_renewal_hours are greater or equal then zero (#​169).

  • resource/tls_self_signed_cert: Validate allowed_uses contains documented values, instead of silently ignoring unknowns (#​169).

  • resource/tls_self_signed_cert: key_algorithm is now optional and deprecated, as it's now inferred from private_key_pem. It will be read-only in the next major release (#​173).

  • resource/tls_cert_request: key_algorithm is now optional and deprecated, as it's now inferred from private_key_pem. It will be read-only in the next major release (#​173).

NOTES:

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Merge request reports