Skip to content

chore(deps): update terraform terraform-ibm-modules/secrets-manager/ibm to v2 #244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update terraform terraform-ibm-modules/secrets-manager/ibm to v2 #244

wants to merge 1 commit into from
+1 −1

Conversation

terraform-ibm-modules-ops
Copy link
Contributor

@terraform-ibm-modules-ops terraform-ibm-modules-ops commented Mar 28, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
terraform-ibm-modules/secrets-manager/ibm (source) module major 1.24.1 -> 2.1.1

Release Notes

terraform-ibm-modules/terraform-ibm-secrets-manager (terraform-ibm-modules/secrets-manager/ibm)

v2.1.1

Compare Source

Bug Fixes

v2.1.0

Compare Source

Features
  • added new input secret_groups which supports creating secret groups, and associated IAM access groups. By default it will create a group called General with an associated access group called general-secrets-group-access-group which will have SecretsReader role. (#​314) (600945c)

v2.0.0

Compare Source

Features
  • added 2 new DA variations: "Fully configurable" and "Security-enforced"
  • The "standard" variation has been deprecated does not exist in this release (#​300) (b548403)
BREAKING CHANGES
  • There is no upgrade path from the deprecated "Standard" DA variation to either of the new "Fully configurable" or "Security-enforced variations

v1.26.4

Compare Source

Fixes
  • added the missing input skip_iam_authorization_policy from the DA. Previously this was automatically set to false with no ability to override in the DA, meaning you might get an error if passing an existing Secrets Manager instance if the auth policy already exists. Exposing it now allows consumers to disable auth policy creation if it already exists.

v1.26.3

Compare Source

Fixes

  • added a fix to KMS key validation that was causing the following error when passing an existing Secrets Manager instance:

    │ Error: Invalid function argument
│ 
│   on ../../main.tf line 21, in locals:
│   21:   validate_is_hpcs_key = var.is_hpcs_key && local.kms_service_name != "hs-crypto" ? tobool("When is_hpcs_key is set to true then the key provided through kms_key_crn must be a Hyper Protect Crypto Services key") : true
│     ├────────────────
│     │ while calling tobool(v)
│ 
│ Invalid value for "v" parameter: cannot convert "When is_hpcs_key is set to true then the key provided through kms_key_crn must be a Hyper Protect Crypto Services key" to bool; only the strings
│ "true" or "false" are allowed.

v1.26.2

Compare Source

Fixes

  • added a fix for a missing moved block in the DA which can cause the following destroys to be seen when upgrading to version 1.23.0 or later:

module.secrets_manager.ibm_sm_en_registration.sm_en_registration[0] will be destroyed

v1.26.1

Compare Source

Fixes

  • added a fix for a missing moved block in the DA which can cause the following destroys to be seen when upgrading to version 1.23.0 or later:

module.secrets_manager.ibm_iam_authorization_policy.en_policy[0] will be destroyed

module.secrets_manager.ibm_sm_en_registration.sm_en_registration[0] will be destroyed

v1.26.0

Compare Source

Features

(#​295) (a0cab06)

  • The KMS auth policy has been updated so its now scoped to the exact KMS key. If upgrading from an older version this will recreate the auth policy, however it will create the new one before destroying the old one so there is no disruption to every day services.
  • The kms_instance_guid input has been removed from the module. It is now programmatically determined from the value of kms_key_crn
  • A new boolean input is_hpcs_key has been added to the module and should be set to true if the key specified in kms_key_crn is from a Hyper Protect instance. Leave it at false if using Key Protect. If set to true, a second auth policy is created which allows the Secrets Manager instance Viewer access to the HPCS instance.

v1.25.5

Compare Source

Bug Fixes

v1.25.4

Compare Source

Bug Fixes
  • deps: update terraform ibm to latest for the deployable architecture solution (#​310) (c458399)

v1.25.3

Compare Source

Bug Fixes
  • expose the skip_iam_authorization_policy in the fscloud submodule (#​301) (94db9b1)

v1.25.2

Compare Source

Bug Fixes
  • deps: update required_provider to latest for the deployable architecture solution (#​305) (f12d4e9)

v1.25.1

Compare Source

Bug Fixes

v1.25.0

Compare Source

Features
  • Added new input skip_iam_authorization_policy which defaults to false, meaning by default the module will now create the IAM authorization policies required to enable the IAM credentials engine by creating policies that grants the Secrets Manager instance 'Operator' access to the IAM identity service, and 'Groups Service Member Manage' access to the IAM groups service (#​237) (e5d4806)

v1.24.3

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/event-notifications/ibm to v1.18.8 (#​298) (9249319)

v1.24.2

Compare Source

Bug Fixes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@terraform-ibm-modules-dev
Copy link

/run pipeline

@terraform-ibm-modules-ops terraform-ibm-modules-ops force-pushed the renovate/major-terraform-module branch from d5eec81 to 55da236 Compare April 4, 2025 19:56
@terraform-ibm-modules-dev
Copy link

/run pipeline

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daniel-butler-irl daniel-butler-irl Awaiting requested review from daniel-butler-irl daniel-butler-irl is a code owner

@ocofaigh ocofaigh Awaiting requested review from ocofaigh ocofaigh is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@terraform-ibm-modules-ops @terraform-ibm-modules-dev