-
Notifications
You must be signed in to change notification settings - Fork 540
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
database_secret_backend_connection resource missing plugin_name
field.
#1288
Comments
the oracle DB connection type is not (yet) supported in the provider. so this should be labels as enhancment/feature-parity. |
@chperie we are going to take a closer look at this issue. Setting up the Oracle db engine is supported per: https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/database_secret_backend_connection#oracle-configuration-options, but I see that we may be missing some of it's fields. |
Oops, sorry for misleading. |
@DrFaust92 would you mind expanding on the above statement please. We should have Oracle support per: https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/database_secret_backend_connection#oracle-configuration-options |
I found out how to deal with, I think: resource "vault_mount" "db" {
path = "oracle"
type = "database"
}
resource "vault_generic_endpoint" "register" {
path = "sys/plugins/catalog/database/vault-plugin-database-oracle_12_1"
disable_read = true
disable_delete = true
data_json = <<EOT
{
"type":1,
"command":"vault-plugin-database-oracle_12_1",
"sha256":"27a587ae27b7cf21d7b0830105xxxxxxxxxxxxxxxxxxxxxxxxa"
}
EOT
}
resource "vault_database_secret_backend_connection" "oracle_dbform12" {
backend = vault_mount.db.path
name = "oracle_dbform12"
allowed_roles = ["role_dbform12"]
oracle {
connection_url = "{{username}}:{{password}}@qxxxxxxx3:1522/DBFORM12"
}
data = {
username = "vxxxxx"
password = "vaxxxxxxxx"
plugin_name = "vault-plugin-database-oracle_12_1"
}
}
resource "vault_database_secret_backend_role" "role_dbform12" {
backend = vault_mount.db.path
name = "role_dbform12"
db_name = vault_database_secret_backend_connection.oracle_dbform12.name
creation_statements = ["CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"]
} |
@chperie the use of |
yes... |
Would you mind providing the exact error message? |
this kind of error An argument named "plugin_name" is not expected here. |
We will take a closer look to see what the issue might be. |
plugin_name
field.
Hello,
I need to create the oracle database engine in Vault as mentionned in https://www.vaultproject.io/api/secret/databases/oracle
I plan to use Terraform and so : resource "vault_database_secret_backend_connection"
but I can not use :
=> plugin_name as a configuration parameter (and it's mandatory for Oracle) as it's not defined in the documentation https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/database_secret_backend_connection
=> And under oracle arguments I also need to define username/password in order for Vault to define resources in the Oracle database but it's the same, the arguments don't exist
do I have to use => resource "vault_generic_endpoint" ?
Or Did I miss something?
Thanks for your help
The text was updated successfully, but these errors were encountered: