hashicorp · benashz · Oct 29, 2021 · Oct 27, 2021 · Oct 27, 2021 · Oct 28, 2021
diff --git a/vault/provider.go b/vault/provider.go
@@ -595,10 +595,6 @@ var (
 			Resource:      passwordPolicyResource(),
 			PathInventory: []string{"/sys/policy/password/{name}"},
 		},
-		"vault_pki_secret_backend": {
-			Resource:      pkiSecretBackendResource(),
-			PathInventory: []string{UnknownPath},
-		},
 		"vault_pki_secret_backend_cert": {
 			Resource:      pkiSecretBackendCertResource(),
 			PathInventory: []string{"/pki/issue/{role}"},

diff --git a/vault/resource_ad_secret_backend.go b/vault/resource_ad_secret_backend.go
@@ -2,10 +2,11 @@ package vault
 
 import (
 	"fmt"
-	"github.com/hashicorp/terraform-provider-vault/util"
 	"log"
 	"strings"
 
+	"github.com/hashicorp/terraform-provider-vault/util"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/vault/api"
 )
@@ -81,13 +82,6 @@ func adSecretBackendResource() *schema.Resource {
 			Optional:    true,
 			Description: `Use anonymous bind to discover the bind DN of a user.`,
 		},
-		"formatter": {
-			Type:        schema.TypeString,
-			Optional:    true,
-			Computed:    true,
-			Deprecated:  `Formatter is deprecated and password_policy should be used with Vault >= 1.5.`,
-			Description: `Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix".`,
-		},
 		"groupattr": {
 			Type:        schema.TypeString,
 			Optional:    true,
@@ -114,13 +108,6 @@ func adSecretBackendResource() *schema.Resource {
 			Computed:    true,
 			Description: `The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.`,
 		},
-		"length": {
-			Type:        schema.TypeInt,
-			Optional:    true,
-			Computed:    true,
-			Deprecated:  `Length is deprecated and password_policy should be used with Vault >= 1.5.`,
-			Description: `The desired length of passwords that Vault generates.`,
-		},
 		"local": {
 			Type:        schema.TypeBool,
 			Required:    false,
@@ -271,9 +258,6 @@ func createConfigResource(d *schema.ResourceData, meta interface{}) error {
 	if v, ok := d.GetOkExists("discoverdn"); ok {
 		data["discoverdn"] = v
 	}
-	if v, ok := d.GetOkExists("formatter"); ok {
-		data["formatter"] = v
-	}
 	if v, ok := d.GetOkExists("groupattr"); ok {
 		data["groupattr"] = v
 	}
@@ -289,9 +273,6 @@ func createConfigResource(d *schema.ResourceData, meta interface{}) error {
 	if v, ok := d.GetOkExists("last_rotation_tolerance"); ok {
 		data["last_rotation_tolerance"] = v
 	}
-	if v, ok := d.GetOkExists("length"); ok {
-		data["length"] = v
-	}
 	if v, ok := d.GetOkExists("max_ttl"); ok {
 		data["max_ttl"] = v
 	}
@@ -410,11 +391,6 @@ func readConfigResource(d *schema.ResourceData, meta interface{}) error {
 			return fmt.Errorf("error setting state key 'discoverdn': %s", err)
 		}
 	}
-	if val, ok := resp.Data["formatter"]; ok {
-		if err := d.Set("formatter", val); err != nil {
-			return fmt.Errorf("error setting state key 'formatter': %s", err)
-		}
-	}
 	if val, ok := resp.Data["groupattr"]; ok {
 		if err := d.Set("groupattr", val); err != nil {
 			return fmt.Errorf("error setting state key 'groupattr': %s", err)
@@ -440,11 +416,6 @@ func readConfigResource(d *schema.ResourceData, meta interface{}) error {
 			return fmt.Errorf("error setting state key 'last_rotation_tolerance': %s", err)
 		}
 	}
-	if val, ok := resp.Data["length"]; ok {
-		if err := d.Set("length", val); err != nil {
-			return fmt.Errorf("error setting state key 'length': %s", err)
-		}
-	}
 	if val, ok := resp.Data["max_ttl"]; ok {
 		if err := d.Set("max_ttl", val); err != nil {
 			return fmt.Errorf("error setting state key 'max_ttl': %s", err)
@@ -569,9 +540,6 @@ func updateConfigResource(d *schema.ResourceData, meta interface{}) error {
 	if raw, ok := d.GetOk("discoverdn"); ok {
 		data["discoverdn"] = raw
 	}
-	if raw, ok := d.GetOk("formatter"); ok {
-		data["formatter"] = raw
-	}
 	if raw, ok := d.GetOk("groupattr"); ok {
 		data["groupattr"] = raw
 	}
@@ -587,9 +555,6 @@ func updateConfigResource(d *schema.ResourceData, meta interface{}) error {
 	if raw, ok := d.GetOk("last_rotation_tolerance"); ok {
 		data["last_rotation_tolerance"] = raw
 	}
-	if raw, ok := d.GetOk("length"); ok {
-		data["length"] = raw
-	}
 	if raw, ok := d.GetOk("max_ttl"); ok {
 		data["max_ttl"] = raw
 	}

diff --git a/vault/resource_azure_auth_backend_role.go b/vault/resource_azure_auth_backend_role.go
@@ -204,60 +204,6 @@ func azureAuthBackendRoleRead(d *schema.ResourceData, meta interface{}) error {
 
 	readTokenFields(d, resp)
 
-	// Check if the user is using the deprecated `policies`
-	if _, deprecated := d.GetOk("policies"); deprecated {
-		// Then we see if `token_policies` was set and unset it
-		// Vault will still return `policies`
-		if _, ok := d.GetOk("token_policies"); ok {
-			d.Set("token_policies", nil)
-		}
-
-		if v, ok := resp.Data["policies"]; ok {
-			d.Set("policies", v)
-		}
-
-	}
-
-	// Check if the user is using the deprecated `period`
-	if _, deprecated := d.GetOk("period"); deprecated {
-		// Then we see if `token_period` was set and unset it
-		// Vault will still return `period`
-		if _, ok := d.GetOk("token_period"); ok {
-			d.Set("token_period", nil)
-		}
-
-		if v, ok := resp.Data["period"]; ok {
-			d.Set("period", v)
-		}
-	}
-
-	// Check if the user is using the deprecated `ttl`
-	if _, deprecated := d.GetOk("ttl"); deprecated {
-		// Then we see if `token_ttl` was set and unset it
-		// Vault will still return `ttl`
-		if _, ok := d.GetOk("token_ttl"); ok {
-			d.Set("token_ttl", nil)
-		}
-
-		if v, ok := resp.Data["ttl"]; ok {
-			d.Set("ttl", v)
-		}
-
-	}
-
-	// Check if the user is using the deprecated `max_ttl`
-	if _, deprecated := d.GetOk("max_ttl"); deprecated {
-		// Then we see if `token_max_ttl` was set and unset it
-		// Vault will still return `max_ttl`
-		if _, ok := d.GetOk("token_max_ttl"); ok {
-			d.Set("token_max_ttl", nil)
-		}
-
-		if v, ok := resp.Data["max_ttl"]; ok {
-			d.Set("max_ttl", v)
-		}
-	}
-
 	d.Set("backend", backend)
 	d.Set("role", role)
 

diff --git a/vault/resource_github_auth_backend.go b/vault/resource_github_auth_backend.go
@@ -74,7 +74,6 @@ func githubAuthBackendCreate(d *schema.ResourceData, meta interface{}) error {
 		Type:        "github",
 		Description: description,
 	})
-
 	if err != nil {
 		return fmt.Errorf("error enabling github auth backend at '%s': %s", path, err)
 	}
@@ -105,7 +104,6 @@ func githubAuthBackendUpdate(d *schema.ResourceData, meta interface{}) error {
 
 	log.Printf("[DEBUG] Writing github auth config to '%q'", configPath)
 	_, err := client.Logical().Write(configPath, data)
-
 	if err != nil {
 		d.SetId("")
 		return fmt.Errorf("error writing github config to '%q': %s", configPath, err)
@@ -176,33 +174,8 @@ func githubAuthBackendRead(d *schema.ResourceData, meta interface{}) error {
 		return err
 	}
 
-	ttlS := flattenVaultDuration(dt.Data["ttl"])
-	maxTtlS := flattenVaultDuration(dt.Data["max_ttl"])
-
 	readTokenFields(d, dt)
 
-	// Check if the user is using the deprecated `ttl`
-	if _, deprecated := d.GetOk("ttl"); deprecated {
-		// Then we see if `token_ttl` was set and unset it
-		// Vault will still return `ttl`
-		if _, ok := d.GetOk("token_ttl"); ok {
-			d.Set("token_ttl", nil)
-		}
-
-		d.Set("ttl", ttlS)
-	}
-
-	// Check if the user is using the deprecated `max_ttl`
-	if _, deprecated := d.GetOk("max_ttl"); deprecated {
-		// Then we see if `token_max_ttl` was set and unset it
-		// Vault will still return `max_ttl`
-		if _, ok := d.GetOk("token_max_ttl"); ok {
-			d.Set("token_max_ttl", nil)
-		}
-
-		d.Set("max_ttl", maxTtlS)
-	}
-
 	d.Set("path", d.Id())
 	d.Set("organization", dt.Data["organization"])
 	d.Set("base_url", dt.Data["base_url"])