Unclear documentation of vault_kv_secret_v2 on the V5 vault provider upgrade docs

Hey,
the v5 upgrade docs on the vault provider, specifically the vault_kv_secret_v2 are not very clear to me.

It talks about a breaking change because it’s now ephemeral.

BREAKING CHANGE With the addition of an ephemeral resource and write-only attributes for KVV2, this resource will maintain the KVV2 engine in Vault as the source of truth, and will no longer store/track the secret data in the Terraform state.

I don’t understand this. What is the breaking change? The normal vault_kv_secret_v2 seems to still exist as per the docs. Yes, there is a new ephemeral version of vault_kv_secret_v2 (cant post more than two links) but aren’t those two separate things? If I understand correctly, the new ephemeral one is just for reading from vault while the old one is for writing?

The normal vault_kv_secret_v2 has now an optional ephemeral data_json_wo argument. data_json still existst. Only the data attribute is marked as deprecated.

Yes, a link to the ephemeral resource should be added.
My understanding is that the resource should be only used to write some credentials (not read).

Therefore, we should not use the data attributes of this resource vault_kv_secret_v2 to retrieve credentials.
If we want to get a temporary copy of this data, we should now use the ephemeral resource ,so the data is never stored anywhere in the terraform files.
What I find really unclear is why the “Data Sources data vault_kv_secret_v2” does not talk about it? This one should be deprecated too, specialy since it returns a Warning: Deprecated Resource, no?