Hey,
the v5 upgrade docs on the vault provider, specifically the vault_kv_secret_v2 are not very clear to me.
It talks about a breaking change because it’s now ephemeral.
BREAKING CHANGE With the addition of an ephemeral resource and write-only attributes for KVV2, this resource will maintain the KVV2 engine in Vault as the source of truth, and will no longer store/track the secret data in the Terraform state.
I don’t understand this. What is the breaking change? The normal vault_kv_secret_v2 seems to still exist as per the docs. Yes, there is a new ephemeral version of vault_kv_secret_v2 (cant post more than two links) but aren’t those two separate things? If I understand correctly, the new ephemeral one is just for reading from vault while the old one is for writing?
The normal vault_kv_secret_v2 has now an optional ephemeral data_json_wo argument. data_json still existst. Only the data attribute is marked as deprecated.