Vault_generic_endpoint still does a GET when disable_read = true

lcurtis-datto · June 16, 2022, 5:31pm

Hello all,

Using the vault 3.7.0 provider, I am testing out a third party vault plugin which has an endpoint that only supports the ‘write’ method. When doing a terraform apply, I get the error:

Error: error reading sectigo-vault-pki/enroll/datto_ssl_config from Vault: Error making API request.
│ 
│ URL: GET https://<myFQDN>:8200/v1/sectigo-vault-pki/enroll/test_ssl_config
│ Code: 405. Errors:
│ 
│ * 1 error occurred:
│       * unsupported operation

resource "vault_generic_endpoint"  "sectigo_certs" {

  disable_read = true
  path                 = "sectigo-vault-pki/enroll/test_ssl_config"
  data_json = <<EOT
 {
  "sectigo_cm_user": "<user>,
  "sectigo_cm_password": "<pw>",

  "sectigo_csr_domain": "<FQDN>",
  "sectigo_csr_email_address": "xxx"
...
}

EOT

}

Thanks in advance!

lcurtis-datto · June 16, 2022, 5:55pm

Well - answering my own question - did not realize a different version of the resource without the disable in it was still somehow in the tfstate file. Once I edited that out, the code worked as expected.

Topic		Replies	Views
Vault_generic_endpoint cannot write to transit encrypt endpoint Terraform Providers	5	195	May 24, 2023
Vault Secret Engine+ Terraform + Spring Vault	10	1953	January 22, 2023
Does the vault provider support /v1/sys/config/auditing? Terraform vault	6	411	March 29, 2023
"auth_login": conflicts with auth_login_cert Terraform Providers vault	0	90	January 17, 2024
Use the vault terraform provider to enable k/v secrets engine? Terraform	1	3284	January 13, 2020

Vault_generic_endpoint still does a GET when disable_read = true

Related topics