feat: added the ability to create HMAC secrets using new input service_credentials_source_service_hmac (#188)

kierramarie · web-flow · commit 402651d1f3b6 · 2024-11-26T19:01:36.000Z
diff --git a/README.md b/README.md
@@ -192,6 +192,7 @@ No modules.
 | <a name="input_secret_username"></a> [secret\_username](#input\_secret\_username) | Username of the secret to create. Applies only to `username_password` secret types. When `null`, an `arbitrary` secret is created. | `string` | `null` | no |
 | <a name="input_secrets_manager_guid"></a> [secrets\_manager\_guid](#input\_secrets\_manager\_guid) | The instance ID of the Secrets Manager instance where the secret will be added. | `string` | n/a | yes |
 | <a name="input_service_credentials_source_service_crn"></a> [service\_credentials\_source\_service\_crn](#input\_service\_credentials\_source\_service\_crn) | The CRN of the source service instance to create the service credential. | `string` | `null` | no |
+| <a name="input_service_credentials_source_service_hmac"></a> [service\_credentials\_source\_service\_hmac](#input\_service\_credentials\_source\_service\_hmac) | The optional boolean parameter HMAC for creating specific kind of credentials. For more information see https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/sm_service_credentials_secret#parameters | `bool` | `false` | no |
 | <a name="input_service_credentials_source_service_role"></a> [service\_credentials\_source\_service\_role](#input\_service\_credentials\_source\_service\_role) | The role to give the service credential in the source service. | `string` | `null` | no |
 | <a name="input_service_credentials_ttl"></a> [service\_credentials\_ttl](#input\_service\_credentials\_ttl) | The time-to-live (TTL) to assign to generated service credentials (in seconds). | `number` | `"7776000"` | no |
 
diff --git a/main.tf b/main.tf
@@ -110,6 +110,7 @@ resource "ibm_sm_service_credentials_secret" "service_credentials_secret" {
     role {
       crn = "crn:v1:bluemix:public:iam::::serviceRole:${var.service_credentials_source_service_role}"
     }
+    parameters = var.service_credentials_source_service_hmac ? { "HMAC" : var.service_credentials_source_service_hmac } : null
   }
 
   ## This for_each block is NOT a loop to attach to multiple rotation blocks.
diff --git a/variables.tf b/variables.tf
@@ -122,4 +122,10 @@ variable "endpoint_type" {
   }
 }
 
+variable "service_credentials_source_service_hmac" {
+  type        = bool
+  description = "The optional boolean parameter HMAC for creating specific kind of credentials. For more information see https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/sm_service_credentials_secret#parameters"
+  default     = false
+}
+
 ##############################################################################

Original file line number	Diff line number	Diff line change
`@@ -110,6 +110,7 @@ resource "ibm_sm_service_credentials_secret" "service_credentials_secret" {`
`110`	`110`	`role {`
`111`	`111`	`crn = "crn:v1:bluemix:public:iam::::serviceRole:${var.service_credentials_source_service_role}"`
`112`	`112`	`}`
	`113`	`+ parameters = var.service_credentials_source_service_hmac ? { "HMAC" : var.service_credentials_source_service_hmac } : null`
`113`	`114`	`}`
`114`	`115`
`115`	`116`	`## This for_each block is NOT a loop to attach to multiple rotation blocks.`
Original file line number	Diff line number	Diff line change
`@@ -122,4 +122,10 @@ variable "endpoint_type" {`
`122`	`122`	`}`
`123`	`123`	`}`
`124`	`124`
	`125`	`+variable "service_credentials_source_service_hmac" {`
	`126`	`+ type = bool`
	`127`	`+ description = "The optional boolean parameter HMAC for creating specific kind of credentials. For more information see https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/sm_service_credentials_secret#parameters"`
	`128`	`+ default = false`
	`129`	`+}`
	`130`	`+`
`125`	`131`	`##############################################################################`