-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
google_certificate_manager_trust_config: Allow listed function is missing in resource block #18170
Comments
The provided link was for API Documentation and it has the JSON files, I wanted to have a terraform resource block for allowlisted certificates functionality. Please provide a workaround for us to consume the terraform resource block for allowlisted certificates functionality. |
@deepi-1234 sorry for the confusion - that note is not intended as a workaround for you. It is proof that this functionality exists in the API (so should be added in Terraform) and a reference in case the person who eventually works on this ticket is unsure what part of the API this ticket is referring to. |
As mentioned in above comment can you please provide a terraform code for allowlisted or kindly provide us a turn around time of when the terraform resource block for allow listed functionality will be available? |
This ticket has been forwarded to the engineering team for resolution. There is no guaranteed turnaround time. If you are working with a Google Technical Account Manager or Customer Engineer, you can ask them to reach out internally to expedite investigation and resolution of this issue. |
Community Note
Description
In https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/certificate_manager_trust_config in the google_certificate_manager_trust_config resource block allow listed functionality is missing in resource block but in gcloud cli we do have the code for allow listed functionality. In order for us to consume the resource block the allow listed functionality is missing.
The reference documentation for allow listed certificate is also here: https://cloud.google.com/certificate-manager/docs/how-it-works#allowlisted-certs
Please provide a workaround for this. Also the resource block and gcloud command is added below.
New or Affected Resource(s)
google_XXXXX
resource "google_certificate_manager_trust_config" "default" {
name = "trust-config"
description = "sample description for the trust config"
location = "us-central1"
trust_stores {
trust_anchors {
pem_certificate = file("test-fixtures/cert.pem")
}
intermediate_cas {
pem_certificate = file("test-fixtures/cert.pem")
}
}
labels = {
foo = "bar"
}
}
whereas in gcloud we have the allow listed functionality but not in above resource block.
Create a trust config YAML file that specifies the trust config parameters. The file has the following format:
trustStores:
‑ trustAnchors:
‑ pemCertificate: "CERTIFICATE_PEM_PAYLOAD"
intermediateCas:
‑ pemCertificate: "INTER_CERT_PEM_PAYLOAD"
allowlistedCertificates:
‑ pemCertificate: "ALLOWLISTED_CERT1"
‑ pemCertificate: "ALLOWLISTED_CERT2"
Import the trust config file into Certificate Manager:
gcloud certificate-manager trust-configs import TRUST_CONFIG_ID
--project=PROJECT_ID
--source=TRUST_CONFIG_FILE
--location=LOCATION
Please provide a solution for the above in order for us to consume the allow listed functionality in resource block.
Potential Terraform Configuration
References
The reference documentation for allow listed certificate is also here: https://cloud.google.com/certificate-manager/docs/how-it-works#allowlisted-certs
b/341735446
The text was updated successfully, but these errors were encountered: