This document provides an overview of new features, general improvements, and resolved issues in the Fortanix Data Security Manager (DSM) - Terraform 0.5.25 release.
1. Bug Fixes
- Fixed an issue where the user was unable to create EC-KCDSA, DSA, and KCDSA Keys using the Terraform Provider script (JIRA: DEVOPS-3348).
- Fixed an issue where the user was unable to set the
group_idvariable after executing the
terraform applycommand in the
terraform.tfstatefile (JIRA: DEVOPS-3899).
3. Known Issues
- Setting the enable or disable options while creating security objects does not take effect (JIRA: DEVOPS-3110).
- Deletion of the Key Access Justification policy for security objects for Google Cloud EKM is not supported (JIRA: DEVOPS-3806).
- Issues in updating the security
- Unable to update the security object’s group.
- Unable to set an expiration date after the security object is created.
- Unable to deactivate, destroy, or delete a security object.
- Terraform will detect changes when an approval policy, HMG, or cryptographic policy is added to a group, even when nothing is changed in the TF Body. (JIRA: DEVOPS-3667).
- When you invite a user to a Fortanix DSM account as an account member and add this user to a group as an account administrator using the
dsm_group_user_role, even though the user has not accepted the invitation to join the account, the user will still fail to be added to the group (JIRA: DEVOPS-3666).
- Unable to update the DSM group name if the
dsm_groupresource contains an
hmgparameter (JIRA: DEVOPS-3736).
- Issue with deleting an account-level quorum policy (JIRA: DEVOPS-3737).
- Unable to add quorum policy to existing externally-backed DSM groups using Terraform script (JIRA: DEVOPS-3825).
- Terraform detects change even when the Key Access Justification Policy is not updated (JIRA: DEVOPS-3807).
- The Key Access Justification policy does not work for a secret key type (JIRA: DEVOPS-4021).
- Unable to generate a key of type LMS and BLS (JIRA: DEVOPS-4020).
- Unable to import a key of any type except the Secret key (JIRA: DEVOPS-4028).
- Unable to create admin apps using Terraform provider (JIRA: DEVOPS-3669).
- Unable to create apps with authentication method as Certificate, Trusted CA, JSON Web Token, or External Directory (JIRA: DEVOPS-3669).
- An app with an authentication method as an API key and Google Service Account is created with two Terraform resource blocks instead of one Terraform resource block (JIRA: DEVOPS-3669).
The Fortanix Terraform provider can be accessed from the Fortanix downloads page - https://support.fortanix.com/hc/en-us/articles/6495657315348-Terraform-Provider.