[0.5.29] - April 12, 2024

This article provides an overview of new features in the Fortanix Data Security Manager (DSM) - Terraform 0.5.29 release.

1.0 New Features

  • Fortanix Terraform Provider now supports copying the key from the Fortanix DSM group to the GCP Cloud Data Control (CDC) group (JIRA: EXTREQ-1069).

2.0 Bug Fixes

  • Fixed an issue that occurred when users tried to update the Amazon Web Services (AWS) Cloud Data Control (CDC) group credentials (AWS access key and secret key) using Terraform (JIRA: ES-355).

3.0 Known Issues

  • Updating the rotation policy in dsm_aws_sobject using Terraform does not take effect. (JIRA: DEVOPS-4474)
  • Attempts to update the rotation policy in dsm_azure_sobject using Terraform do not take effect. (JIRA: DEVOPS-4475)
  • Updating the rotation policy with both intervals, the system considers only the interval_days value. (JIRA: DEVOPS-4477)
  • Setting the enable or disable options while creating security objects does not take effect. (JIRA: DEVOPS-3110)
  • Deletion of the Key Access Justification policy for security objects for Google Cloud EKM is not supported. (JIRA: DEVOPS-3806)
  • Issues in updating the security dsm_sobject (JIRA: DEVOPS-3668).
    • Unable to update the security object’s group.
    • Unable to set an expiration date after the security object is created.
    • Unable to deactivate, destroy, or delete a security object.
  • Terraform will detect changes when an approval policy, HMG, or cryptographic policy is added to a group, even when nothing is changed in the TF Body. (JIRA: DEVOPS-3667)
  • When you invite a user to a Fortanix DSM account as an account member and add this user to a group as an account administrator using the dsm_group_user_role, even though the user has not accepted the invitation to join the account, the user will still fail to be added to the group. (JIRA: DEVOPS-3666)
  • Unable to update the DSM group name if the dsm_group resource contains an hmg parameter. (JIRA: DEVOPS-3736)
  • Issue with deleting an account-level quorum policy. (JIRA: DEVOPS-3737)
  • Unable to add quorum policy to existing externally-backed DSM groups using Terraform script. (JIRA: DEVOPS-3825)
  • Terraform detects change even when the Key Access Justification Policy is not updated. (JIRA: DEVOPS-3807)
  • The Key Access Justification policy does not work for a secret key type. (JIRA: DEVOPS-4021)
  • Unable to generate a key of type LMS and BLS. (JIRA: DEVOPS-4020)
  • Unable to import a key of any type except the Secret key. (JIRA: DEVOPS-4028)
  • Unable to create admin apps using Terraform provider. (JIRA: DEVOPS-3669)
  • Unable to create apps with authentication methods such as Certificate, Trusted CA, JSON Web Token, or External Directory. (JIRA: DEVOPS-3669)
  • An app with an authentication method as an API key and Google Service Account is created with two Terraform resource blocks instead of one Terraform resource block. (JIRA: DEVOPS-3669)


The Fortanix Terraform provider can be accessed from the Fortanix downloads page - https://support.fortanix.com/hc/en-us/articles/6495657315348-Terraform-Provider.


Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful