Fix refresh on sra host attribute

Hide k8s_auth sensitive fields

akeyless/common/utils.go

@@ -337,6 +337,9 @@ func GetSra(d *schema.ResourceData, sra *akeyless_api.SecureRemoteAccess, itemTy
 	}
 
 	if s, ok := sra.GetHostOk(); ok {
+		if s != nil && len(*s) == 1 && (*s)[0] == "" {
+			s = &[]string{}
+		}
 		err = d.Set("secure_access_host", s)
 		if err != nil {
 			return err

akeyless/resource_gateway_create_k8s_auth_config.go

@@ -39,6 +39,7 @@ func resourceK8sAuthConfig() *schema.Resource {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "The private key (in base64 encoded of the PEM format) associated with the public key defined in the Kubernetes auth",
+				Sensitive:   true,
 			},
 			"token_exp": {
 				Type:        schema.TypeInt,
@@ -60,6 +61,7 @@ func resourceK8sAuthConfig() *schema.Resource {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "A Kubernetes service account JWT used to access the TokenReview API to validate other JWTs. If not set, the JWT submitted in the authentication process will be used to access the Kubernetes TokenReview API.",
+				Sensitive:   true,
 			},
 			"k8s_issuer": {
 				Type:        schema.TypeString,
@@ -109,6 +111,7 @@ func resourceK8sAuthConfig() *schema.Resource {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "Content of the k8 client private key (PEM format) in a Base64 format (relevant for native_k8s only)",
+				Sensitive:   true,
 			},
 		},
 	}

docs/resources/k8s_auth_config.md

@@ -27,14 +27,14 @@ K8S Auth config
 - `k8s_auth_type` (String) Native K8S auth type, [token/certificate]. (relevant for native_k8s only)
 - `k8s_ca_cert` (String) The CA Certificate (base64 encoded) to use to call into the kubernetes API server
 - `k8s_client_certificate` (String) Content of the k8 client certificate (PEM format) in a Base64 format (relevant for native_k8s only)
-- `k8s_client_key` (String) Content of the k8 client private key (PEM format) in a Base64 format (relevant for native_k8s only)
+- `k8s_client_key` (String, Sensitive) Content of the k8 client private key (PEM format) in a Base64 format (relevant for native_k8s only)
 - `k8s_host` (String) The URL of the kubernetes API server
 - `k8s_issuer` (String) The Kubernetes JWT issuer name. If not set, this <kubernetes/serviceaccount> will be used by default.
 - `rancher_api_key` (String) The api key used to access the TokenReview API to validate other JWTs (relevant for rancher only)
 - `rancher_cluster_id` (String) The cluster id as define in rancher (relevant for rancher only)
-- `signing_key` (String) The private key (in base64 encoded of the PEM format) associated with the public key defined in the Kubernetes auth
+- `signing_key` (String, Sensitive) The private key (in base64 encoded of the PEM format) associated with the public key defined in the Kubernetes auth
 - `token_exp` (Number) Time in seconds of expiration of the Akeyless Kube Auth Method token
-- `token_reviewer_jwt` (String) A Kubernetes service account JWT used to access the TokenReview API to validate other JWTs. If not set, the JWT submitted in the authentication process will be used to access the Kubernetes TokenReview API.
+- `token_reviewer_jwt` (String, Sensitive) A Kubernetes service account JWT used to access the TokenReview API to validate other JWTs. If not set, the JWT submitted in the authentication process will be used to access the Kubernetes TokenReview API.
 - `use_local_ca_jwt` (Boolean) Use the GW's service account
 
 ### Read-Only

version

@@ -1,2 +1,2 @@
 # Use Semantic versioning only. Please update the version number before opening a pull request.
-v1.8.0
+v1.8.1