From 580bdb6a8c5006135cbedd6022d85f916bcce57f Mon Sep 17 00:00:00 2001
From: BenyBoy84 <Blais_Benoit@hotmail.com>
Date: Tue, 19 Mar 2024 08:00:08 -0400
Subject: [PATCH 1/7] v0.0.45

---
 resources_hcp_vault_secrets.tf | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 resources_hcp_vault_secrets.tf

diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
new file mode 100644
index 0000000..66e8299
--- /dev/null
+++ b/resources_hcp_vault_secrets.tf
@@ -0,0 +1,8 @@
+# The following code blode is used to create secret in Hashicorp Vault.
+
+resource "hcp_vault_secrets_secret" "this" {
+  for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if team == true })
+  app_name     = "TerraformCloud"
+  secret_name  = "TFC_API_TOKEN_${each.value.name}"
+  secret_value = module.tfe_teams[each.value.name].token
+}
\ No newline at end of file

From 360832be7628afe8873643efe25ebbf187b9cc83 Mon Sep 17 00:00:00 2001
From: BenyBoy84 <Blais_Benoit@hotmail.com>
Date: Tue, 19 Mar 2024 08:02:14 -0400
Subject: [PATCH 2/7] v0.0.45

---
 resources_hcp_vault_secrets.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
index 66e8299..02b1ae7 100644
--- a/resources_hcp_vault_secrets.tf
+++ b/resources_hcp_vault_secrets.tf
@@ -3,6 +3,6 @@
 resource "hcp_vault_secrets_secret" "this" {
   for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if team == true })
   app_name     = "TerraformCloud"
-  secret_name  = "TFC_API_TOKEN_${each.value.name}"
+  secret_name  = "TFC_API_TOKEN_${lower(replace(each.value.name, "/\\W|_|\\s/", "_"))}"
   secret_value = module.tfe_teams[each.value.name].token
 }
\ No newline at end of file

From 96630d739cf1a318f08a58e928ffaee727a5c079 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Tue, 19 Mar 2024 12:04:03 +0000
Subject: [PATCH 3/7] terraform-docs: automated action

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index a9f0a10..c850b8a 100644
--- a/README.md
+++ b/README.md
@@ -179,6 +179,7 @@ No optional inputs.
 The following resources are used by this module:
 
 - [github_actions_secret.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) (resource)
+- [hcp_vault_secrets_secret.this](https://registry.terraform.io/providers/hashicorp/hcp/latest/docs/resources/vault_secrets_secret) (resource)
 - [tfe_project.project](https://registry.terraform.io/providers/hashicorp/tfe/latest/docs/resources/project) (resource)
 - [tfe_project_variable_set.this](https://registry.terraform.io/providers/hashicorp/tfe/latest/docs/resources/project_variable_set) (resource)
 - [tfe_variable.variable_set](https://registry.terraform.io/providers/hashicorp/tfe/latest/docs/resources/variable) (resource)

From 5b216ad24e141427525d6c8fba70182f6ae5a213 Mon Sep 17 00:00:00 2001
From: BenyBoy84 <Blais_Benoit@hotmail.com>
Date: Tue, 19 Mar 2024 08:05:16 -0400
Subject: [PATCH 4/7] v0.0.45

---
 resources_hcp_vault_secrets.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
index 02b1ae7..21ef2e9 100644
--- a/resources_hcp_vault_secrets.tf
+++ b/resources_hcp_vault_secrets.tf
@@ -1,7 +1,7 @@
 # The following code blode is used to create secret in Hashicorp Vault.
 
 resource "hcp_vault_secrets_secret" "this" {
-  for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if team == true })
+  for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if team.token == true })
   app_name     = "TerraformCloud"
   secret_name  = "TFC_API_TOKEN_${lower(replace(each.value.name, "/\\W|_|\\s/", "_"))}"
   secret_value = module.tfe_teams[each.value.name].token

From 37d98036bf6147d21f25e1ccfb43317a5f317d38 Mon Sep 17 00:00:00 2001
From: BenyBoy84 <Blais_Benoit@hotmail.com>
Date: Tue, 19 Mar 2024 08:06:29 -0400
Subject: [PATCH 5/7] v0.0.45

---
 resources_hcp_vault_secrets.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
index 21ef2e9..0b947cc 100644
--- a/resources_hcp_vault_secrets.tf
+++ b/resources_hcp_vault_secrets.tf
@@ -1,7 +1,7 @@
 # The following code blode is used to create secret in Hashicorp Vault.
 
 resource "hcp_vault_secrets_secret" "this" {
-  for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if team.token == true })
+  for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if try(team.token, false) == true })
   app_name     = "TerraformCloud"
   secret_name  = "TFC_API_TOKEN_${lower(replace(each.value.name, "/\\W|_|\\s/", "_"))}"
   secret_value = module.tfe_teams[each.value.name].token

From d29abb6b9c7b8d41621448719d81551a8ce402b2 Mon Sep 17 00:00:00 2001
From: BenyBoy84 <Blais_Benoit@hotmail.com>
Date: Tue, 19 Mar 2024 08:08:56 -0400
Subject: [PATCH 6/7] v0.0.45

---
 docs/README_header.md          | 6 +++---
 resources_hcp_vault_secrets.tf | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/README_header.md b/docs/README_header.md
index 07f28cf..1b1e1cd 100644
--- a/docs/README_header.md
+++ b/docs/README_header.md
@@ -21,8 +21,8 @@ instead of a user token.
 
 ### Hashicorp Vault Secrets Permissions
 
-To read secrets from Hashicorp Vault Secrets, provide a client ID and a key
-from a service principals with the secret `reader` role.
+To read and create secrets in Hashicorp Vault Secrets, provide a client ID and a key
+from a service principals with the secret `contributor` role.
 
 ### GitHub Permissions
 
@@ -83,7 +83,7 @@ GITHUB_APP_PEM_FILE, and GITHUB_OWNER environment variables to authenticate.
   * branches protection
   * repositories secrets
   * teams
-* Read secrets from Hashicorp Vault Secrets
+* Read and write secrets in Hashicorp Vault Secrets
 
 ## Prerequisite
 
diff --git a/resources_hcp_vault_secrets.tf b/resources_hcp_vault_secrets.tf
index 0b947cc..d4b3f81 100644
--- a/resources_hcp_vault_secrets.tf
+++ b/resources_hcp_vault_secrets.tf
@@ -3,6 +3,6 @@
 resource "hcp_vault_secrets_secret" "this" {
   for_each     = nonsensitive({ for team in local.tfc_teams : team.name => team if try(team.token, false) == true })
   app_name     = "TerraformCloud"
-  secret_name  = "TFC_API_TOKEN_${lower(replace(each.value.name, "/\\W|_|\\s/", "_"))}"
+  secret_name  = lower(replace(each.value.name, "/\\W|_|\\s/", "_"))
   secret_value = module.tfe_teams[each.value.name].token
 }
\ No newline at end of file

From a792163100cfbf33afe4fbe3ec6a2566a160e081 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Tue, 19 Mar 2024 12:09:24 +0000
Subject: [PATCH 7/7] terraform-docs: automated action

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index c850b8a..dcdbb20 100644
--- a/README.md
+++ b/README.md
@@ -22,8 +22,8 @@ instead of a user token.
 
 ### Hashicorp Vault Secrets Permissions
 
-To read secrets from Hashicorp Vault Secrets, provide a client ID and a key
-from a service principals with the secret `reader` role.
+To read and create secrets in Hashicorp Vault Secrets, provide a client ID and a key
+from a service principals with the secret `contributor` role.
 
 ### GitHub Permissions
 
@@ -84,7 +84,7 @@ GITHUB\_APP\_PEM\_FILE, and GITHUB\_OWNER environment variables to authenticate.
   * branches protection
   * repositories secrets
   * teams
-* Read secrets from Hashicorp Vault Secrets
+* Read and write secrets in Hashicorp Vault Secrets
 
 ## Prerequisite