diff --git a/docs/data-sources/loadbalancer.md b/docs/data-sources/loadbalancer.md
index 26823ccf..e91af21f 100644
--- a/docs/data-sources/loadbalancer.md
+++ b/docs/data-sources/loadbalancer.md
@@ -40,6 +40,10 @@ data "stackit_loadbalancer" "example" {
### Nested Schema for `listeners`
+Optional:
+
+- `server_name_indicators` (Attributes List) A list of domain names to match in order to pass TLS traffic to the target pool in the current listener (see [below for nested schema](#nestedatt--listeners--server_name_indicators))
+
Read-Only:
- `display_name` (String)
@@ -47,6 +51,14 @@ Read-Only:
- `protocol` (String) Protocol is the highest network protocol we understand to load balance.
- `target_pool` (String) Reference target pool by target pool name.
+
+### Nested Schema for `listeners.server_name_indicators`
+
+Optional:
+
+- `name` (String) A domain name to match in order to pass TLS traffic to the target pool in the current listener
+
+
### Nested Schema for `networks`
diff --git a/docs/resources/loadbalancer.md b/docs/resources/loadbalancer.md
index 06aa0647..664f0acf 100644
--- a/docs/resources/loadbalancer.md
+++ b/docs/resources/loadbalancer.md
@@ -202,8 +202,17 @@ Optional:
- `display_name` (String)
- `port` (Number) Port number where we listen for traffic.
- `protocol` (String) Protocol is the highest network protocol we understand to load balance.
+- `server_name_indicators` (Attributes List) A list of domain names to match in order to pass TLS traffic to the target pool in the current listener (see [below for nested schema](#nestedatt--listeners--server_name_indicators))
- `target_pool` (String) Reference target pool by target pool name.
+
+### Nested Schema for `listeners.server_name_indicators`
+
+Optional:
+
+- `name` (String) A domain name to match in order to pass TLS traffic to the target pool in the current listener
+
+
### Nested Schema for `networks`
diff --git a/stackit/internal/services/loadbalancer/loadbalancer/datasource.go b/stackit/internal/services/loadbalancer/loadbalancer/datasource.go
index 1c7b7c90..a0c913d4 100644
--- a/stackit/internal/services/loadbalancer/loadbalancer/datasource.go
+++ b/stackit/internal/services/loadbalancer/loadbalancer/datasource.go
@@ -78,7 +78,7 @@ func (r *loadBalancerDataSource) Configure(ctx context.Context, req datasource.C
// Schema defines the schema for the data source.
func (r *loadBalancerDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
descriptions := map[string]string{
- "main": "Load Balancer resource schema.",
+ "main": "Load Balancer data source schema. Must have a `region` specified in the provider configuration.",
"id": "Terraform's internal resource ID. It is structured as \"`project_id`\",\"`name`\".",
"project_id": "STACKIT project ID to which the Load Balancer is associated.",
"external_address": "External Load Balancer IP address where this Load Balancer is exposed.",
diff --git a/stackit/internal/services/ske/cluster/resource.go b/stackit/internal/services/ske/cluster/resource.go
index 1e3b01aa..c1f8aca0 100644
--- a/stackit/internal/services/ske/cluster/resource.go
+++ b/stackit/internal/services/ske/cluster/resource.go
@@ -672,7 +672,7 @@ func (r *clusterResource) getCredential(ctx context.Context, diags *diag.Diagnos
if oapiErr.StatusCode == http.StatusBadRequest {
// deprecated endpoint will return 400 if the new endpoints have been used
// if that's the case, we set the field to null
- core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "The call to GetCredentials failed, which means the new credentials rotation flow might already been triggered for this cluster. If you are already using the stackit_ske_kubeconfig resource you can ignore this warning. If not, you must start using it.")
+ core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "Failed to get static token kubeconfig, which means the new credentials rotation flow might already been triggered for this cluster. If you are already using the stackit_ske_kubeconfig resource you can ignore this warning. If not, you must use it to access this cluster's short-lived admin kubeconfig.")
model.KubeConfig = types.StringPointerValue(nil)
return nil
}
@@ -1386,6 +1386,14 @@ func (r *clusterResource) Read(ctx context.Context, req resource.ReadRequest, re
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading cluster", fmt.Sprintf("Processing API payload: %v", err))
return
}
+
+ // Handle credential
+ err = r.getCredential(ctx, &resp.Diagnostics, &state)
+ if err != nil {
+ core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading cluster", fmt.Sprintf("Getting credential: %v", err))
+ return
+ }
+
diags = resp.State.Set(ctx, state)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
diff --git a/stackit/internal/services/ske/kubeconfig/resource.go b/stackit/internal/services/ske/kubeconfig/resource.go
index a36b3666..a52a78a2 100644
--- a/stackit/internal/services/ske/kubeconfig/resource.go
+++ b/stackit/internal/services/ske/kubeconfig/resource.go
@@ -17,6 +17,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/boolplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64default"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
@@ -153,6 +154,7 @@ func (r *kubeconfigResource) Schema(_ context.Context, _ resource.SchemaRequest,
Description: descriptions["expiration"],
Optional: true,
Computed: true,
+ Default: int64default.StaticInt64(3600), // the default value is not returned by the API so we set a default value here, otherwise we would have to compute the expiration based on the expires_at field
PlanModifiers: []planmodifier.Int64{
int64planmodifier.RequiresReplace(),
int64planmodifier.UseStateForUnknown(),