remove config-level field

vault/resource_database_secret_backend_connection.go

@@ -1864,12 +1864,6 @@ func writeDatabaseSecretConfig(d *schema.ResourceData, client *api.Client,
 		}
 	}
 
-	if provider.IsAPISupported(meta, provider.VaultVersion118) && provider.IsEnterpriseSupported(meta) {
-		if v, ok := d.Get(prefix + consts.FieldSkipStaticRoleImportRotation).(bool); ok {
-			data[consts.FieldSkipStaticRoleImportRotation] = v
-		}
-	}
-
 	log.Printf("[DEBUG] Writing connection config to %q", path)
 	_, err = client.Logical().Write(path, data)
 	if err != nil {

vault/resource_database_secret_backend_connection_test.go

@@ -872,41 +872,6 @@ func TestAccDatabaseSecretBackendConnection_postgresql_tls(t *testing.T) {
 	})
 }
 
-func TestAccDatabaseSecretBackendConnection_postgresql_skipRotation(t *testing.T) {
-	MaybeSkipDBTests(t, dbEnginePostgres)
-
-	values := testutil.SkipTestEnvUnset(t, "POSTGRES_URL")
-	connURL := values[0]
-	parsedURL, err := url.Parse(connURL)
-	if err != nil {
-		t.Fatal(err)
-	}
-	username := parsedURL.User.Username()
-
-	resourceName := "vault_database_secret_backend_connection.test"
-	backend := acctest.RandomWithPrefix("tf-test-db")
-	pluginName := dbEnginePostgres.DefaultPluginName()
-	name := acctest.RandomWithPrefix("db")
-
-	resource.Test(t, resource.TestCase{
-		ProviderFactories: providerFactories,
-		PreCheck: func() {
-			testutil.TestEntPreCheck(t)
-			SkipIfAPIVersionLT(t, testProvider.Meta(), provider.VaultVersion118)
-		},
-		CheckDestroy: testAccDatabaseSecretBackendConnectionCheckDestroy,
-		Steps: []resource.TestStep{
-			{
-				Config: testAccDatabaseSecretBackendConnectionConfig_postgresql_skipRotation(name, backend, connURL, username),
-				Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName,
-					resource.TestCheckResourceAttr(resourceName, "skip_static_role_import_rotation", "true"),
-				),
-			},
-			testutil.GetImportTestStep(resourceName, false, nil, ""),
-		},
-	})
-}
-
 func TestAccDatabaseSecretBackendConnection_postgresql_rootlessConfig(t *testing.T) {
 	resourceName := "vault_database_secret_backend_connection.test"
 	backend := acctest.RandomWithPrefix("tf-test-db")
@@ -1858,26 +1823,6 @@ resource "vault_database_secret_backend_connection" "test" {
 `, path, name, tlsCA, tlsCert, privateKey)
 }
 
-func testAccDatabaseSecretBackendConnectionConfig_postgresql_skipRotation(name, path, connURL, username string) string {
-	return fmt.Sprintf(`
-resource "vault_mount" "db" {
-  path = "%s"
-  type = "database"
-}
-
-resource "vault_database_secret_backend_connection" "test" {
-  backend = vault_mount.db.path
-  name = "%s"
-  skip_static_role_import_rotation = true
-
-  postgresql {
-    connection_url = "%s"
-	username = "%s"
-  }
-}
-`, path, name, connURL, username)
-}
-
 func testAccDatabaseSecretBackendConnectionConfig_postgresql_rootless(name, path string) string {
 	return fmt.Sprintf(`
 resource "vault_mount" "db" {

vault/resource_database_secrets_mount.go

@@ -189,11 +189,6 @@ func getCommonDatabaseSchema() schemaMap {
 			Description: "Specifies if the connection is verified during initial configuration.",
 			Default:     true,
 		},
-		consts.FieldSkipStaticRoleImportRotation: {
-			Type:        schema.TypeBool,
-			Optional:    true,
-			Description: "Skip rotation of static role secrets on import.",
-		},
 		"allowed_roles": {
 			Type:        schema.TypeList,
 			Optional:    true,

website/docs/r/database_secret_backend_connection.md

@@ -62,9 +62,6 @@ The following arguments are supported:
 
 * `data` - (Optional) A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
-* `skip_static_role_import_rotation` - (Optional) If set to true, static roles
-  will not be rotated during import. Requires Vault 1.18+ Enterprise.
-
 * `cassandra` - (Optional) A nested block containing configuration options for Cassandra connections.
 
 * `couchbase` - (Optional) A nested block containing configuration options for Couchbase connections.