[NEW] New resource: ovh_dbaas_logs_encryption_key

[anthonyroussel]

Description

The OVHcloud API exposes endpoints to manage PGP encryption keys for the Logs Data Platform (Cold Storage encryption), but there is currently no corresponding Terraform resource or data source in the provider.

These encryption keys allow users to encrypt their log at rest into Cold Archive using their own PGP public keys. Managing them via Terraform is essential for Infrastructure-as-Code workflows, especially when referencing them in stream cold storage configurations.

Requested Resource(s) and/or Data Source(s)

• ovh_dbaas_logs_encryption_key (resource)
• ovh_dbaas_logs_encryption_key (data source - to read/import existing encryption key)

Potential Terraform Configuration

For the resource:

resource "ovh_dbaas_logs_encryption_key" "my_key" {
  service_name = "ldp-xx-xxxxx"
  title        = "My GnuPG Encryption Key"
  fingerprint  = "ABCDEF..."
  content      = file("my-pgp-public-key.asc")
}

The datasource:

data "ovh_dbaas_logs_encryption_key" "my_key" {
  service_name      = "ldp-xx-xxxxx"
  encryption_key_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Usage in a stream's cold storage configuration:

resource "ovh_dbaas_logs_output_graylog_stream" "stream" {
  service_name = "...."
  title        = "my stream"
  description  = "my graylog stream"

  encryption_keys_ids = [
    data.ovh_dbaas_logs_encryption_key.my_key.id,
  ]
}