Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The new Scaleway Key Manager service supports multiple key algorithms and types for both symmetric and asymmetric usages, as described in the official documentation.
Currently supported algorithms include:

• RSA-OAEP-2048-SHA256
• RSA-PSS-2048-SHA256
• RSA-OAEP-4096-SHA256
• AES-256-GCM
• ...

However, the current Terraform provider does not allow users to specify which algorithm to use when creating a key.
The algorithm is currently hardcoded based on the usage field, as seen in the provider code:
👉 helpers.go#L58

It would be very useful to expose an argument (for example, algorithm) to let users explicitly select the desired algorithm when creating keys via Terraform.
This would align Terraform behavior with the flexibility provided by the Scaleway API and console.

New or Affected Resource(s)

• scaleway_key_manager_key

Potential Terraform Configuration

resource "scaleway_key_manager_key" "example" {
  name        = "my-key"
  usage       = "asymmetric_encryption"
  description = "Example asymmetric key with explicit algorithm"

  # New proposed field
  algorithm   = "RSA_OAEP_4096_SHA256" # or "RSA_OAEP_3072_SHA256", "RSA_OAEP_2048_SHA256"
}

References

• Scaleway Key Manager concepts: https://www.scaleway.com/en/docs/key-manager/concepts/
• Hardcoded algorithm in provider: https://github.com/scaleway/terraform-provider-scaleway/blob/master/internal/services/keymanager/helpers.go#L58