Terraform Version
Terraform v0.12.6
+ provider.azurerm v1.32.1
+ provider.http v1.1.1
+ provider.null v2.1.2
Terraform Configuration Files
resource "azurerm_network_security_group" "hosting" {
name = "sgroup"
location = "westeurope"
resource_group_name = "asfasfsafsf"
}
data "azurerm_monitor_diagnostic_categories" "env" {
resource_id = "${azurerm_network_security_group.hosting.id}"
}
resource "azurerm_monitor_diagnostic_setting" "env" {
name = "${azurerm_network_security_group.hosting.name}-log"
target_resource_id = data.azurerm_monitor_diagnostic_categories.env.id
log_analytics_workspace_id = var.log_analytics_workspace_id
dynamic "log" {
iterator = entry
for_each = data.azurerm_monitor_diagnostic_categories.env.logs
content {
category = entry.value
enabled = true
retention_policy {
enabled = false
}
}
}
dynamic "metric" {
iterator = entry
for_each = data.azurerm_monitor_diagnostic_categories.env.metrics
content {
category = entry.value
enabled = true
retention_policy {
enabled = false
}
}
}
}Debug Output
Crash Output
Error: Provider produced inconsistent final plan
When expanding the plan for
module.azurerm_network_security_group.azurerm_monitor_diagnostic_setting.env
to include new values learned so far during apply, provider "azurerm" produced
an invalid new value for .metric: planned set element
cty.ObjectVal(map[string]cty.Value{"category":cty.UnknownVal(cty.String),
"enabled":cty.UnknownVal(cty.Bool),
"retention_policy":cty.ListVal([]cty.Value{cty.ObjectVal(map[string]cty.Value{"days":cty.UnknownVal(cty.Number),
"enabled":cty.UnknownVal(cty.Bool)})})}) does not correlate with any element
in actual.
This is a bug in the provider, which should be reported in the provider's own
issue tracker.
Expected Behavior
Terraform apply phase plan validation should overwrite section for the dynamic block where dynamic block can't be created due to the during apply data null value. If values is known in advance and is null everything works fine, the issue only happens when data is unknown before apply...
Despite the debug message this does not look like a provider but rather SDK issue
Actual Behavior
Terraform produces a plan for the dynamic block with a promise of value to be known after apply
+ resource "azurerm_monitor_diagnostic_setting" "env" {
+ id = (known after apply)
+ log_analytics_workspace_id = (known after apply)
+ name = "anunsg001-log"
+ target_resource_id = (known after apply)
+ log {
+ category = (known after apply)
+ enabled = (known after apply)
+ retention_policy {
+ days = (known after apply)
+ enabled = (known after apply)
}
}
+ metric {
+ category = (known after apply)
+ enabled = (known after apply)
+ retention_policy {
+ days = (known after apply)
+ enabled = (known after apply)
}
}
}
During apply phase metric happens to be null which causes TF error mentioned earlier.
Steps to Reproduce
terraform initterraform apply
Additional Context
References
Terraform Version
Terraform Configuration Files
Debug Output
Crash Output
Expected Behavior
Terraform apply phase plan validation should overwrite section for the dynamic block where dynamic block can't be created due to the during apply data null value. If values is known in advance and is null everything works fine, the issue only happens when data is unknown before apply...
Despite the debug message this does not look like a provider but rather SDK issue
Actual Behavior
Terraform produces a plan for the dynamic block with a promise of value to be known after apply
During apply phase metric happens to be null which causes TF error mentioned earlier.
Steps to Reproduce
terraform initterraform applyAdditional Context
References