Terraform Version
Terraform v1.3.7
on linux_amd64
Terraform Configuration Files
Keyvault module output
locals {
secret_map = {
for item in keys(var.secrets[0]) :
item => var.secrets[0][item].result
}
}
data "azurerm_key_vault" "keyvault" {
name = var.keyvault_name
resource_group_name = var.resource_group_name
}
resource "azurerm_key_vault_secret" "secret" {
for_each = local.secret_map
name = each.key
value = each.value
key_vault_id = data.azurerm_key_vault.keyvault.id
tags = var.key_tags
}
output "keyvault_secrets" {
value = azurerm_key_vault_secret.secret[*]
description = "Outpus all object for further processing"
}Main terraform file part code
terraform {
backend "azurerm" {}
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.40.0"
}
vcd = {
source = "vmware/vcd"
version = "3.6.0"
}
fortios = {
source = "fortinetdev/fortios"
version = "~> 1.14.1"
}
random = {
source = "hashicorp/random"
}
local = {
source = "hashicorp/local"
}
}
}
provider "azurerm" {
alias = "keyvault"
subscription_id = var.keyvault_subscription_id
client_id = var.keyvault_client_id
client_secret = var.keyvault_client_secret
tenant_id = var.keyvault_tenant_id
skip_provider_registration = true
features {
key_vault {
purge_soft_deleted_secrets_on_destroy = true
recover_soft_deleted_secrets = true
}
}
}
# ommited code
module "vapp-tier1-vm-win" {
source = "path to vm module"
count = length(var.tier1_vm_win_count) > 0 ? 1 : 0
org_name = var.org_name
vdc_name = var.vdc_name
vapp_name = module.vapp.vapp_name
vm_network_name = module.vapp-tier1-network[0].network_name
client_name = var.client_name
application = var.application
tags = var.metadata
enviroment = var.env_short
os_type = "win"
location = var.location
vm_count = var.tier1_vm_win_count
catalog_name = var.catalog_name
template_name = var.template_win_name
customization_enabled = true
allow_local_admin_password = false
customization_admin_password = "" # ""
change_sid = true
join_domain = var.join_domain
override_template_disk = var.tier1_override_win_template_disk
boot_disk_size_in_mb = var.tier1_vm_win_boot_disk_size
boot_disk_bus_type = "sas"
data_disk_sizes_in_mb = var.tier1_vm_win_data_disk_sizes
storage_profile = var.tier1_vm_storage_profile
depends_on = [
module.vapp-tier1-network, module.vapp-tier2-network, module.vapp-tier3-network,
module.vapp,
module.vapp_fo_org_network, module.vapp_mo_org_network, module.vapp_bo_org_network,
module.vapp-tier1-vm-linux
]
}
resource "random_password" "tier1_win_password" {
for_each = toset(keys(local.vapp-tier1-vm-win))
length = 16
special = true
override_special = "~!@#$%^&*_-+=.?"
min_special = 1
lower = true
min_lower = 1
numeric = true
min_numeric = 1
upper = true
min_upper = 1
}
# ommited code
module "tier1_win_keyvault_secrets" {
source = "path to keyvault module"
providers = {
azurerm = azurerm.keyvault
}
count = length(var.tier1_vm_win_count) > 0 ? 1 : 0
secrets = random_password.tier1_win_password[*]
keyvault_name = var.keyvault_name
resource_group_name = var.keyvault_resource_group_name
depends_on = [random_password.tier1_win_password]
}
# ommited code
locals {
# ommited code
vapp-tier1-vm-win = length(var.tier1_vm_win_count) > 0 ? module.vapp-tier1-vm-win[0].vm[0] : {}
tier1_win_secrets = length(var.tier1_vm_win_count) > 0 ? {
for item in keys(module.tier1_win_keyvault_secrets[0].keyvault_secrets[0]) :
item => module.tier1_win_keyvault_secrets[0].keyvault_secrets[0][item].value
} : {}
}Debug Output
destroy_debug_trace.zip
Expected Behavior
Terraform successfully destroy existing infrastructure.
Actual Behavior
terraform complains due to missing index
Object output exist in terraform state file and module returns index not empty one.
Terraform successfully destroy infrastructure after apply, but on destroy I get an error.
2023-01-25T09:44:01.0060900Z Error: Invalid index
2023-01-25T09:44:01.0061348Z
2023-01-25T09:44:01.0062206Z on main.tf line 565, in locals:
2023-01-25T09:44:01.0063291Z 565: for item in keys(module.tier1_win_keyvault_secrets[0].keyvault_secrets[0]) :
2023-01-25T09:44:01.0064849Z ├────────────────
2023-01-25T09:44:01.0066406Z │ module.tier1_win_keyvault_secrets is empty tuple
2023-01-25T09:44:01.0066961Z
2023-01-25T09:44:01.0067928Z The given key does not identify an element in this collection value: the
2023-01-25T09:44:01.0068933Z collection has no elements.
1.2.9 version works fine
Steps to Reproduce
- terraform init
- terraform apply
- terraform destroy
Additional Context
No response
References
No response
Terraform Version
Terraform Configuration Files
Keyvault module output
Main terraform file part code
Debug Output
destroy_debug_trace.zip
Expected Behavior
Terraform successfully destroy existing infrastructure.
Actual Behavior
terraform complains due to missing index
Object output exist in terraform state file and module returns index not empty one.
Terraform successfully destroy infrastructure after apply, but on destroy I get an error.
1.2.9 version works fine
Steps to Reproduce
Additional Context
No response
References
No response