terraform-azurerm-key-vault icon indicating copy to clipboard operation
terraform-azurerm-key-vault copied to clipboard

Published 20 hours ago verified publisher icon kumarvna

Provider produced inconsistent final plan when using azure_ad_user_principal_names

Open akatasonov opened this issue 2 years ago • 0 comments

Hello and thank you for your module. It works great, however, if I enable the azure_ad_user_principal_names block in "access_policies" I'm getting the error:

Error: Provider produced an inconsistent final plan
│
│ When expanding the plan for module.key-vault.azurerm_key_vault.main to include new values learned so far during apply, provider "registry.terraform.io/hashicorp/azurerm"  
│ produced an invalid new value for .access_policy: new element 2 has appeared.
│
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.

My terraform block:

terraform {

  required_version = ">=1.2.0"

  required_providers {
    azuread = {
      source  = "hashicorp/azuread"
      version = "~>2.15.0"
    }
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~>3.9.0"
    }
  }

  # configure azure blob storage as state backend
  backend "azurerm" {}
}

# Configure the Microsoft Azure ActiveDirectory provider
provider "azuread" {
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  features {}
}

Everything works fine if I comment the block:

{
      azure_ad_user_principal_names = ["UPN goes here"]
      key_permissions               = ["Create", "Delete", "Get", "Backup", "Decrypt", "Encrypt", "Import", "List", "Purge", "Recover", "Restore", "Sign", "Update", "Verify"]
      secret_permissions            = ["Backup", "Delete", "Get", "List", "Purge", "Recover", "Restore", "Set"]
      certificate_permissions       = []
      storage_permissions           = []
    },

akatasonov avatar Jun 22 '22 17:06 akatasonov