terraform-provider-oci icon indicating copy to clipboard operation
terraform-provider-oci copied to clipboard

Published 20 hours ago verified publisher icon oracle

Resource ADW: Error when providing vault_id and kms_id while provisioning ADW

Open sindhura2509 opened this issue 10 months ago • 1 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v1.6.2 Provider Version 5.27.0

Affected Resource(s)

oci_database_autonomous_database

Terraform Configuration Files

Code Snippet:

resource "oci_database_autonomous_database" "test_autonomous_database" { #Required compartment_id = var.compartment_id db_name = var.db_name

#Optional compute_count = var.cpu_core_count compute_model = var.compute_model data_storage_size_in_tbs = var.data_storage_size_in_tbs admin_password = random_password.adw_admin_password.result db_workload = var.db_workload display_name = var.display_name is_free_tier = var.is_free_tier license_model = var.license_model backup_retention_period_in_days = var.backup_retention_period_in_days subnet_id = var.subnet_id vault_id = var.add_vault == true ? var.vault_id : "" is_auto_scaling_enabled = var.autonomous_database_is_auto_scaling_enabled is_auto_scaling_for_storage_enabled = var.autonomous_database_is_auto_scaling_for_storage_enabled kms_key_id = var.add_vault == true ? oci_kms_key.test_key.id : "" defined_tags = merge(var.tags, var.env_tag)

customer_contacts {

#Optional
email = var.customer_contacts_email

}

depends_on = [ oci_kms_key.test_key, oci_vault_secret.adw_secret, data.oci_secrets_secretbundle.adw_secretbundle ] }

Debug Output

Receiving below error while provisioning ADW by giving vault_id and kms_id parameters. Although if we provision ADW without these parameters initially, and then apply the changes again by adding these parameters it is successful.

Actual Behavior

404 - Invalid parameter - cannot create or rotate anonymous database encryption key id or open the database. Encryption key ids cannot be null or blank.

Expected Behavior

ADW has to be provisioned by providing vaulat and kms key details at the initial run itself

sindhura2509 avatar Apr 02 '24 10:04 sindhura2509

Same problem here. Another thing I saw is that the key shape requested in the documentation for an autonomous database is AES 256, but in the API it only goes up to 32

Documentation: https://docs.oracle.com/en/cloud/paas/autonomous-database/serverless/adbsb/prerequisite-user-managed-key.html#GUID-6A30B530-49FC-46AC-AEB7-E3A53EEE29A9

SamuelMolling avatar Jul 09 '24 03:07 SamuelMolling