Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Bug]: Azure access credentials marked environment as optional, but errors out unless specified #2189

Closed
TheLonelyGhost opened this issue Mar 13, 2024 · 0 comments · Fixed by #2190
Closed

[Bug]: Azure access credentials marked environment as optional, but errors out unless specified #2189

TheLonelyGhost opened this issue Mar 13, 2024 · 0 comments · Fixed by #2190
Labels
bug

Comments

@TheLonelyGhost
Copy link
Contributor

Terraform Core Version

1.5.3

Terraform Vault Provider Version

4.0.0

Vault Server Version

1.15.4

Affected Resource(s)

  • vault/data_source_azure_access_credentials.go

Expected Behavior

Not specifying the environment attribute will default to the behavior on the Vault server.

Actual Behavior

Not specifying the environment attribute throws an error about "" not being a valid cloud provider.

Relevant Error/Panic Output Snippet

Error: unsupported Azure cloud name ""
with data.vault_azure_access_credentials.creds
on provider.tf line 57, in data "vault_azure_access_credentials" "creds":
data "vault_azure_access_credentials" "creds" {

Terraform Configuration Files

terraform {
  required_providers {
    vault = {
      source  = "hashicorp/vault"
      version = "4.0.0"
    }
    azurerm = {
      source = "hashicorp/azurerm"
    }
  }
}

variable "SUBSCRIPTION_ID" {
  type = string
}

variable "TENANT_ID" {
  type = string
}

provider "vault" {}

provider "azurerm" {
  features {}
  subscription_id = var.SUBSCRIPTION_ID
  tenant_id       = var.TENANT_ID
  client_id       = data.vault_azure_access_credentials.creds.client_id
  client_secret   = data.vault_azure_access_credentials.creds.client_secret
}

data "vault_azure_access_credentials" "creds" {
  backend                     = "azure/nonprod"
  role                        = "admin"
  validate_creds              = true
  num_sequential_successes    = 8
  num_seconds_between_tests   = 1
  max_cred_validation_seconds = 300
}

Steps to Reproduce

With Azure secrets engine configured to serve credentials at the path configured in the sample TF configs, run terraform init and terraform plan.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

Would you like to implement a fix?

Yes
@TheLonelyGhost TheLonelyGhost mentioned this issue Mar 13, 2024
Merged
2 tasks
TheLonelyGhost added a commit to TheLonelyGhost/terraform-provider-vault that referenced this issue Mar 13, 2024
@TheLonelyGhost
Fixes hashicorp#2189: environment defaults to Azure Public Cloud
36df45e 
Ideally this would be drawn from Vault Server, but the documented
default there is to point at Azure Public Cloud. This seems like a
decent compromise.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
TheLonelyGhost added a commit to TheLonelyGhost/terraform-provider-vault that referenced this issue Mar 14, 2024
@TheLonelyGhost
Fixes hashicorp#2189: environment defaults to Azure Public Cloud
fb100b3 
Ideally this would be drawn from Vault Server, but the documented
default there is to point at Azure Public Cloud. This seems like a
decent compromise.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
fairclothjm pushed a commit that referenced this issue Mar 14, 2024
@TheLonelyGhost
Azure Creds: Honors the documented default behavior (again) (#2190)
37e87b4 
Fixes #2189: `environment` defaults to Azure Public Cloud

Ideally this would be drawn from Vault Server, but the documented
default there is to point at Azure Public Cloud. This seems like a
decent compromise.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Azure Creds: Honors the documented default behavior (again) TheLonelyGhost/terraform-provider-vault
1 participant
@TheLonelyGhost