2
votes

I'm testing the "for_each" resource attribute now available in Terraform 12.6 but can't manage to reference created instances in other resources.

azure.tf


variable "customers" {
  type = map(object({name=string}))
}

resource "azurerm_storage_account" "provisioning-datalake" {

  for_each = var.customers

  name                              = "mydatalake${each.key}"
  resource_group_name               = "${azurerm_resource_group.provisioning-group.name}"
  location                          = "${azurerm_databricks_workspace.databricks.location}"
  account_kind                      = "StorageV2"
  account_tier                      = "Standard"
  account_replication_type          = "GRS"
  is_hns_enabled                    = true
  enable_advanced_threat_protection = true

  tags = {
    environment = var.environment
    customer = each.value.name
  }
}

resource "azurerm_key_vault_secret" "key-vault-datalake-secret" {

  for_each = var.customers

  name         = "mydatalake-shared-key-${each.key}"
  value        = azurerm_storage_account.provisioning-datalake[each.key].primary_access_key
  key_vault_id = azurerm_key_vault.key-vault.id

  tags = {
    environment = var.environment
    customer = each.value.name
  }
}

build.tfvars

environment = "Build"
customers = {
  dev = {
    name = "Development"
  },
  int = {
    name = "Integration"
  },
  stg = {
    name = "Staging"
  }
}

I expect "keyvault-datalake-secret" entries to be created with the matching keys of the generated "provisioning-datalake" resources.

But when I run terraform plan --var-file=build.tfvars, I get the following error:

Error: Invalid index

  on azure.tf line 45, in resource "azurerm_key_vault_secret" "key-vault-datalake-secret":
  45:   value        = azurerm_storage_account.provisioning-datalake[each.key].primary_access_key
    |----------------
    | azurerm_storage_account.provisioning-datalake is object with 52 attributes
    | each.key is "stg"

The given key does not identify an element in this collection value.


Error: Invalid index

  on azure.tf line 45, in resource "azurerm_key_vault_secret" "key-vault-datalake-secret":
  45:   value        = azurerm_storage_account.provisioning-datalake[each.key].primary_access_key
    |----------------
    | azurerm_storage_account.provisioning-datalake is object with 52 attributes
    | each.key is "int"

The given key does not identify an element in this collection value.


Error: Invalid index

  on azure.tf line 45, in resource "azurerm_key_vault_secret" "key-vault-datalake-secret":
  45:   value        = azurerm_storage_account.provisioning-datalake[each.key].primary_access_key
    |----------------
    | azurerm_storage_account.provisioning-datalake is object with 52 attributes
    | each.key is "dev"

The given key does not identify an element in this collection value.
1
Hi @jallaix! I think you may have found a Terraform bug here; if you wouldn't mind opening an issue at github.com/hashicorp/terraform/issues/… the Terraform team can hopefully dig in and debug some more using the additional information requested in the bug report template there. Thanks!Martin Atkins

1 Answers

2
votes

Bug corrected in Terraform 0.12.7