[AVM Module Issue]: The given value is not suitable for module.virtual_network.var.subnets declared at .terraform\modules\virtual_network\variables.tf:102,1-19: element "address_prefixes": object required.

captainhook commented 2 months ago

Check for previous/existing GitHub issues

[X] I have checked for previous/existing GitHub issues

Issue Type?

Bug

(Optional) Module Version

0.1.4

(Optional) Correlation Id

No response

Description

This is the code we have for the module:

module "virtual_network" {
  providers = {
    azurerm = azurerm.Identity-prod
  }
  source                        = "Azure/avm-res-network-virtualnetwork/azurerm"
  version                       = "~> 0.1"
  name                          = "vnet-${local.SERVICE_NAME_IDC}-${var.SERVICE_ENVIRONMENT}-${var.SERVICE_IDENTIFIER}"
  resource_group_name           = azurerm_resource_group.IdentityConnectivity-prod-001.name
  location                      = azurerm_resource_group.IdentityConnectivity-prod-001.location
  virtual_network_address_space = [local.virtual_network_address_space]
  subnets = {
    address_prefixes = ["10.80.1.0/26", "10.80.1.64/26"]
  }
}

The documentation says module.virtual_network.var.subnets should be an object, however module.virtual_network.var.subnets is declared at .terraform\modules\virtual_network\variables.tf:102 as list of string.

Is this a bug or have I done something wrong?

We've also tried passing address_prefixes as an object, as per the documentation:

module "virtual_network" {
  providers = {
    azurerm = azurerm.Identity-prod
  }
  source                        = "Azure/avm-res-network-virtualnetwork/azurerm"
  version                       = "~> 0.1"
  name                          = "vnet-${local.SERVICE_NAME_IDC}-${var.SERVICE_ENVIRONMENT}-${var.SERVICE_IDENTIFIER}"
  resource_group_name           = azurerm_resource_group.IdentityConnectivity-prod-001.name
  location                      = azurerm_resource_group.IdentityConnectivity-prod-001.location
  virtual_network_address_space = [local.virtual_network_address_space]
  subnets = {
    address_prefixes = {
      "snet-IdentityConnectivity-abc-001" = "10.80.1.0/26",
      "snet-IdentityConnectivity-def-001"            = "10.80.1.64/26"
    }
  }
}

and the error we get is: The given value is not suitable for module.virtual_network.var.subnets declared at .terraform\modules\virtual_network\variables.tf:102,1-19: element "address_prefixes": attribute "address_prefixes" is required.

We previous had it reference a variable, as is done in the AVM lab:

module "virtual_network" {
  providers = {
    azurerm = azurerm.Identity-prod
  }
  source                        = "Azure/avm-res-network-virtualnetwork/azurerm"
  version                       = "~> 0.1"
  name                          = "vnet-${local.SERVICE_NAME_IDC}-${var.SERVICE_ENVIRONMENT}-${var.SERVICE_IDENTIFIER}"
  resource_group_name           = azurerm_resource_group.IdentityConnectivity-prod-001.name
  location                      = azurerm_resource_group.IdentityConnectivity-prod-001.location
  virtual_network_address_space = [local.virtual_network_address_space]
  subnets                       = local.subnets
}

variable "SUBNETS_AND_SIZES" {
  type        = map(number)
  description = "The size of the subnets"
  default = {
    snet-IdentityConnectivity-abc-001 = 26,
    snet-IdentityConnectivity-def-001  = 26,
  }
}

# Caluculate the CIDR for the subnets
locals {
  virtual_network_address_space = "${var.ADDRESS_SPACE_START_IP}/${var.ADDRESS_SPACE_SIZE}"
  subnet_keys                   = keys(var.SUBNETS_AND_SIZES)
  subnet_new_bits               = [for size in values(var.SUBNETS_AND_SIZES) : size - var.ADDRESS_SPACE_SIZE]
  cidr_subnets                  = cidrsubnets(local.virtual_network_address_space, local.subnet_new_bits...)

  skip_nsg = []
  subnets = { for key, value in var.SUBNETS_AND_SIZES : key => {
    name             = key
    address_prefixes = [local.cidr_subnets[index(local.subnet_keys, key)]]
    network_security_group = contains(local.skip_nsg, key) ? null : {
      id = module.network_security_group.nsg_resource.id
    }
    }
  }
}

however, because the variable is a map, map keys are iterated in lexicographical order and therefore I if we add another subnet it may destroy an existing one in order to maintain lexicographical order. So I don't think map is the best thing to use here.

microsoft-github-policy-service[bot] commented 2 months ago

[!IMPORTANT] The "Needs: Triage :mag:" label must be removed once the triage process is complete!

[!NOTE] This label was added as per ITA06.

microsoft-github-policy-service[bot] commented 2 months ago

[!NOTE] The "Type: Bug :bug:" label was added as per ITA21.

microsoft-github-policy-service[bot] commented 2 months ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 2 months ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 2 months ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

microsoft-github-policy-service[bot] commented 2 months ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 2 months ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-terraform) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.

To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!

[!NOTE] This message was posted as per ITA01TF.

microsoft-github-policy-service[bot] commented 1 month ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-terraform) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!

Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.

[!NOTE] This message was posted as per ITA02TF.

jaredfholgate commented 1 month ago

Hopefully this is resolved in v0.2.0, but please re-open if not.

Azure / terraform-azurerm-avm-res-network-virtualnetwork