Bug report - An argument named "synapse_workspaces" is not expected

[kevintrannz]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Version of the module you are using

5.6.5

Rover Version

No response

Terraform Version

1.3.7

AzureRM Provider Version

No response

Affected Resource(s)/Data Source(s)

azurerm_synapse

Terraform Configuration Files

global_settings = {
  default_region = "region1"
  regions = {
    region1 = "australiaeast"
  }
}

#
# Resource groups to be created
#
resource_groups = {
  dap_synapse_re1 = {
    name = "dap-synapse"
  }
}

#
# Synapse workspace settings
#
synapse_workspaces = {
  synapse_wrkspc_re1 = {
    name                    = "synapsewpc"
    resource_group_key      = "dap_synapse_re1"
    sql_administrator_login = "dbadmin"
    # sql_administrator_login_password = "<string password>"   # If not set use module autogenerate a strong password and stores it in the keyvault
    keyvault_key = "synapse_secrets"
    data_lake_filesystem = {
      storage_account_key = "synapsestorage_re1"
      container_key       = "synaspe_filesystem"
    }
    workspace_firewalls = {
      AllowAll = {
        name     = "AllowAll"
        start_ip = "0.0.0.0"
        end_ip   = "255.255.255.255"
      }
      # example of defining multiple firewall rules; although in this example, makes no sense b/c AllowAll opens to all possible IPs
      AllowSome = {
        # if name attribute is not defined here, key will be used as name ("AllowSome")
        start_ip = "0.0.0.0"
        end_ip   = "10.255.255.255"
      }
    }
  }
}

#
# Storage account settings
#
storage_accounts = {
  synapsestorage_re1 = {
    name                     = "synapsere1"
    resource_group_key       = "dap_synapse_re1"
    account_kind             = "StorageV2"
    account_tier             = "Standard"
    account_replication_type = "LRS"
    access_tier              = "Hot"
    is_hns_enabled           = true

    data_lake_filesystems = {
      synaspe_filesystem = {
        name = "synapsefilesystem"
        properties = {
          dap = "101-synapse"
        }
      }
    }
  }
}

#
# Key Vault settings
#
keyvaults = {
  synapse_secrets = {
    name                = "synapsesecrets"
    resource_group_key  = "dap_synapse_re1"
    sku_name            = "premium"
    soft_delete_enabled = true

    creation_policies = {
      logged_in_user = {
        secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"]
      }
    }

    # you can setup up to 5 profiles
    # diagnostic_profiles = {
    #   operations = {
    #     definition_key   = "default_all"
    #     destination_type = "log_analytics"
    #     destination_key  = "central_logs"
    #   }
    # }
  }
}

#
# IAM
#
role_mapping = {
  built_in_role_mapping = {
    storage_accounts = {
      synapsestorage_re1 = {
        "Storage Blob Data Contributor" = {
          synapse_workspaces = {
            keys = ["synapse_wrkspc_re1"]
          }
        }
      }
    }
  }
}

Expected Behaviour

Run tf plan successfully

Actual Behaviour

Run Terraform plan: ╷ │ Error: Unsupported argument │ │ on main.tf line 138, in module "caf": │ 138: synapse_workspaces = { │ │ An argument named "synapse_workspaces" is not expected here.

Steps to Reproduce

No response

Important Factoids

No response

References

https://github.com/aztfmod/terraform-azurerm-caf/blob/main/examples/synapse_analytics/100-synapse/configuration.tfvars

[SimonSouli]

Hello, synapse_workspaces has to be enclosed into database block. database = { synapse_workspaces = { ... } }