Open hsteckylf opened 1 year ago
Hi @hsteckylf
Thanks for raising this issue. I see that there is slight confusion in how a certificate gets used in NGINXaaS for Azure. We allow users to reference a certificate object in the argument key_vault_secret_id
. Can you please try the following example:
resource "azurerm_nginx_certificate" "example" {
name = var.name
nginx_deployment_id = azurerm_nginx_deployment.example.id
key_virtual_path = "/etc/nginx/ssl/test.key"
certificate_virtual_path = "/etc/nginx/ssl/test.crt"
key_vault_secret_id = azurerm_key_vault_certificate.example.secret_id
}
The example shows you that a deployment is referencing the secret ID of the corresponding certificate object. Please reach out if you see any issues in running the above example.
Is there an existing issue for this?
Community Note
Description
The azurerm_nginx_certificate resource requires a
key_vault_secret_id
. Azure has deprecated the support for storing TLS certificates as a Key VaultSecret
as there is now a dedicated Key VaultCertificate
object.The Azure NGINXaaS implementation has been updated to require Azure Key Vault Certificates but this provider's
azurerm_nginx_certificate
module has not. This breaks the ability to deploy NGINXaaS with a certificate using this provider.New or Affected Resource(s)/Data Source(s)
azurerm_nginx_certificate
Potential Terraform Configuration
References
No response