[Bug]: ##[error]provider "registry.terraform.io/hashicorp/vault" produced an unexpected new value: Root resource was present, but now absent.[Bug]: #2161
We are expecting to offboard the static role of LDAP static role
"Apply complete! Resources: 0 added, 0 changed, 1 destroyed."
Actual Behavior
We can offboard but when we try to deboard the static role using pipeline we can't offboard it after removing to our tfvars.json file.
"Apply complete! Resources: 0 added, 0 changed, 0 destroyed."
variables.tf
variable "Hashi_LDAPSSE_Roles" {
description = "Data From aggregated ldap static roles data, this schema should match the JSON hashi adse roles file."
type = map(object(
{
appid_email: string,
appid: string,
role_name: string,
environment: string,
airid: string,
dname: string,
domain: string,
ldap_secret_engine_path: string
}
))
}
variable "ldap_secret_engine_path" {
description = "(Required, Forces new resource) Path where the AD Secrets Engine is mounted"
type = string
sensitive = true
}
variable "token_ttl"{
description = " (Optional) The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time."
type = string
default = 75*86400
}
variable "token_max_ttl"{
description = "(Optional) The maximum lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time."
type = string
default = "8640000"
}
variable "vault_url" {
description = "URL of vault server to use, this needs to match Azure Devops hashiVaultEnv in the pipelines.yaml file."
type = string
default = "https://xxxxxxxxxxx.com/"
}
Steps to Reproduce
Pipeline in YAML to aggregate data into tfvars.json file and perform terraform apply.
run pipeline to deboard account.
Terraform Core Version
1.7.3
Terraform Vault Provider Version
3.25.0
Vault Server Version
1.15.3
Affected Resource(s)
No response
Expected Behavior
We are expecting to offboard the static role of LDAP static role "Apply complete! Resources: 0 added, 0 changed, 1 destroyed."
Actual Behavior
We can offboard but when we try to deboard the static role using pipeline we can't offboard it after removing to our tfvars.json file. "Apply complete! Resources: 0 added, 0 changed, 0 destroyed."
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
main.tf resource "vault_ldap_secret_backend_static_role" "role" { for_each = var.Hashi_LDAPSSE_Roles mount = each.value.ldap_secret_engine_path username = each.value.appid dn = each.value.dname role_name = each.value.role_name #"${each.value.role_name}" rotation_period = var.token_ttl }
providers.tf terraform { backend "azurerm" {} required_providers { vault = { source = "hashicorp/vault" version = "3.25.0" } } }
provider "vault" {
Configuration options address = var.vault_url }
variables.tf variable "Hashi_LDAPSSE_Roles" { description = "Data From aggregated ldap static roles data, this schema should match the JSON hashi adse roles file." type = map(object( { appid_email: string, appid: string, role_name: string, environment: string, airid: string, dname: string, domain: string, ldap_secret_engine_path: string } )) }
variable "ldap_secret_engine_path" { description = "(Required, Forces new resource) Path where the AD Secrets Engine is mounted" type = string sensitive = true } variable "token_ttl"{ description = " (Optional) The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time." type = string default = 75*86400 }
variable "token_max_ttl"{ description = "(Optional) The maximum lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time." type = string default = "8640000" }
variable "vault_url" { description = "URL of vault server to use, this needs to match Azure Devops hashiVaultEnv in the pipelines.yaml file." type = string default = "https://xxxxxxxxxxx.com/" }
Steps to Reproduce
Pipeline in YAML to aggregate data into tfvars.json file and perform terraform apply. run pipeline to deboard account.
Debug Output
DEBUG_Result.txt TRACE_Result.txt
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None