[Bug]: Azure access credentials marked environment as optional, but errors out unless specified

[TheLonelyGhost]

Terraform Core Version

1.5.3

Terraform Vault Provider Version

4.0.0

Vault Server Version

1.15.4

Affected Resource(s)

• vault/data_source_azure_access_credentials.go

Expected Behavior

Not specifying the environment attribute will default to the behavior on the Vault server.

Actual Behavior

Not specifying the environment attribute throws an error about "" not being a valid cloud provider.

Relevant Error/Panic Output Snippet

Error: unsupported Azure cloud name ""
with data.vault_azure_access_credentials.creds
on provider.tf line 57, in data "vault_azure_access_credentials" "creds":
data "vault_azure_access_credentials" "creds" {

Terraform Configuration Files

terraform {
  required_providers {
    vault = {
      source  = "hashicorp/vault"
      version = "4.0.0"
    }
    azurerm = {
      source = "hashicorp/azurerm"
    }
  }
}

variable "SUBSCRIPTION_ID" {
  type = string
}

variable "TENANT_ID" {
  type = string
}

provider "vault" {}

provider "azurerm" {
  features {}
  subscription_id = var.SUBSCRIPTION_ID
  tenant_id       = var.TENANT_ID
  client_id       = data.vault_azure_access_credentials.creds.client_id
  client_secret   = data.vault_azure_access_credentials.creds.client_secret
}

data "vault_azure_access_credentials" "creds" {
  backend                     = "azure/nonprod"
  role                        = "admin"
  validate_creds              = true
  num_sequential_successes    = 8
  num_seconds_between_tests   = 1
  max_cred_validation_seconds = 300
}

Steps to Reproduce

With Azure secrets engine configured to serve credentials at the path configured in the sample TF configs, run terraform init and terraform plan.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

• https://registry.terraform.io/providers/hashicorp/vault/3.25.0/docs/data-sources/azure_access_credentials#environment
• https://registry.terraform.io/providers/hashicorp/vault/4.0.0/docs/data-sources/azure_access_credentials#environment

Would you like to implement a fix?

Yes