azurerm_storage_account https_traffic_only_enabled not recognized

[ralfwanninkhof]

Extension Version

v2.32.2 (also in prerelease v2.33.2024073012)

VS Code Version

Version: 1.92.0 (user setup) Commit: b1c0a14de1414fcdaa400695b4db1c0799bc3124 Date: 2024-07-31T23:26:45.634Z Electron: 30.1.2 ElectronBuildId: 9870757 Chromium: 124.0.6367.243 Node.js: 20.14.0 V8: 12.4.254.20-electron.0 OS: Windows_NT x64 10.0.22631

Operating System

Windows 11 Enterprise x64 23H2 OS build 22631.3880

Terraform Version

1.9.3

Steps to Reproduce

1) Create a storage account in your terraform files 2) let it validate 3) see error

Expected Behavior

It should validate correctly as this is the correct parameter according to the documentation

Actual Behavior

You get an Error with the following message: Unexpected attribute: An attribute named "https_traffic_only_enabled" is not expected here

Terraform Configuration

resource "azurerm_storage_account" "saAVDxxx" {
  name                            = "saavdxxx"
  resource_group_name             = azurerm_resource_group.rgAVDManagement.name
  location                        = azurerm_resource_group.rgAVDManagement.location
  account_tier                    = "Premium"
  account_replication_type        = "ZRS"
  account_kind                    = "FileStorage"
  https_traffic_only_enabled      = true
  allow_nested_items_to_be_public = false
  shared_access_key_enabled       = true
  public_network_access_enabled   = true
  min_tls_version                 = "TLS1_2"
  azure_files_authentication {
    directory_type = "AADKERB"
  }
}

Project Structure

No response

Gist

No response

Anything Else?

No response

Workarounds

No response

References

No response

Help Wanted

• [ ] I'm interested in contributing a fix myself

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[jnesta-lh]

For me, this error only occurs inside VSCode. When I invoke terraform init && terraform validate from the CLI, it passes without error.

Is there a standard operating procedure for debugging this kind of thing? Is my VSCode not using the latest version of the AzureRM provider? How would I even verify this?

[ansgarm]

Hi @ralfwanninkhof @jnesta-lh 👋

Thank you for raising this! The attribute https_traffic_only_enabled was only added in the latest version (3.114.0) of the AzureRM provider. If there is no .terraform directory / no lockfile, the extension will use a bundled schema and in the case of v2.32.2 that schema does not yet include that new attribute.

I was able to reproduce the issue with v2.32.2, however, after running terraform init and reloading the VS Code window, the error disappeared:

Usually it should pick that up without the need for a manual reload of the window, so that's definitely something we should look into.

Could you run terraform init and try reloading the window? Does the error still happen?

Is there a standard operating procedure for debugging this kind of thing? Is my VSCode not using the latest version of the AzureRM provider? How would I even verify this?

One (a bit tedious) way to debug this is to look into the output of the Terraform extension ("HashiCorp Terraform"). In my case that yielded (before reloading)

preloaded schema for registry.terraform.io/hashicorp/azurerm 3.113.0 in 97.738209ms

and (after running init)

"installed_providers":{"registry.terraform.io/hashicorp/azurerm":"3.114.0"}

However, that still doesn't tell you which one is used 😅

[jnesta-lh]

@ansgarm Thank you very much for your detailed response.

Could you run terraform init and try reloading the window?

Yes, as I said previously, I already have done terraform init in my module folder, and terraform validate passes without error. However, the error persists in my VSCode window, even after closing and re-opening VSCode.

One (a bit tedious) way to debug this is to look into the output of the Terraform extension ("HashiCorp Terraform"). In my case that yielded (before reloading)

I looked in my output and I see the following:

2024/08/09 08:56:33 schema.go:192: preloaded schema for registry.terraform.io/hashicorp/azurerm 3.113.0 in 218.8987ms

So I guess that confirms that VSCode is using the older version of the provider. I grepped for a "installed_providers" line in the output, but there is none. Thus, I conclude that the VSCode extension is not properly picking up the ".terraform" directory on my disk. Can you walk me through the steps to troubleshoot this?

Is it a requirement of the extension that the ".terraform" directory is at the root of the project? I have many Terraform modules inside of my git repo, and thus have many different ".terraform" directories for each one, so the extension would have to be smart enough to use the closest ".terraform" directory to the particular file that is being opened in VSCode.

[ralfwanninkhof]

Hi @ralfwanninkhof @jnesta-lh 👋

Thank you for raising this! The attribute https_traffic_only_enabled was only added in the latest version (3.114.0) of the AzureRM provider. If there is no .terraform directory / no lockfile, the extension will use a bundled schema and in the case of v2.32.2 that schema does not yet include that new attribute.

I was able to reproduce the issue with v2.32.2, however, after running terraform init and reloading the VS Code window, the error disappeared:

Usually it should pick that up without the need for a manual reload of the window, so that's definitely something we should look into.

Could you run terraform init and try reloading the window? Does the error still happen?

Is there a standard operating procedure for debugging this kind of thing? Is my VSCode not using the latest version of the AzureRM provider? How would I even verify this?

One (a bit tedious) way to debug this is to look into the output of the Terraform extension ("HashiCorp Terraform"). In my case that yielded (before reloading)

preloaded schema for registry.terraform.io/hashicorp/azurerm 3.113.0 in 97.738209ms

and (after running init)

"installed_providers":{"registry.terraform.io/hashicorp/azurerm":"3.114.0"}

However, that still doesn't tell you which one is used 😅

Thanks, the issue for me is than that the buildin provider hasn't ben updated, as i only produce code locally, the init is not local. I just need to be patient for an update then ;-) or is it possible to manually update the definitions?