[bug] Changing Regions causes Diagnostic Module to fail
DevopsMercenary opened this issue · comments
Describe the bug
I get this error
│ Error: Error in function call
│
│ on /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf line 26, in resource "azurerm_monitor_diagnostic_setting" "diagnostics":
│ 26: storage_account_id = contains(try([tostring(each.value.destination_type)], tolist(each.value.destination_type)), "storage") ? try(var.diagnostics.diagnostics_destinations.storage[each.value.destination_key][var.resource_location].storage_account_resource_id, var.diagnostics.storage_accounts[var.diagnostics.diagnostics_destinations.storage[each.value.destination_key][var.resource_location].storage_account_key].id) : null
│ ├────────────────
│ │ while calling try(expressions...)
│ │ each.value.destination_key is "all_regions"
│ │ var.diagnostics.diagnostics_destinations.storage is object with 1 attribute "all_regions"
│ │ var.diagnostics.storage_accounts is object with 6 attributes
│ │ var.resource_location is "eastus"
│
│ Call to function "try" failed: no expression succeeded:
│ - Invalid index (at /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf:26,209-232)
│ The given key does not identify an element in this collection value.
│ - Invalid index (at /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf:26,371-394)
│ The given key does not identify an element in this collection value.
│
│ At least one expression must produce a successful result.
╵
To Reproduce
In MacOS Bash window
git clone git@github.com:Azure/caf-terraform-landingzones.git
cd caf-terraform-landingzones
docker run -it -v .:/tf/caf aztfmod/rover:1.8.1-2404.2314
# Resolve Error `fatal: detected dubious ownership in repository at '/tf/caf'`
vscode@af2f3729e3ec:/tf/caf$ git config --global --add safe.directory /tf/caf
# Resolve Error `The running version {...}does not match the required version`
vscode@af2f3729e3ec:/tf/caf$ export ROVER_RUNNER=true
vscode@af2f3729e3ec:/tf/caf$ rover login
vscode@af2f3729e3ec:/tf/caf$ az account set -s operations-caf
# Apply the 200 Level Example
vscode@af2f3729e3ec:/tf/caf$ rover -lz /tf/caf/caf_launchpad -launchpad -var-folder /tf/caf/caf_launchpad/scenario/200 -parallelism=30 -a apply
Expected behavior
I expect the plan to come up and be applied
Configuration (please complete the following information):
- Mac M1 Pro, MacOS 14.4.1
- Version of the rover: rover:1.8.1-2404.2314
- Version of the landing zone: commit a2d3cb5 what
mainHEAD is pointing to today
Additional context
I'm in the United States. The default regions are Australia.
I changed: caf_launchpad/scenario/200/configuration.tfvars
from
regions = {
region1 = "australiaeast"
region2 = "australiacentral"
}
TO
regions = {
region1 = "eastus"
region2 = "eastus2"
}
and now I get the error as I documented above
Commenting out the diagnostics map in caf_launchpad/landingzone.tf prevents the error
After some digging, I found this...
in caf_launchpad/scenario/200/diagnostics_destinations.tfvars
diagnostics_destinations = {
# Storage keys must reference the azure region name
# For storage, reference "all_regions" and we will send the logs to the storage account
# in the region of the deployment
storage = {
all_regions = {
australiaeast = {
storage_account_key = "diagsiem_region1"
}
australiacentral = {
storage_account_key = "diagsiem_region2"
}
}
}
Changing to the following fixed the issue
diagnostics_destinations = {
# Storage keys must reference the azure region name
# For storage, reference "all_regions" and we will send the logs to the storage account
# in the region of the deployment
storage = {
all_regions = {
eastus = {
storage_account_key = "diagsiem_region1"
}
eastus2 = {
storage_account_key = "diagsiem_region2"
}
}
}