KMS KeyRing Issues
msampathkumar opened this issue · comments
Sampath Kumar commented
TL;DR
For google_kms_key_ring resources are failing CICD tests, when its name is not unique.
For example:
resource "google_kms_key_ring" "keyring" {
name = "keyring-name"
location = "us-central1"
}
will fail a CICD tests, just as found at #503 (comment) with KMS error: keyring-name already exists
During the CICD, a keyring is created and deleted multiple times. When a resource is archived or reserved this error can be expected.
Expected behavior
Two way this issue can be fixed
-
Using a random prefix or suffix
resource "random_id" "default" { byte_length = 8 } resource "google_kms_key_ring" "keyring" { name = "keyring-name-${random_id.default.hex}" location = "us-central1" }
-
Skipping CICD tests
Files to update
- https://github.com/terraform-google-modules/terraform-docs-samples/blob/main/cloud_sql/instance_cmek/main.tf#L25
- https://github.com/terraform-google-modules/terraform-docs-samples/blob/main/looker/looker_instance_enterprise_full/main.tf#L70
- https://github.com/terraform-google-modules/terraform-docs-samples/blob/main/cloud_sql/postgres_instance_cmek/main.tf#L25
- https://github.com/terraform-google-modules/terraform-docs-samples/blob/main/cloud_sql/mysql_instance_cmek/main.tf#L25
- https://github.com/terraform-google-modules/terraform-docs-samples/blob/main/cloud_sql/sqlserver_instance_cmek/main.tf#L25
Observed behavior
No response
Terraform Configuration
NA
Terraform Version
NA
Additional information
No response