[AVM Module Issue]: principal_type seems to give issues without using it

[pieter-jangoeman]

Check for previous/existing GitHub issues

• I have checked for previous/existing GitHub issues

Issue Type?

Bug

(Optional) Module Version

0.9.1

(Optional) Correlation Id

No response

Description

I'm not using a principal_type anywhere, but still get this error:

Error: Value for unconfigurable attribute

with module.avm-res-keyvault-vault.azurerm_role_assignment.this,
on .terraform/modules/avm-res-keyvault-vault/main.tf line 45, in resource "azurerm_role_assignment" "this":
45: principal_type = each.value.principal_type

Can't configure a value for "principal_type": its value will be decided
automatically based on the result of applying this configuration.

[matt-FFFFFF]

Hi @pieter-jangoeman

What module and provider version are you using please

[matt-FFFFFF]

#rr

[pieter-jangoeman]

Hi Matt, for the module it's version 0.9.1, and for azurerm version 3.83.0 Op do 19 sep 2024 om 08:36 schreef Matt White ***@***.***>:

…

#rr — Reply to this email directly, view it on GitHub <#155 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACFG76FKDF6Y3OFTUY4ETH3ZXJWF3AVCNFSM6AAAAABNUOAM6SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNRQGEYDSOBTGE> . You are receiving this because you were mentioned.Message ID: <Azure/terraform-azurerm-avm-res-keyvault-vault/issues/155/2360109831@ github.com>

[nickmladenov]

I've encountered the same issue when using the latest module version (0.9.1) on Terraform v1.9.3 with an azurerm provider version set to 3.75.0.

I didn't have any issues with the module in prior versions (0.7.1) running against Terraform v1.8.5 with an azurerm provider version set to 3.111.0.

We've been forced to bump up this AVM version to the latest (0.9.1) due Terraform version pinning inside of your terraform.tf required versions configuration; instead of using ~> can we change the version constraint to something along the lines of >= 1.8, < 2.0 where 1.8 can be substituted with the minimum supported version of Terraform based on this modules feature usage for improving the backwards compatibility?

[nickmladenov]

@pieter-jangoeman You can fix the issue by upgrading your hashicorp/azurerm provider version to 3.87.0 or higher.

@matt-FFFFFF Is it possible for you to change the azurerm provider version in this AVM to be >= 3.87 instead of >= 3.71 as it currently is now; similarly for each of the sub-modules key and secret as they also have this minimum version pinned.

Looking through the official provider release notes the azurerm_role_assignment resource only got introduced support for the principal_type property in release v3.87.0.

I would raise a pull request for this but as I've tried with other AVM's it's not open to public contribution. I don't have sufficient permissions on my account to create or push a new branch into the remote repository and raise a pull request containing a fix to prevent other users encountering this issue.

[matt-FFFFFF]

Hi there @nickmladenov

Thanks for pointing this out! We can make the change.

We absolutely do accept and welcome PRs so ping me if you are struggling. The process is to fork the repo and Then make the changes before opening a PR into this repo.