You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Command failure.
Error: Provider produced inconsistent final plan
When expanding the plan for azurerm_application_gateway.appgateway to include
new values learned so far during apply, provider
"registry.terraform.io/hashicorp/azurerm" produced an invalid new value for
.ssl_certificate: planned set element
cty.ObjectVal(map[string]cty.Value{"data":cty.StringVal(""),
"id":cty.UnknownVal(cty.String),
"key_vault_secret_id":cty.UnknownVal(cty.String),
"name":cty.StringVal("essdemo"), "password":cty.StringVal(""),
"public_cert_data":cty.UnknownVal(cty.String)}) does not correlate with any
element in actual.
This is a bug in the provider, which should be reported in the provider's ownissue tracker.Command failure. Error: Provider produced inconsistent final planWhen expanding the plan for azurerm_application_gateway.appgateway to includenew values learned so far during apply, provider"registry.terraform.io/hashicorp/azurerm" produced an invalid new value for.ssl_certificate: planned set elementcty.ObjectVal(map[string]cty.Value{"data":cty.StringVal(""),"id":cty.UnknownVal(cty.String),"key_vault_secret_id":cty.UnknownVal(cty.String),"name":cty.StringVal("essdemo"), "password":cty.StringVal(""),"public_cert_data":cty.UnknownVal(cty.String)}) does not correlate with anyelement in actual.This is a bug in the provider, which should be reported in the provider's own
issue tracker.
Expected Behaviour
Should have updated the application gateway based on the listener configuration, reading the certs from the key vault.
Actual Behaviour
Gives an error as indicated in the output. Interestingly, if the SSL certificates in the Azure key vault are just updated with new version (uploading the old certificate itself), the error goes away.
Steps to Reproduce
Entry criteria - Azure Application Gateway is deployed via terraform with just one customer name. At this time, there is one listener, mapped to SSL certificate reading from the key vault. No issue till this step. TF runs and updates the App gateway appropriately.
Add another customer to the var.deployed_customer_names, ensuring that the key vault also has the certificate for this new customer. If you run terraform now, it errors out stating that TF generated inconsistent plan. What should have happened is that the previous listener should have been kept on the gateway (since there are no changes) and the new listener should have been added. However, what happens is that TF somehow generates invalid values or plan and errors out.
Important Factoids
Azure running in East US Region.
References
No response
The text was updated successfully, but these errors were encountered:
Is there an existing issue for this?
Community Note
Terraform Version
Terraform v1.7.3 on linux_amd64
AzureRM Provider Version
3.46.0
Affected Resource(s)/Data Source(s)
azurerm_application_gateway
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Should have updated the application gateway based on the listener configuration, reading the certs from the key vault.
Actual Behaviour
Gives an error as indicated in the output. Interestingly, if the SSL certificates in the Azure key vault are just updated with new version (uploading the old certificate itself), the error goes away.
Steps to Reproduce
Entry criteria - Azure Application Gateway is deployed via terraform with just one customer name. At this time, there is one listener, mapped to SSL certificate reading from the key vault. No issue till this step. TF runs and updates the App gateway appropriately.
Add another customer to the var.deployed_customer_names, ensuring that the key vault also has the certificate for this new customer. If you run terraform now, it errors out stating that TF generated inconsistent plan. What should have happened is that the previous listener should have been kept on the gateway (since there are no changes) and the new listener should have been added. However, what happens is that TF somehow generates invalid values or plan and errors out.
Important Factoids
Azure running in East US Region.
References
No response
The text was updated successfully, but these errors were encountered: