Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Iterative plan and apply #35741

Closed
JonathonAnderson opened this issue Sep 17, 2024 · 2 comments
Closed

Iterative plan and apply #35741

JonathonAnderson opened this issue Sep 17, 2024 · 2 comments
Labels
duplicate issue closed because another issue already tracks this problem enhancement

Comments

@JonathonAnderson
Copy link

Terraform Version

Terraform v1.9.5
on windows_amd64

Use Cases

Iterating over a resource using a for_each loop, but the set to be iterated over is not known until after apply.

In the case below, the identity attribute of azurerm_windows_function_app is an array of identity objects and the number of items in the array is not known until after apply.

resource azurerm_windows_function_app app {
  name                = var.function-app.name
  location            = var.app-service-plan.location
  service_plan_id     = var.app-service-plan.id
  resource_group_name = var.resource-group.name

  storage_account_name = azurerm_storage_account.storage.name
  storage_uses_managed_identity = true

  app_settings = merge(local.app-settings)


  site_config {
    always_on = contains(["Free", "F1", "D1"], var.app-service-plan.sku_name) ? false : null
  }
}

resource azurerm_key_vault_access_policy app {
  for_each = { for index, identity in azurerm_windows_function_app.app.identity :
                format("%s::%d", var.function-app.name, index) => identity }

  key_vault_id = azurerm_key_vault.vault.id
  tenant_id    = data.azuread_client_config.current.tenant_id
  object_id    = each.value.principal_id

  certificate_permissions = [ "Get" ]
  key_permissions         = [ "Get" ]
  secret_permissions      = [ "Get" ]
  storage_permissions     = [ "Get" ]
}

Attempted Solutions

The proposed solution from the command line output is to use --target to apply the function app resource first and then apply the remaining resources. This works but is not scalable.

Every other solution I've tried resolves back to the same error

Proposal

Implement a method to allow resources to be planned and applied after the initial apply, potentially iterating multiple times if needed. This could be done at the level of Terraform itself, the provider, or most likely the resource as a lifecycle argument.

lifecycle {
  plan_after_apply = true
}

References

No response
@JonathonAnderson JonathonAnderson added enhancement new new issue not yet triaged labels Sep 17, 2024
@jbardin
Copy link
Member

jbardin commented Sep 17, 2024

Duplicate of #30937

@jbardin jbardin marked this as a duplicate of #30937 Sep 17, 2024
@jbardin jbardin closed this as completed Sep 17, 2024
@crw crw added duplicate issue closed because another issue already tracks this problem and removed new new issue not yet triaged labels Sep 17, 2024
@github-actions GitHub Actions
Copy link
Contributor

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
duplicate issue closed because another issue already tracks this problem enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jbardin @crw @JonathonAnderson