I’m trying to grant access to a keyvault for the newly created data factory. To achieve this I had following code …
module "subscription" {
source = "../../general/subscription_getdetails"
}
module "df_resourcegroup" {
source = "../../general/rg_getdetails"
rg_name_solution = var.df_rg_name_solution
rg_name_seqnr = var.df_rg_name_seqnr
}
module "location" {
source = "../../general/location/location_getdetails"
location_name = var.df_location_name
location_tier = var.df_location_tier
}
module "keyvault" {
source = "../../security/kv_getdetails"
kv_name_solution = var.kv_name_solution
kv_name_seqnr = var.kv_name_seqnr
kv_name_purpose = var.kv_name_purpose
kv_location_name = var.kv_location_name
kv_location_tier = var.kv_location_tier
kv_rg_name_solution = var.kv_rg_name_solution
kv_rg_name_seqnr = var.kv_rg_name_seqnr
}
resource "azurerm_data_factory" "df" {
name = "adf-${module.df_resourcegroup.sitecode}-${module.subscription.environment}-${var.df_name_dataset}-${var.df_name_seqnr}"
location = module.location.azure
resource_group_name = module.df_resourcegroup.rg.name
public_network_enabled = var.df_allow_public_access
}
resource "azurerm_key_vault_access_policy" "df_grant_keyvault_read" {
key_vault_id = module.keyvault.kv.id
tenant_id = azurerm_data_factory.df.identity[0].tenant_id
object_id = azurerm_data_factory.df.identity[0].principal_id
key_permissions = [
"Get",
]
secret_permissions = [
"Get",
]
}
But there must be something wrong with this as I’m getting this error… (I’ve tried not to address it as a list, doesn’t work).
│ Error: Invalid index
│
│ on _modules/das/df_create/main.tf line 68, in resource "azurerm_key_vault_access_policy" "df_grant_keyvault_read":
│ 68: tenant_id = azurerm_data_factory.df.identity[0].tenant_id
│ ├────────────────
│ │ azurerm_data_factory.df.identity is empty list of object
│
│ The given key does not identify an element in this collection value.