Hello everybody,
I am trying to deploy an azure_key_vault_key inside an azure_key_vaul_managed_hardware_security_module but didn’t get it working.
resource “azurerm_key_vault_key” “key” {
-
name = var.key_name*
-
key_vault_id = var.key_vault_id*
-
key_type = “RSA”*
-
key_size = 4096*
-
// max. Lifespan of 4 years (~35000h)*
-
expiration_date = timeadd(timestamp(), “35000h”) *
-
key_opts = [*
-
“unwrapKey”,*
-
“wrapKey”,*
-
]*
}
terragrunt.hcl (key)
…
dependency “hsm” {
-
config_path = “…/managedHSM”*
-
mock_outputs_allowed_terraform_commands = [“validate”, “plan”]*
-
mock_outputs = {*
-
hsm_id = “/subscriptions/xyz/resourceGroups/xyz/providers/Microsoft.KeyVault/managedHsm/HSM”*
hsm_uri = “https://hsmXYZ.managedhsm.azure.net/” -
}*
*} *
inputs = {
- resource_group_name = dependency.resourcegroup.outputs.name*
- resource_group_location = dependency.resourcegroup.outputs.location*
- key_name = “hsm-test-key”*
- key_vault_id = dependency.hsm.outputs.hsm_id*
}
I have tried to use the hsm_id and hsm_uri field as key vault id.
Got two different errors:
Using hsm_id:
╷
│ Error: ID was missing the vaults element
│
│ with azurerm_key_vault_key.key,
│ on main.tf line 4, in resource “azurerm_key_vault_key” “key”:
│ 4: key_vault_id = var.key_vault_id
│
╵
ERRO[0018] Hit multiple errors:
Hit multiple errors:
exit status 1
Using hsm_uri:
╷
│ Error: The number of path segments is not divisible by 2 in “”
*│ *
│ with azurerm_key_vault_key.key,
│ on main.tf line 4, in resource “azurerm_key_vault_key” “key”:
│ 4: key_vault_id = var.key_vault_id
*│ *
╵
ERRO[0032] Hit multiple errors:
Hit multiple errors:
exit status 1
Can someone please help me ?
Best regards.