Hello
Deploying private link on CosmosDB with a failover
When deploying private link I need to provide an A record, one usually use this kind of code:
resource “azurerm_private_dns_a_record” “a_record” {
records = [azurerm_private_endpoint.pe.private_service_connection[0].private_ip_address]…
}
I deploy on westeurope with a failover on northeurope.
Cosmosdb needs two more records, one for each region where cosmosdb is deployed:
https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-configure-private-endpoints?tabs=arm-bicep
So my issue is to fetch the private failover IP.
azurerm_private_endpoint.pe.custom_dns_configs display the values I need, so I tested:
resource “azurerm_private_dns_a_record” “a_record” {
for_each = azurerm_private_endpoint.pe.custom_dns_configs
name = each.value.fqdn
records = each.value.ip_addresses…
}
But it does not work because is evaluate on apply and not available at plan:
The “for_each” map includes keys derived from resource attributes that
│ cannot be determined until apply, and so Terraform cannot determine the
│ full set of keys that will identify the instances of this resource.
│
│ When working with unknown values in for_each, it’s better to define the map
│ keys statically in your configuration and place apply-time results only in
│ the map values.
│
│ Alternatively, you could use the -target planning option to first apply
│ only the resources that the for_each value depends on, and then apply a
│ second time to fully converge
So is there any way to solve this issue?
Thank you