azurerm_mssql_managed_instance_transparent_data_encryption: An argument named "managed_hsm_key_id" is not expected here.

[guptaaayush8]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

10.1

AzureRM Provider Version

4.12

Affected Resource(s)/Data Source(s)

azurerm_mssql_managed_instance_transparent_data_encryption

Terraform Configuration Files

resource "azurerm_mssql_managed_instance_transparent_data_encryption" "mssql_managed_instance_transparent_data_encryption" {
  auto_rotation_enabled = true
  managed_instance_id   = ""
  #key_vault_key_id     = ""
  managed_hsm_key_id    = null
}

Debug Output/Panic Output

│ Error: Unsupported argument
│
│   on ..\main.tf line 38, in resource "azurerm_mssql_managed_instance_transparent_data_encryption" "mssql_managed_instance_transparent_data_encryption":│   38:   managed_hsm_key_id = null
│
│ An argument named "managed_hsm_key_id" is not expected here.
╵

Expected Behaviour

No response

Actual Behaviour

No response

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[sinbai]

Hi @guptaaayush8 thanks for opening this issue. Per the description of Output, we can see that managed_hsm_key_id does not support explicit null. In this case, could you please omit it completely when the variable is null, as follows:

resource "azurerm_mssql_managed_instance_transparent_data_encryption" "mssql_managed_instance_transparent_data_encryption" {
  auto_rotation_enabled = true
  managed_instance_id   = ""
  #key_vault_key_id     = ""
  managed_hsm_key_id    = var.managed_hsm_key_id != null ? var.managed_hsm_key_id : null
}

[shru0797]

Hi @sinbai, as you mentioned I tried using the above resource block but it still gives the same error.

[sinbai]

Could you please upgrade the AzureRM Provider Version to 4.17.0 or above and try again?

[shru0797]

Since we are currently on 4.12.0 azurerm provider version, can you please suggest a fix within the same version?

[sinbai]

Because the property managed_hsm_key_id is supported by Terraform in V4.17.0, if you need to use managed_hsm_key_id, the version of Terraform AzureRM Provider must be at least V4.17.0.

[shru0797]

As we want to stick to 4.12.0 version but managed_hsm_key_id attribute is still mentioned as a new attribute in 4.12.0. How do we proceed with this?
Can this attribute be ignored in the 4.12.0 version?

[sinbai]

managed_hsm_key_id = null should be removed when using v4.12.0, specifying any value for managed_hsm_key_id is not allowed in versions that do not support it.