terraform-provider-azurerm: Error: Invalid index. The given key does not identify an element in this collection value.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Terraform v0.12.20

provider.azurerm v1.42.0

Affected Resource(s)

azurerm_virtual_machine
azurerm_role_assignment

Terraform Configuration Files

Initial terraform configuration (Other resources not shown here including Network interface etc). This deploys perfectly.

resource "azurerm_virtual_machine" "virtual_machine" {
  count                                 = 2
  name                                 = "${format("vm-%03d", count.index + 1)}"
  location                             = var.location
  resource_group_name    = var.rg
  network_interface_ids     = [element(azurerm_network_interface.df_network_interface.*.id, count.index)]
  vm_size                              = "Standard_B2s"
  license_type                  = "Windows_Server"

Modified TF configuration (adding ‘identity’ block and new resource for role assignment to the VM).

resource "azurerm_virtual_machine" "virtual_machine" {
  count                                 = var.VMCount
  name                                 = "${format("vm-%03d", count.index + 1)}"
  location                             = var.location
  resource_group_name    = var.rg
  network_interface_ids     = [element(azurerm_network_interface.df_network_interface.*.id, count.index)]
  vm_size                              = "Standard_B2s"
  license_type                  = "Windows_Server"
  identity {
    type = "SystemAssigned"
  }

resource "azurerm_role_assignment" "df_contributor" {
  count                = local.create_data_factory ? var.VMCount : 0
  scope                = azurerm_data_factory.factory.id
  role_definition_name = "Reader"
  principal_id         = "${azurerm_virtual_machine.virtual_machine[count.index].identity.0.principal_id}"
  depends_on           = ["azurerm_virtual_machine.virtual_machine"]
  }

Debug Output

Panic Output

Expected Behavior

The identity block for the VM should first be applied, then the Role assignment should apply.

Actual Behavior

On both plan and apply the error message (below) is returned…

Error: Invalid index

  on main.tf line 207, in resource "azurerm_role_assignment" "df_contributor":
 207:   principal_id         = "${azurerm_virtual_machine.df_virtual_machine[count.index].identity.0.principal_id}"
    |----------------
    | azurerm_virtual_machine.virtual_machine is tuple with 2 elements
    | count.index is 0

The given key does not identify an element in this collection value.

Seems to be that the ‘identity’ block for the VM is not applied before the role assignment resource is applied.

If I comment out the Role_Assignment resource, ad re-apply, then the VM is modified in place with the ‘identity’ block. If i then re-enable the ‘role_assignment’ resource and re-apply again, it’s all fine.

This seems to suggest a issue in the ordering of dependencies between the ‘identity’ block in the VM_resource and the role_assignment resource.

Steps to Reproduce

Created a terraform config for a new Azure VM resource with count attribute set. Using latest Terraform version and Azure provider.
terraform apply
Add an identity block into the azurerm_virtual_machine resource for ‘systemassigned’.
add a new resource into the terraform config to assign a role to the VM (azurerm_role_assignment). Using count and count.index to identity the correct principal IDs.
terraform apply.
Error: Invalid index

Important Factoids

References

#0000

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 17
Comments: 16 (3 by maintainers)

Most upvoted comments

Hi,

Downgrading to Terraform 12.10 from 12.24 also resolved my issue with Azurerm version 2.3.0 of trying to output the ADF principal_id: Error: Unsupported attribute in output "adf_principal_id": value = "${azurerm_data_factory.foo.identity.0.principal_id}" azurerm_data_factory.foo is empty tuple. This value does not have any attributes.

Hi, just downloaded older bin. But now I can’t use the state I have issues with.

Error refreshing state: state snapshot was created by Terraform v0.12.24, which is newer than current v0.12.10; upgrade to Terraform v0.12.24 or greater to work with this state

That’s realy annoying I even can’t destroy the resources.

AlexanderWiechert on May 4, 2020

I upgraded from Terraform 12.10 to 12.24 and got a very similar issue with an AWS stack.

 Error: Invalid index
   on alb.tf line 32, in module "redacted":
   32:   target_redacted_list           = [aws_instance.redacted[0].id, aws_instance.redacted[1].id]
     |----------------
     | aws_instance.redacted is empty tuple
 The given key does not identify an element in this collection value.
 Error: Invalid index
   on alb.tf line 32, in module "redacted":
   32:   target_redacted_list           = [aws_instance.redacted[0].id, aws_instance.redacted[1].id]
     |----------------
     | aws_instance.redacted is empty tuple
 The given key does not identify an element in this collection value.
...

Downgrading to 12.10 fixed the issue. AWS Provider version 2.55.

jgspratt on Apr 3, 2020

Just so everyone gets the notification, taylorturner was kind enough to migrate this issue for us for Terraform Core: https://github.com/hashicorp/terraform/issues/25578 . Please subscribe to it/vote for it/etc. as appropriate for your situation.

Thank you, taylorturner!

jgspratt on Jul 14, 2020

Hi @tombuildsstuff this “Taking a look into this it appears that this bug is due to the field principal_id not being returned from the Azure API - which is why this field is unset.” also seems to be the case for azurerm_function_app where azurerm_function_app.fa.identity[0].principal_id breaks when being used.

jeanpaulsmit on Mar 18, 2020