Fix handling of creating an Access Policy for a non-existent Key Vault #2922
Commits on Feb 20, 2019
-
Add acctest for Key Vault Policy with bad Vault ID
This commit adds an acceptance test reproducing the scenario of attempting to create an `azurerm_key_vault_access_policy` resource when specifying the ID of a Key Vault which does not exist, but is in the correct URI-path-style format. It generates these by appending the string "NOPE" to the ID of a valid Key Vault (which the tests creates), but could equally truncate the name (which is how this was encountered in the first place). Applying this particular configuration, I expect an error - probably of the form "Error retrieving Key Vault" (but the exact text is arbitrary). Instead, we see that no error is produced. If this scenario is run via the CLI, the CLI marks the resource as successfully created, but no state is created for it.
Commits on Feb 21, 2019
-
Remove key vault policy from state iff it existed
This fixes the test added in the previous commit, while retaining the ability to reflect access policy deletion by deleting the key vault itself.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.