An error occurs when i try to use a custom service account on slo sub-module

Question

An error occurs when i try to use a custom service account on slo sub-module

bkamin29 opened this issue 5 years ago · 5 comments

Hello,
If i try to use a custom service account on the SLO sub-module, i get this error :

Error: Invalid count argument

  on .terraform/modules/slo_generator.slo-hp-fr-quality/modules/slo/iam.tf line 18, in resource "google_service_account" "main":
  18:   count        = var.service_account_email != "" ? 0 : 1

The "count" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the count depends on.

My Terraform déclaration is :

module "slo-hp-fr-quality" {
  #source                = "github.com/terraform-google-modules/terraform-google-slo//modules/slo?ref=d09d7550aef2748000603b5e52551bbaab59f4d2"
  source                = "github.com/terraform-google-modules/terraform-google-slo//modules/slo?ref=b9862d0a22bb7e2a6adaf3e8b4b6173b08d995ea"
  region                = var.region
  project_id            = var.project_id
  service_account_email = "${google_service_account.slo_computations.email}"
  error_budget_policy   = var.error_budget_policy
  config = {
    slo_name        = "quality"
    slo_target      = 0.999
    slo_description = "quality on nfs fr home page"
    service_name    = "nfs"
    feature_name    = "fr-hp"
    exporters = [{
      class      = "Pubsub"
      project_id = var.project_id
      topic_name = module.slo-pipeline.pubsub_topic_name
    }]
    backend = {
      class      = "Stackdriver"
      project_id = var.project_id
      method     = "good_bad_ratio"
      measurement = {
        "filter_good" = "project=\"${var.project_id}\" AND metric.type=\"logging.googleapis.com/user/${google_logging_metric.quality_count.name}\" AND metric.labels.country=\"fr\" AND metric.labels.status_code = 1"
        "filter_bad"  = "project=\"${var.project_id}\" AND metric.type=\"logging.googleapis.com/user/${google_logging_metric.quality_count.name}\" AND metric.labels.country=\"fr\" AND metric.labels.status_code = 0"
      }
    }
  }
}

Answer 1 · 2020-02-06T16:48:24.000Z

@ocervell Can you help here?

Answer 2 · 2020-02-12T00:02:41.000Z

Ah, yeah ... Needs to be hardcoded currently, we can't pass it as a dynamic value. @morgante any idea on why this count fails: count = var.service_account_email != "" ? 0 : 1

Answer 3 · 2020-02-12T21:10:34.000Z

Putting anything dynamic in a count (including service_account_email) will cause it to fail.

Answer 4 · 2020-02-24T17:15:18.000Z

A solution could be stop to use local.service_account_email, and so use a if statement instead (var.service_account_email != "" ? var.service_account_email : google_service_account.main[0].email)

Answer 5 · 2020-05-11T13:34:00.000Z

Fixed by #19 - will close once its merged and verified.