Keyvault contact cannot be specified when public_network_access_enabled is set to false error in azurerm V3.93.0

[A1lard]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

3.209.24

AzureRM Provider Version

3.93.0

Affected Resource(s)/Data Source(s)

Keyvault

Terraform Configuration Files

esource "azurerm_key_vault" "example" {
  name                        = "examplekeyvault"
  location                    = azurerm_resource_group.example.location
  resource_group_name         = azurerm_resource_group.example.name
  enabled_for_disk_encryption = true
  tenant_id                   = data.azurerm_client_config.current.tenant_id
  soft_delete_retention_days  = 7
  purge_protection_enabled    = false

 contact {
    email = "***"
    name  = "***"
    phone = "***"
  } 

  sku_name = "standard"

  access_policy {
    tenant_id = data.azurerm_client_config.current.tenant_id
    object_id = data.azurerm_client_config.current.object_id

    key_permissions = [
      "Get",
    ]

    secret_permissions = [
      "Get",
    ]

    storage_permissions = [
      "Get",
    ]
  }
}

Debug Output/Panic Output

Error: `contact` cannot be specified when `public_network_access_enabled` is set to `false`

Expected Behaviour

In azurerm version v3.92.0 it isn't an issue that the public network access is set to false. We can't set this setting to true but we also need to get notified when there is news about the certificates.

Actual Behaviour

Error: contact cannot be specified when public_network_access_enabled is set to false

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[magodo]

Ping @tombuildsstuff, #23823 seems restricts the use of contact (requires data plane access) only when public_network_access_enabled is true (data plane is accessable in public). This is not always the case as if the PE is correctly setup, the data plane is accessable even if public_network_access_enabled is false (just as this issue reported).

[magodo]

@A1lard Would you please check whether following the document added in #25068 can resolve your issue?

[A1lard]

@magodo
It did not fix my issue. The contacts property is now removed from this resource and we'll keep it that way.
So for me this isn't an issue anymore.

[magodo]

@A1lard The document does say that since v3.93.0, if the public_network_access_enabled = false, then you'll have to remove the contact. Can I confirm what you did aligns the document, and the issue then is resolved?

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.