fix: fix issue that was causing secrets manager managed service credential re-creation<br><br>NOTE: When upgrading from previous version, you will see the following destroy and re-create, however there is no impact to any deployed infrastructure: (#346)

vkuma17 · web-flow · commit 1010aa9ad238 · 2025-10-13T10:34:41.000+01:00
diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf
@@ -349,6 +349,10 @@ resource "time_sleep" "wait_for_mysql_authorization_policy" {
   count           = local.create_secrets_manager_auth_policy
   depends_on      = [ibm_iam_authorization_policy.secrets_manager_key_manager]
   create_duration = "30s"
+  triggers = {
+    secrets_manager_region = local.existing_secrets_manager_instance_region
+    secrets_manager_guid   = local.existing_secrets_manager_instance_guid
+  }
 }
 
 locals {
@@ -394,12 +398,12 @@ locals {
 }
 
 module "secrets_manager_service_credentials" {
-  count                       = length(local.service_credential_secrets) > 0 ? 1 : 0
-  depends_on                  = [time_sleep.wait_for_mysql_authorization_policy]
-  source                      = "terraform-ibm-modules/secrets-manager/ibm//modules/secrets"
-  version                     = "2.9.1"
-  existing_sm_instance_guid   = local.existing_secrets_manager_instance_guid
-  existing_sm_instance_region = local.existing_secrets_manager_instance_region
+  count   = length(local.service_credential_secrets) > 0 ? 1 : 0
+  source  = "terraform-ibm-modules/secrets-manager/ibm//modules/secrets"
+  version = "2.9.1"
+  # converted into implicit dependency and removed explicit depends_on time_sleep.wait_for_mysql_authorization_policy for this module because of issue https://github.com/terraform-ibm-modules/terraform-ibm-icd-redis/issues/608
+  existing_sm_instance_guid   = local.create_secrets_manager_auth_policy > 0 ? time_sleep.wait_for_mysql_authorization_policy[0].triggers["secrets_manager_guid"] : local.existing_secrets_manager_instance_guid
+  existing_sm_instance_region = local.create_secrets_manager_auth_policy > 0 ? time_sleep.wait_for_mysql_authorization_policy[0].triggers["secrets_manager_region"] : local.existing_secrets_manager_instance_region
   endpoint_type               = var.existing_secrets_manager_endpoint_type
   secrets                     = local.secrets
 }
