fix: fix issue that was causing secrets manager managed service credential re-creation<br><br>NOTE: When upgrading from previous version, you will see time_sleep resource getting recreated. This doesn't destroy any actual infrastructure and is an expected change.(#732)

vkuma17 · web-flow · commit 6b18dfc885bd · 2025-10-13T10:32:16.000+01:00
diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf
@@ -350,6 +350,10 @@ resource "time_sleep" "wait_for_postgresql_authorization_policy" {
   count           = local.create_secrets_manager_auth_policy
   depends_on      = [ibm_iam_authorization_policy.secrets_manager_key_manager]
   create_duration = "30s"
+  triggers = {
+    secrets_manager_region = local.existing_secrets_manager_instance_region
+    secrets_manager_guid   = local.existing_secrets_manager_instance_guid
+  }
 }
 
 locals {
@@ -395,12 +399,12 @@ locals {
 }
 
 module "secrets_manager_service_credentials" {
-  count                       = length(local.service_credential_secrets) > 0 ? 1 : 0
-  depends_on                  = [time_sleep.wait_for_postgresql_authorization_policy]
-  source                      = "terraform-ibm-modules/secrets-manager/ibm//modules/secrets"
-  version                     = "2.10.2"
-  existing_sm_instance_guid   = local.existing_secrets_manager_instance_guid
-  existing_sm_instance_region = local.existing_secrets_manager_instance_region
+  count   = length(local.service_credential_secrets) > 0 ? 1 : 0
+  source  = "terraform-ibm-modules/secrets-manager/ibm//modules/secrets"
+  version = "2.10.2"
+  # converted into implicit dependency and removed explicit depends_on time_sleep.wait_for_postgresql_authorization_policy for this module because of issue https://github.com/terraform-ibm-modules/terraform-ibm-icd-redis/issues/608
+  existing_sm_instance_guid   = local.create_secrets_manager_auth_policy > 0 ? time_sleep.wait_for_postgresql_authorization_policy[0].triggers["secrets_manager_guid"] : local.existing_secrets_manager_instance_guid
+  existing_sm_instance_region = local.create_secrets_manager_auth_policy > 0 ? time_sleep.wait_for_postgresql_authorization_policy[0].triggers["secrets_manager_region"] : local.existing_secrets_manager_instance_region
   endpoint_type               = var.existing_secrets_manager_endpoint_type
   secrets                     = local.secrets
 }
