Topic mandatory while mentioned optional

[Yasir-Hashmi789]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "6.17.0"
}
}
}

Affected Resource(s)

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret.html#nested_replication_user_managed

In this documntation, topics is mentioned optional.b ut in my customized module, its mandatory and thrworing exception:

terraform plan
╷
│ Error: Missing required argument
│
│ with module.shared-services-secret.google_secret_manager_secret.secret,
│ on ../../../modules/custom/secret-manager/main.tf line 1, in resource "google_secret_manager_secret" "secret":
│ 1: resource "google_secret_manager_secret" "secret" {
│
│ "rotation": all of rotation,topics must be specified

Please suggest.

Terraform Configuration

resource "google_secret_manager_secret" "secret" {
secret_id = var.secret_id
project = var.project_id
provider = google
labels = var.labels
annotations = var.annotations
version_aliases = var.version_aliases
version_destroy_ttl = var.version_destroy_ttl
expire_time = var.expire_time
ttl = var.ttl

dynamic "topics" {
for_each = var.topics != null ? [var.topics] : []
content {
name = topics.value.name
}
}
replication {
dynamic "auto" {
for_each = var.replication.auto != null ? [var.replication.auto] : []
content {
customer_managed_encryption {
kms_key_name = auto.value.customer_managed_encryption.kms_key_name
}
}
}

dynamic "user_managed" {
  for_each = var.replication.user_managed != null ? [var.replication.user_managed] : []
  content {
    replicas {
      location = user_managed.value.replicas[0].location
      customer_managed_encryption {
        kms_key_name = user_managed.value.replicas[0].customer_managed_encryption.kms_key_name
      } 
    }
  }
}
}

Include rotation only if the rotation variable is provided

dynamic "rotation" {
for_each = var.rotation != null ? [var.rotation] : []
content {
rotation_period = rotation.value.rotation_period
next_rotation_time = try(rotation.value.next_rotation_time, null)
}
}
}

resource "google_kms_crypto_key_iam_member" "kms-secret-binding" {
crypto_key_id = var.crypto_key_id
role = var.role
member = var.member
}

Debug Output

No response

Expected Behavior

No response

Actual Behavior

No response

Steps to reproduce

1. terraform apply

Important Factoids

No response

References

No response

[slevenick]

See the documentation of rotation that mentions that topics must be set if rotation is set: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret.html#rotation-1