DTSCCI-4344-4351

[sbagga-moj]

Before creating a pull request make sure that:

• commit messages are meaningful and follow good commit message guidelines
• README and other documentation has been updated / added (if needed)
• tests have been updated / new tests has been added (if needed)

Please remove this line and everything above and fill the following sections:

JIRA link (if applicable)

Change description

Does this PR introduce a breaking change? (check one with "x")

[ ] Yes
[ ] No

[hmcts-jenkins-a-to-c]

Plan Result (aat)

⚠️ Resource Deletion will happen

This plan contains resource delete operation. Please check the plan result very carefully!

Plan: 0 to add, 0 to change, 1 to destroy.

• Delete
  • module.key-vault.azurerm_key_vault_access_policy.jenkins[0]

Change Result (Click me)

  # data.azurerm_user_assigned_identity.app_mi will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "azurerm_user_assigned_identity" "app_mi" {
      + client_id           = (known after apply)
      + id                  = (known after apply)
      + isolation_scope     = (known after apply)
      + location            = (known after apply)
      + name                = "civil-aat-mi"
      + principal_id        = (known after apply)
      + resource_group_name = "managed-identities-aat-rg"
      + tags                = (known after apply)
      + tenant_id           = (known after apply)
    }

  # module.key-vault.azurerm_key_vault_access_policy.jenkins[0] will be destroyed
  # (because index [0] is out of range for count)
  - resource "azurerm_key_vault_access_policy" "jenkins" {
      - certificate_permissions = [
          - "Create",
          - "Delete",
          - "DeleteIssuers",
          - "Get",
          - "GetIssuers",
          - "Import",
          - "List",
          - "ListIssuers",
          - "SetIssuers",
          - "Update",
          - "ManageContacts",
          - "ManageIssuers",
        ] -> null
      - id                      = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/civil-service-aat/providers/Microsoft.KeyVault/vaults/civil-aat/objectId/14b22215-46e6-48a9-8681-e8cefe66236a" -> null
      - key_permissions         = [
          - "Create",
          - "List",
          - "Get",
          - "Delete",
          - "Update",
          - "Import",
          - "Backup",
          - "Restore",
          - "Decrypt",
          - "Encrypt",
          - "UnwrapKey",
          - "WrapKey",
          - "Sign",
          - "Verify",
          - "GetRotationPolicy",
        ] -> null
      - key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/civil-service-aat/providers/Microsoft.KeyVault/vaults/civil-aat" -> null
      - object_id               = "14b22215-46e6-48a9-8681-e8cefe66236a" -> null
      - secret_permissions      = [
          - "Set",
          - "List",
          - "Get",
          - "Delete",
          - "Recover",
          - "Purge",
        ] -> null
      - storage_permissions     = [] -> null
      - tenant_id               = "531ff96d-0ae9-462a-8d2d-bec7c0b42082" -> null
        # (1 unchanged attribute hidden)
    }

Plan: 0 to add, 0 to change, 1 to destroy.

[hmcts-jenkins-a-to-c]

Plan Result (prod)

⚠️ Resource Deletion will happen

This plan contains resource delete operation. Please check the plan result very carefully!

Plan: 0 to add, 0 to change, 1 to destroy.

• Delete
  • module.key-vault.azurerm_key_vault_access_policy.jenkins[0]

Change Result (Click me)

  # data.azurerm_user_assigned_identity.app_mi will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "azurerm_user_assigned_identity" "app_mi" {
      + client_id           = (known after apply)
      + id                  = (known after apply)
      + isolation_scope     = (known after apply)
      + location            = (known after apply)
      + name                = "civil-prod-mi"
      + principal_id        = (known after apply)
      + resource_group_name = "managed-identities-prod-rg"
      + tags                = (known after apply)
      + tenant_id           = (known after apply)
    }

  # module.key-vault.azurerm_key_vault_access_policy.jenkins[0] will be destroyed
  # (because index [0] is out of range for count)
  - resource "azurerm_key_vault_access_policy" "jenkins" {
      - certificate_permissions = [
          - "Create",
          - "Delete",
          - "DeleteIssuers",
          - "Get",
          - "GetIssuers",
          - "Import",
          - "List",
          - "ListIssuers",
          - "SetIssuers",
          - "Update",
          - "ManageContacts",
          - "ManageIssuers",
        ] -> null
      - id                      = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/civil-service-prod/providers/Microsoft.KeyVault/vaults/civil-prod/objectId/c860eaa0-74be-4731-8370-db94c5fdad81" -> null
      - key_permissions         = [
          - "Create",
          - "List",
          - "Get",
          - "Delete",
          - "Update",
          - "Import",
          - "Backup",
          - "Restore",
          - "Decrypt",
          - "Encrypt",
          - "UnwrapKey",
          - "WrapKey",
          - "Sign",
          - "Verify",
          - "GetRotationPolicy",
        ] -> null
      - key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/civil-service-prod/providers/Microsoft.KeyVault/vaults/civil-prod" -> null
      - object_id               = "c860eaa0-74be-4731-8370-db94c5fdad81" -> null
      - secret_permissions      = [
          - "Set",
          - "List",
          - "Get",
          - "Delete",
          - "Recover",
          - "Purge",
        ] -> null
      - storage_permissions     = [] -> null
      - tenant_id               = "531ff96d-0ae9-462a-8d2d-bec7c0b42082" -> null
        # (1 unchanged attribute hidden)
    }

Plan: 0 to add, 0 to change, 1 to destroy.