Whilst working on terraform-ibm-modules/terraform-ibm-cos#352 it became apparent that a similar issue is present in this module.

Setting skip_iam_authorization_policy false and passing an existing_kms_instance_guid but not passing kms_key_crn will fail with

│ Error: Invalid combination of arguments │ │ with module.postgresql_db.ibm_iam_authorization_policy.kms_policy[0], │ on ../../main.tf line 28, in resource "ibm_iam_authorization_policy" "kms_policy": │ 28: target_service_name = local.kms_service │ │ "target_service_name": one of `resource_attributes,target_service_name` must be specified 

Affected modules

• terraform-ibm-icd-postgresql

Terraform CLI and Terraform provider versions

• Terraform version: any
• Provider version: any

Terraform output

Something equivalent to the COS module failure.

│ Error: Invalid combination of arguments │ │ with module.postgresql_db.ibm_iam_authorization_policy.kms_policy[0], │ on ../../main.tf line 28, in resource "ibm_iam_authorization_policy" "kms_policy": │ 28: target_service_name = local.kms_service │ │ "target_service_name": one of `resource_attributes,target_service_name` must be specified 

Debug output

Expected behavior

A more meaningful error message should be raised saying skip_iam_authorization_policy false requires both an existing_kms_instance_guid and a kms_key_crn to be provided.

Actual behavior

Steps to reproduce (including links and screen captures)

1. Run terraform apply

Anything else

By submitting this issue, you agree to follow our Code of Conduct