[bug] Changing Regions causes Diagnostic Module to fail

[DevopsMercenary]

Describe the bug

I get this error

│ Error: Error in function call
│
│   on /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf line 26, in resource "azurerm_monitor_diagnostic_setting" "diagnostics":
│   26:   storage_account_id = contains(try([tostring(each.value.destination_type)], tolist(each.value.destination_type)), "storage") ? try(var.diagnostics.diagnostics_destinations.storage[each.value.destination_key][var.resource_location].storage_account_resource_id, var.diagnostics.storage_accounts[var.diagnostics.diagnostics_destinations.storage[each.value.destination_key][var.resource_location].storage_account_key].id) : null
│     ├────────────────
│     │ while calling try(expressions...)
│     │ each.value.destination_key is "all_regions"
│     │ var.diagnostics.diagnostics_destinations.storage is object with 1 attribute "all_regions"
│     │ var.diagnostics.storage_accounts is object with 6 attributes
│     │ var.resource_location is "eastus"
│
│ Call to function "try" failed: no expression succeeded:
│ - Invalid index (at /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf:26,209-232)
│   The given key does not identify an element in this collection value.
│ - Invalid index (at /home/vscode/.terraform.cache/sandpit/modules/launchpad/modules/diagnostics/module.tf:26,371-394)
│   The given key does not identify an element in this collection value.
│
│ At least one expression must produce a successful result.
╵

To Reproduce

In MacOS Bash window

git clone git@github.com:Azure/caf-terraform-landingzones.git

cd caf-terraform-landingzones

docker run -it -v .:/tf/caf  aztfmod/rover:1.8.1-2404.2314

# Resolve Error `fatal: detected dubious ownership in repository at '/tf/caf'`
vscode@af2f3729e3ec:/tf/caf$  git config --global --add safe.directory /tf/caf

# Resolve Error `The running version {...}does not match the required version`
vscode@af2f3729e3ec:/tf/caf$  export ROVER_RUNNER=true

vscode@af2f3729e3ec:/tf/caf$  rover login

vscode@af2f3729e3ec:/tf/caf$  az account set -s operations-caf

# Apply the 200 Level Example
vscode@af2f3729e3ec:/tf/caf$  rover -lz /tf/caf/caf_launchpad -launchpad -var-folder /tf/caf/caf_launchpad/scenario/200 -parallelism=30 -a apply

Expected behavior

I expect the plan to come up and be applied

Configuration (please complete the following information):

• Mac M1 Pro, MacOS 14.4.1
• Version of the rover: rover:1.8.1-2404.2314
• Version of the landing zone: commit a2d3cb5 what main HEAD is pointing to today

Additional context

I'm in the United States. The default regions are Australia.

I changed: caf_launchpad/scenario/200/configuration.tfvars

from

regions = {
  region1 = "australiaeast"
  region2 = "australiacentral"
}

TO

regions = {
  region1 = "eastus"
  region2 = "eastus2"
}

and now I get the error as I documented above

Commenting out the diagnostics map in caf_launchpad/landingzone.tf prevents the error

After some digging, I found this...

in caf_launchpad/scenario/200/diagnostics_destinations.tfvars

diagnostics_destinations = {
  # Storage keys must reference the azure region name
  # For storage, reference "all_regions" and we will send the logs to the storage account
  # in the region of the deployment
  storage = {
    all_regions = {
      australiaeast = {
        storage_account_key = "diagsiem_region1"
      }
      australiacentral = {
        storage_account_key = "diagsiem_region2"
      }
    }
  }

Changing to the following fixed the issue

diagnostics_destinations = {
  # Storage keys must reference the azure region name
  # For storage, reference "all_regions" and we will send the logs to the storage account
  # in the region of the deployment
  storage = {
    all_regions = {
      eastus = {
        storage_account_key = "diagsiem_region1"
      }
      eastus2 = {
        storage_account_key = "diagsiem_region2"
      }
    }
  }