Bug Report - CAF version 4.2.0 want to delete the automation account ! Why?

[hungbui78]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform: TERRAFORM_VERSION=1.7.4

azure provider:

Configure the Azure provider

terraform { required_providers { azurerm = { source = "hashicorp/azurerm" version = "3.54.0" } } module:

4.2.0

Description

Describe the bug

Today when I did a terraform plan on our CAF codes it says it want to delete the automation account that has been created by the module when we set it up few years back.

module.enterprise_scale.azurerm_automation_account.management["/subscriptions/$ARM_SUBSCRIPTION_ID/resourceGroups/prodTF-mgmt/providers/Microsoft.Automation/automationAccounts/prodTF-automation"] will be updated in-place

~ resource "azurerm_automation_account" "management" {

    id                            = "/subscriptions/$ARM_SUBSCRIPTION_ID/resourceGroups/prodTF-mgmt/providers/Microsoft.Automation/automationAccounts/prodTF-automation"

    name                          = "prodTF-automation"

    tags                          = {

        "deployedBy" = "terraform/azure/caf-enterprise-scale"

    }

    # (10 unchanged attributes hidden)

  - identity {

      - identity_ids = [] -> null

      - principal_id = "e417b213-71f6-47b7-b5d2-ec114662c6fb" -> null

      - tenant_id    = "$ARM_TENANT_ID" -> null

      - type         = "SystemAssigned" -> null

    }

}

Steps to Reproduce

terradform init terraform plan

Screenshots

Additional context

Why do the module want to delete that automation account? As I know it use for the log analytics data collection.

[hungbui78]

Any update on this case?

[hungbui78]

Bump!!

[matt-FFFFFF]

From what I can see it is trying to remove the managed identity that has been assigned to the automation account. This was probably done via other means in between the initial deployment and your more recent run.

[microsoft-github-policy-service[bot]]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 7 days of this comment.