search

Azure / terraform-provider-azapi

Terraform provider for Azure Resource Manager Rest API
https://registry.terraform.io/providers/Azure/azapi/latest
Mozilla Public License 2.0
193 stars 51 forks source link

The API returns a readonly `location` field which triggers the replacement #655

Open ms-henglu opened 4 weeks ago

ms-henglu commented 4 weeks ago

Behavior

Take Microsoft.Web/staticSites/linkedBackends resource as an example, in the configuration, there's no location field defined and the schema validation also fails if the location is defined.

After the resource is created, the location field was set automatically by Azure and terraform wants to recreate the resource on every plan and apply. The configuration:

resource "azapi_resource" "webapp_linked_backend" {
  type      = "Microsoft.Web/staticSites/linkedBackends@2022-09-01"
  name      = "webapp-${var.env}-${var.location}"
  parent_id = azurerm_static_web_app.web_app.id

  body = {
    kind = "Container App"
    properties = {
      backendResourceId = var.web_backend_id
      region            = var.location
    }
  }
}

The terraform output:

  # module.web_app.azapi_resource.webapp_linked_backend must be replaced
-/+ resource "azapi_resource" "webapp_linked_backend" {
      ~ id                        = "/subscriptions/<SUBSCRIPTON>/resourceGroups/<RG>/providers/Microsoft.Web/staticSites/<STATIC_WEB>/linkedBackends/<NAME>" -> (known after apply)
      - location                  = "East US 2" -> null # forces replacement
        name                      = "webapp-dev-eastus2"
      ~ output                    = {} -> (known after apply)
        # (6 unchanged attributes hidden)
    }

Workaround

Step 1. Add the location field to the configuration to make the configuration match with the remote state. It's okay to use lifecycle.ignore_changes to suppress the difference too.

lifecycle {
    ignore_changes = [
      location,
    ]
  }
  1. Disable the scheme validation by adding the below configuration 
schema_validation_enabled = false

Known resource types

It also happens to other resource types, listed as the following:

Microsoft.Web/staticSites/linkedBackends
Microsoft.Web/sites/siteextensions
Microsoft.KeyVault/vaults/secrets
Microsoft.Relay/namespaces/wcfRelays/authorizationRules 
Microsoft.ServiceBus/namespaces/topics/subscriptions
Microsoft.KeyVault/vaults/keys
Microsoft.Storage/storageAccounts/blobServices/containers
Microsoft.Insights/diagnosticSettings
Microsoft.Web/staticSites/customDomains

Related issues

https://github.com/Azure/terraform-provider-azapi/issues/629 https://github.com/Azure/terraform-provider-azapi/issues/601 https://github.com/Azure/terraform-provider-azapi/issues/584 https://github.com/Azure/terraform-provider-azapi/issues/563 https://github.com/Azure/terraform-provider-azapi/issues/541 https://github.com/Azure/terraform-provider-azapi/issues/538 https://github.com/Azure/terraform-provider-azapi/issues/514 https://github.com/Azure/terraform-provider-azapi/issues/511

ms-henglu commented 4 weeks ago

This issue happens after v1.13.x.