Open mhyllander opened 4 days ago
Terraform v1.8.5 on linux_amd64
azuread_application_password
resource "azuread_application_password" "app" { application_id = azuread_application.app.id display_name = "service connection" end_date_relative = "9504h" # 13 months rotate_when_changed = { rotation = time_rotating.rotation_period.id } }
The rotated password should have been created with an expiration date of 13 months.
The rotated password was created with an expiration date of 24 months.
terraform apply
applicationPasswordResourceCreate calls PasswordCredentialForResource, which parses end_date_relative, then calls PasswordCredential, which doesn't use end_date_relative, resulting in a default end_date of 24 months.
end_date_relative
end_date
Compare with the end date calculations done in KeyCredentialForResource.
This appears to be a regression caused by https://github.com/hashicorp/terraform-provider-azuread/pull/1389.
Community Note
Terraform (and AzureAD Provider) Version
Terraform v1.8.5 on linux_amd64
Affected Resource(s)
azuread_application_password
Terraform Configuration Files
Debug Output
Panic Output
Expected Behavior
The rotated password should have been created with an expiration date of 13 months.
Actual Behavior
The rotated password was created with an expiration date of 24 months.
Steps to Reproduce
terraform apply
Important Factoids
References
applicationPasswordResourceCreate calls PasswordCredentialForResource, which parses
end_date_relative
, then calls PasswordCredential, which doesn't useend_date_relative
, resulting in a defaultend_date
of 24 months.Compare with the end date calculations done in KeyCredentialForResource.
0000