Open roy-work opened 3 years ago
I agree the provider should handle the "simple" case where there's no resources actually in any of the vnet's subnets. Maybe we could get the ip allocations / ip configurations of the subnets from the API to determine whether they're empty?
I'm not sure if it is possible in the case that there are actually any resources in the subnet.
If there are resources in the subnet it seems like things get very complicated very quickly. I tried doing this via terraform today with some resources I had deployed, and I had to manually taint the following resources:
(After tainting those resources, I still had to follow @roy-work's steps 1-3 because we don't yet handle the "simple" case.)
It would be nice if Terraform could help with some of the heavy lifting here with calculating which resources need to be force-replaced during a CIDR change (for example: currently tainting a subnet will trigger terraform to update-in-place the subnet_id
of the ip_configuration
of the NIC, rather than force-replacing the NIC).
Perhaps we should split this into two separate issues. One for the "simple" case, and one for the more complicated one (if it's even possible to tackle the complicated one).
Thanks for opening this issue. This was a problem in the 2.x version of the provider which is no longer actively maintained. If this is still an issue with the 3.x version of the provider please do let us know by opening a new issue, thanks!
Hi, This is still a pending issue with terraform 3.x version of the provider. Is there a resolution for this please? Thanks
@DrewCharlez Thanks for reaching out, I can reopen this issue, which 3.x version of the provider are you seeing this behavior?
I'm seeing this on 3.82.0
.
I am also seeing this issue in 3.59.0
.
Still seeing this issue with 3.102.0
Community Note
Terraform (and AzureRM Provider) Version
Affected Resource(s)
azurerm_virtual_network
azurerm_subnet
Terraform Configuration Files
Note the comments below; the previous values are shown in the comments, and are part of the bug here.
Example Output
Expected Behaviour
Ideally, the subnet & vnet should have been updated to the new values.
Actual Behaviour
This is a complex change, and Terraform / the
azurerm
provider is executing the wrong sequence of API calls. Terraform is first trying to update the vnet to the new range that's been provided in the configuration. But we can't do that: there's still a subnet in the old range (which what Azure is trying to say in the error).The change is possible, but it needs to happen over multiple API calls, involving multiple resources:
And that's in the simple case of not having anything using the subnet. I'm not sure if it is possible in the case that there are actually any resources in the subnet. (But that wasn't part of what I tried to do today, thankfully.)
Steps to Reproduce
terraform apply