azurerm_postgres admin password reset

hashicorp / terraform-provider-azurerm

Terraform provider for Azure Resource Manager

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs

Mozilla Public License 2.0

4.52k stars 4.6k forks source link

azurerm_postgres admin password reset #12420

Open vysakhs05 opened 3 years ago

vysakhs05 commented 3 years ago

azurerm_postgres resource was created using terraform.

Later the postgres admin password was reset on azure portal.

Running terraform apply again on the same resource did not identify the change in password and reset of the same based on the state file did not happen.

Terraform (and AzureRM Provider) Version

Terraform version - 0.14.10 AzureRm - Tested on both versions 2.55.0 and 2.62.0

Affected Resource(s)

azurerm_postgresql

Expected Behaviour

postgresql admin password change should have been identified and reset

Actual Behaviour

Terraform did not identify the change

manutvm commented 3 years ago

I am also getting same behaviour. Steps to reproduce,

Terraform apply to create Azure Postgres server using a random password(random terraform module)
Change the password from Azure Portal.
Execute the terraform again

Expected behaviour Password should change on 2nd run of terraform.

Current Behaviour Terraform says no infrastructure changes on 2nd run which seems wrong.

wasfree commented 3 years ago

Hi @vysakhs05,

for security reasons the Azure API will not return administrator_login_password. There is also no checksum or other indicator which would be required for terraform to detect configuration drift while refresh.

So i would say the behavior you expect is not possible until a checksum, change date or other indicator is available to detect changes made outside of terraform configuration.