search

hashicorp / terraform-provider-azurerm

Terraform provider for Azure Resource Manager
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
Mozilla Public License 2.0
4.58k stars 4.62k forks source link

Support for force refreshing client authentication #15894

Open magodo opened 2 years ago

magodo commented 2 years ago

In the official page of the Azure Management Group, it says:

Azure Resource Manager user tokens and management group cache lasts for 30 minutes before they are forced to refresh. After doing any action like moving a management group or subscription, it might take up to 30 minutes to show. To see the updates sooner you need to update your token by refreshing the browser, signing in and out, or requesting a new token.

This means after creating the mgmt group, we should do a token refresh so that we can proceed to using it (e.g. assigning policy, listing inherited policy definitions, .etc). This means we need a mechanism to force refreshing the client authentications in the provider. Otherwise, users have to either wait for 30m, or rerun terraform apply after the failure.

Reference

https://github.com/hashicorp/terraform-provider-azurerm/issues/12478

laughtonsm commented 2 years ago

@magodo I came up against this, but with subscriptions. Same behaviour as only the cached JSON is used. Would be great to get a resolution