Closed hobbesuk closed 1 year ago
Might be relevant info... the workspace_id I'm populating form a azurerm_log_analytics_workspace data source. The id casing in the state file matches that in azure, its appears the data source is somehow trying to change the case.
Hi @hobbesuk thanks for opening this. I tried reproducing this but wasn't able to produce the error you saw. Is there any other information that might be relevant for reproducing?
We are also seeing this behaviour. @hobbesuk did you find a workaround? Although ours relates to the resource id of Application Insights.
This is what's planned:
# azurerm_api_management_logger.apim-application-insights must be replaced
-/+ resource "azurerm_api_management_logger" "apim-application-insights" {
- description = "" -> null
~ id = "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.ApiManagement/service/apim-app-dev/loggers/ai-app-dev" -> (known after apply)
name = "ai-agkipg-app-dev"
~ resource_id = "/subscriptions/xxxx/resourceGroups/xxxx/providers/microsoft.insights/components/ai-app-dev" -> "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.Insights/components/ai-app-dev" # forces replacement
# (3 unchanged attributes hidden)
# (1 unchanged block hidden)
}
I'll probably open a new issue, but still pretty valid to refer here, that changing the workspace of an application insights should not require its replacement.
If any of us go to Application Insights properties and change the log analytics workspace to another, that an allowed operation!
So here it's wrong to trigger a replacement, worst case should give an error message on invalid workspace resource id, but never to replace application insights.
This is achieved by using the following operation:
PATCH https://management.azure.com/subscriptions/<subscription_id>/resourceGroups/<resource_group_name>/providers/microsoft.insights/components/<application_insights_name>?api-version=2020-02-02-preview
Authorization: Bearer <access_token>
Content-Type: application/json
{
"properties": {
"WorkspaceResourceId": "/subscriptions/<subscription_id>/resourceGroups/<resource_group_name>/providers/Microsoft.OperationalInsights/workspaces/<log_analyticis_workspace_name>"
}
}
Tested and working,
looks like issue was fixed in 3.33 - at least issue does not reproduce anymore for me after upgrade from 3.27 to 3.47 https://github.com/hashicorp/terraform-provider-azurerm/pull/19325 https://github.com/hashicorp/terraform-provider-azurerm/issues/13348
Thanks for taking the time to submit this issue. It looks like this has been resolved as of v3.47, per the comment by @mkusmiy. As such, I am going to mark this issue as closed.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Is there an existing issue for this?
Community Note
Terraform Version
1.3.2
AzureRM Provider Version
3.26.0
Affected Resource(s)/Data Source(s)
azurerm_application_insights
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Nothing, the resource hasn't changed.
Actual Behaviour
Terraform wants to replace the resource which would mean loosing all the logs
Steps to Reproduce
terraform plan
Produces output like this:
Notice the change of
resoucegroups
toresourceGroups
andmicrosoft.operationalinsights
toMicrosoft.OperationalInsights
I've seen older version of 3.x have issues around this but seems that all issues have been fixed?
Even if I go and edit the state file to change the references to what it expects and a
plan -refresh-only
is clean, but a normalplan
wants to replace the resource.Important Factoids
No response
References
No response