azurerm_proximity_placement_group resource cannot be modified due allowed_vm_sizes

[petri-o-ojala]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.3.6

AzureRM Provider Version

3.39.1

Affected Resource(s)/Data Source(s)

azurerm_proximity_placement_group

Terraform Configuration Files

provider "azurerm" {
  features {}
}

terraform {
  required_version = "~> 1.3.6"

  required_providers {
    azurerm = {
      # Azure Resource Manager
      source  = "hashicorp/azurerm"
      version = "~> 3.38"
    }
  }
}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_proximity_placement_group" "example" {
  name                = "exampleProximityPlacementGroup"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  tags = {
    environment = "Production"
    #
    # Uncomment the following tag to produce the issue:
    # newtag = "value"
  }
}

resource "azurerm_virtual_network" "example" {
  name                = "example-network"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
}

resource "azurerm_subnet" "example" {
  name                 = "internal"
  resource_group_name  = azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.2.0/24"]
}

resource "azurerm_network_interface" "example" {
  name                = "example-nic"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  ip_configuration {
    name                          = "internal"
    subnet_id                     = azurerm_subnet.example.id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "azurerm_linux_virtual_machine" "example" {
  name                = "example-machine"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  size                = "Standard_F2"
  admin_username      = "adminuser"
  network_interface_ids = [
    azurerm_network_interface.example.id,
  ]

  proximity_placement_group_id = azurerm_proximity_placement_group.example.id

  admin_ssh_key {
    username   = "adminuser"
    public_key = file("~/.ssh/id_rsa.pub")
  }

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  }
}

Debug Output/Panic Output

Terraform will perform the following actions:

  # azurerm_proximity_placement_group.example will be updated in-place
  ~ resource "azurerm_proximity_placement_group" "example" {
        id                  = "/subscriptions/.../resourceGroups/example-resources/providers/Microsoft.Compute/proximityPlacementGroups/exampleProximityPlacementGroup"
        name                = "exampleProximityPlacementGroup"
      ~ tags                = {
          + "newtag"      = "value"
            # (1 unchanged element hidden)
        }
        # (3 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azurerm_proximity_placement_group.example: Modifying... [id=/subscriptions/.../resourceGroups/example-resources/providers/Microsoft.Compute/proximityPlacementGroups/exampleProximityPlacementGroup]
╷
│ Error: creating/updating Proximity Placement Group (Subscription: "..."
│ Resource Group Name: "example-resources"
│ Proximity Placement Group Name: "exampleProximityPlacementGroup"): proximityplacementgroups.ProximityPlacementGroupsClient#CreateOrUpdate: Failure sending request: StatusCode=409 -- Original Error: autorest/azure: Service returned an error. Status=<nil> Code="OperationNotAllowed" Message="Updating 'proximityPlacementGroup.properties.intent.vmSizes' property of proximity placement group is not allowed. Please deallocate all VMs and Virtual Machine Scale Set VMs that has reference of the proximity placement group and retry the request."
│
│   with azurerm_proximity_placement_group.example,
│   on main.tf line 22, in resource "azurerm_proximity_placement_group" "example":
│   22: resource "azurerm_proximity_placement_group" "example" {
│
╵

Expected Behaviour

A new tag should be added to the placement proximity group resource without errors and allowed_vm_sizes should stay optional.

Actual Behaviour

azurerm_proximity_placement_group resource cannot be changed (e.g. tags updated) after a VM has been attached to it.

Before the PPG has any VMs changing e.g. the tags works just fine.

Also defining allowed_vm_sizes based on the VMs in the PPG does not work, from actual deployment with existing PPG and multiple VMs failed with

│ Error: expected allowed_vm_sizes.0 to be one of [Basic_A4 Basic_A1 Basic_A3 Basic_A2 Basic_A0 Standard_A8 Standard_A8_v2 Standard_A8m_v2 Standard_A5 Standard_A4 Standard_A4_v2 Standard_A4m_v2 Standard_A9 Standard_A1 Standard_A11 Standard_A1_v2 Standard_A10 Standard_A7 Standard_A6 Standard_A3 Standard_A2 Standard_A2_v2 Standard_A2m_v2 Standard_A0 Standard_B8ms Standard_B4ms Standard_B1ms Standard_B1s Standard_B2ms Standard_B2s Standard_D8_v3 Standard_D8s_v3 Standard_D5_v2 Standard_D4 Standard_D4_v3 Standard_D4_v2 Standard_D4s_v3 Standard_D1 Standard_D15_v2 Standard_D14 Standard_D14_v2 Standard_D11 Standard_D11_v2 Standard_D16_v3 Standard_D16s_v3 Standard_D13 Standard_D13_v2 Standard_D12 Standard_D12_v2 Standard_D1_v2 Standard_DS5_v2 Standard_DS4 Standard_DS4_v2 Standard_DS1 Standard_DS15_v2 Standard_DS14 Standard_DS14-8_v2 Standard_DS14-4_v2 Standard_DS14_v2 Standard_DS11 Standard_DS11_v2 Standard_DS13 Standard_DS13-4_v2 Standard_DS13-2_v2 Standard_DS13_v2 Standard_DS12 Standard_DS12_v2 Standard_DS1_v2 Standard_DS3 Standard_DS3_v2 Standard_DS2 Standard_DS2_v2 Standard_D64_v3 Standard_D64s_v3 Standard_D3 Standard_D32_v3 Standard_D32s_v3 Standard_D3_v2 Standard_D2 Standard_D2_v3 Standard_D2_v2 Standard_D2s_v3 Standard_E8_v3 Standard_E8s_v3 Standard_E4_v3 Standard_E4s_v3 Standard_E16_v3 Standard_E16s_v3 Standard_E64-16s_v3 Standard_E64-32s_v3 Standard_E64_v3 Standard_E64s_v3 Standard_E32-8s_v3 Standard_E32-16_v3 Standard_E32_v3 Standard_E32s_v3 Standard_E2_v3 Standard_E2s_v3 Standard_F8 Standard_F8s Standard_F8s_v2 Standard_F4 Standard_F4s Standard_F4s_v2 Standard_F1 Standard_F16 Standard_F16s Standard_F16s_v2 Standard_F1s Standard_F72s_v2 Standard_F64s_v2 Standard_F32s_v2 Standard_F2 Standard_F2s Standard_F2s_v2 Standard_G5 Standard_G4 Standard_G1 Standard_GS5 Standard_GS5-8 Standard_GS5-16 Standard_GS4 Standard_GS4-8 Standard_GS4-4 Standard_GS1 Standard_GS3 Standard_GS2 Standard_G3 Standard_G2 Standard_H8 Standard_H8m Standard_H16 Standard_H16m Standard_H16mr Standard_H16r Standard_L8s Standard_L4s Standard_L16s Standard_L32s Standard_M128-64ms Standard_M128-32ms Standard_M128ms Standard_M128s Standard_M64-16ms Standard_M64-32ms Standard_M64ms Standard_M64s Standard_NC12 Standard_NC12s_v3 Standard_NC12s_v2 Standard_NC6 Standard_NC6s_v3 Standard_NC6s_v2 Standard_NC24 Standard_NC24r Standard_NC24rs_v3 Standard_NC24rs_v2 Standard_NC24s_v3 Standard_NC24s_v2 Standard_ND12s Standard_ND6s Standard_ND24rs Standard_ND24s Standard_NV12 Standard_NV6 Standard_NV24], got Standard_E48ds_v5

Standard_E48ds_v5 is the machine type already in the PPG and the list doesn't contain all the available VM types (e.g. no _v5 types).

Steps to Reproduce

1. terraform apply

The initial resources will be built (VM in PPG, VNet, etc).

2. Modify main.tf to include the a newtag tag for the Proximity Placement Group resource.

3. terraform apply

Will now fail with the above error.

Important Factoids

No response

References

No response

[myc2h6o]

Hi @petri-ojala-tieto thanks for opening the issue! There is some issue within the update logic when adding the support for allowed_vm_sizes. It doesn't consider the situation when VM is attached. I've opened #20131 to fix the issue.

[github-actions[bot]]

This functionality has been released in v3.46.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.