updating `azurerm_monitor_diagnostic_setting` fails with `Detected duplicated Log settings` after upgrade to `3.40.0`

[dvob]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.3.7

AzureRM Provider Version

3.40.0

Affected Resource(s)/Data Source(s)

azurerm_monitor_diagnostic_setting

Terraform Configuration Files

variable "fd_diag_logs" {
  description = "Frontdoor Monitoring Category details for Azure Diagnostic setting"
  type        = list(string)
  default     = ["FrontdoorAccessLog", "FrontdoorWebApplicationFirewallLog"]
}

resource "azurerm_monitor_diagnostic_setting" "fd_diag" {
  name                       = "frontdoor-diag"
  target_resource_id         = azurerm_cdn_frontdoor_profile.main.id
  log_analytics_workspace_id = var.law_id

  dynamic "log" {
    for_each = var.fd_diag_logs
    content {
      category = log.value
      enabled  = true

      retention_policy {
        enabled = false
        days    = 0
      }
    }
  }

  metric {
    category = "AllMetrics"

    retention_policy {
      enabled = false
      days    = 0
    }
  }

  lifecycle {
    ignore_changes = [log, metric]
  }
}

Debug Output/Panic Output

Error: updating Monitor Diagnostics Setting "frontdoor-diag" for Resource "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/my-resource-group/providers/Microsoft.Cdn/profiles/my-frontdoor-name": diagnosticsettings.DiagnosticSettingsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="Detected duplicated Log settings 'FrontdoorAccessLog | FrontdoorWebApplicationFirewallLog | FrontDoorHealthProbeLog | FrontDoorAccessLog | FrontDoorWebApplicationFirewallLog'."

Expected Behaviour

No error

Actual Behaviour

After upgrading azurerm from 3.39.1 to 3.40.0 we get the following error during terraform apply:

Error: updating Monitor Diagnostics Setting "frontdoor-diag" for Resource "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/my-resource-group/providers/Microsoft.Cdn/profiles/my-frontdoor-name": diagnosticsettings.DiagnosticSettingsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="Detected duplicated Log settings 'FrontdoorAccessLog | FrontdoorWebApplicationFirewallLog | FrontDoorHealthProbeLog | FrontDoorAccessLog | FrontDoorWebApplicationFirewallLog'."

Now we rolled back to 3.39.1 and the deployment runs without errors.

Steps to Reproduce

No response

Important Factoids

No response

References

Change between 3.39.1 and 3.40.0 in azurerm_monitor_diagnostic_setting: #20048

Other issue regarding these changes: #20140

[dvob]

We updated our resources to use the new enabled_log syntax which fixed the problem for us. So this is no longer an issue for us but probably still a bug since it breaks backwards compatibility with the old syntax.