`azurerm_dns_a_record` with `target_resource_id` is updating with every execution due to capital letter in resource group name

[kamerad]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.7.5

AzureRM Provider Version

3.97.1

Affected Resource(s)/Data Source(s)

azurerm_dns_a_record

Terraform Configuration Files

resource "azurerm_resource_group" "rg" {
  name     = "NAME_WITH_CAPITAL_LETTERS"
  location = "westeurope"
}

resource "azurerm_dns_zone" "zone" {
  name                = "example.test"
  resource_group_name = azurerm_resource_group.rg.name
}

resource "azurerm_dns_a_record" "www" {
  name                = "www"
  zone_name           = azurerm_dns_zone.zone.name
  resource_group_name = azurerm_resource_group.rg.name
  ttl                 = 3600
  records             = ["192.0.2.1"]
}

resource "azurerm_dns_a_record" "apex" {
  name                = "@"
  zone_name           = azurerm_dns_zone.zone.name
  resource_group_name = azurerm_resource_group.rg.name
  ttl                 = 3600
  target_resource_id  = azurerm_dns_a_record.www.id
}

Debug Output/Panic Output

# azurerm_dns_a_record.apex will be updated in-place
  ~ resource "azurerm_dns_a_record" "apex" {
        id                  = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/NAME_WITH_CAPITAL_LETTERS/providers/Microsoft.Network/dnsZones/example.test/A/@"
        name                = "@"
        tags                = {}
      ~ target_resource_id  = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/name_with_capital_letters/providers/Microsoft.Network/dnszones/example.test/A/www" -> "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/NAME_WITH_CAPITAL_LETTERS/providers/Microsoft.Network/dnsZones/example.test/A/www"
        # (5 unchanged attributes hidden)
    }

Expected Behaviour

The azurerm_dns_a_record should not be updated because there was no change.

Actual Behaviour

The resource id for target_resource_id was converted to lowercase before being written to the terraform state. This causes an incorrectly recognized change and forces an update of the resource with every execution.

Steps to Reproduce

1. terraform apply that does the following:

   • Create resource group including CAPITAL LETTERS
   • Create a DNS zone
   • Create an A-Record "www"
   • Create an A-Record "@" which is an alias for record "www"

2. Re-run terraform apply without any changes to the terraform code

   • Terraform will try to update the target_resource_idof the @ record with every execution

Important Factoids

No response

References

No response

[neil-yechenwei]

Thanks for raising this issue. Service API returns the targetResourceId with lower case so that TF causes diff. So suggest to use "ignore_changes" as workaround. In the meanwhile, I filed an issue on https://github.com/Azure/azure-rest-api-specs/issues/28449 for tracking.