azurerm_linux_virtual_machine and boot_diagnostics: How to manage the "enabled" attributes?

[gesnaud]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.6.5

AzureRM Provider Version

3.106.1

Affected Resource(s)/Data Source(s)

azurerm_linux_virtual_machine

Terraform Configuration Files

resource "azurerm_linux_virtual_machine" "azure_instance" {
  for_each                        = { for key, attributes in var.instances : key => attributes }
[...]
  boot_diagnostics {
    #Empty uri will enable managed storage account (recommended)
    storage_account_uri = ""
  }
[...]
}

### Debug Output/Panic Output

```shell
# myvm.azurerm_virtual_machine.vm will be updated in-place
  ~ resource "azurerm_virtual_machine" "vm" {
        id                               = "id of Azure"
        name                             = "vm_super"
        tags                             = {
         [...]
        }
        # (8 unchanged attributes hidden)

      - boot_diagnostics {
          - enabled = true -> null
        }

        # (6 unchanged blocks hidden)
    }

### Expected Behaviour

No change is expected on the resource as `enabled` sub-parameter of parameter `boot_diagnostics` not available in azurerm_linux_virtual_machine.
Indeed, when you read documentation, as soons s you understand the sub-parameter `storage_account_uri` is empty, automatically `enabled` is set to `true`  in Azure. But as this is is not stored in tfstate or not configurable by AzureRM, Terraform detect it as a change....

### Actual Behaviour

Terraform want to put it to null... Even if it will be reset to True by Azure because of the `storage_account_uri` value!

### Steps to Reproduce

_No response_

### Important Factoids

_No response_

### References

_No response_

[jkroepke]

We are just using this:

  boot_diagnostics {}

Just an empty block enabled the ms managed boot diagnostics

[Chambras]

Hi @gesnaud that combination of terraform and azurerm are kind of old. Any chance you could test again using the latest versions?

[gesnaud]

Hi @Chambras !

I just test with this Terraform configuration (cannot go to AzureRM 4.X for now):

# terraform version
Terraform v1.9.7
on linux_amd64
+ provider registry.terraform.io/aztfmod/azurecaf v1.2.28
+ provider registry.terraform.io/azure/azapi v1.13.0
+ provider registry.terraform.io/hashicorp/azurerm v3.116.0
+ provider registry.terraform.io/hashicorp/template v2.2.0

And here is what appeared in azurerm_virtual_machine :

  # module.firewall.azurerm_virtual_machine.hub-fw01vm will be updated in-place
  ~ resource "azurerm_virtual_machine" "sdfqsdfqsdf" {
        id                               = "/subscriptions/xxxxx/resourceGroups/qsdfqsdff/providers/Microsoft.Compute/virtualMachines/qsdfqsdf"
        name                             = "qsdfqfd"

        # (8 unchanged attributes hidden)

      - boot_diagnostics {
          - enabled     = true -> null
            # (1 unchanged attribute hidden)
        }
[...]

But the bug might come from the resource used here, which I did not pay attention enough: azurerm_virtual_machine and not azurerm_linux_virtual_machine as I mentionned in title!

What do you think?

Thanks!

[Chambras]

@gesnaud I think you should give it a try with azurerm_linux_virtual_machine and the latest azurerm version. If this was indeed a bug, a fix will be in future releases.

[gesnaud]

@Chambras : Thanks for your replay!

Indeed, because of this bug we cannot move from azurerm_virtual_machine to azurerm_{linux,windows}_virtual_machine.

Anyway, effectively, the bootdiagnostics bug I mentionned not occuring with `azurerm{linux,windows}_virtual_machine`!

Sorry about that, I did not pay attention enough!