Open mark-greene opened 4 years ago
same problem here :(
Thanks for opening this issue. After tested, I found seems api doesn't return the values "enrollmentRead/registrationWrite/registrationRead" after created successfully. I assume it's an api issue. So I filed an issue on Azure/azure-rest-api-specs#10356.
Any updates on this issue?
+1 I'm also encountering this issue.
Since the Azure API doesn't return the current values for those attributes, TF tries to re-set them every time.
I'm also integrating the ownerpolicy into a keyvault secret. When TF tries to publish an updated secret for the (otherwise identical) ownerpolicy it triggers an inconsistent final plan
error.
I have the same issue.
I used a lifecycle as a workaround for now:
lifecycle {
ignore_changes = [
enrollment_read,
registration_read,
registration_write
]
}
Using provider "azurerm" (hashicorp/azurerm) 1.43.0
I have the following Terraform code:
When I apply it works as expected but when I do a plan enrollment_read, registration_write and registration_read are detected as false thus causing a change. If I change them to false the plan will not detect changes but a subsequent apply generates the following error. Correcting the error puts me in a state where plan always detects changes and apply makes changes.
Apply
Plan