Open Karol-Pawlowski-Allegro opened 6 days ago
Thanks for the issue @Karol-Pawlowski-Allegro. This looks specific to Azure Native, so I'm going to transfer the issue to the https://github.com/pulumi/pulumi-azure-native repo and someone will take a look.
Hi @Karol-Pawlowski-Allegro, to arrive at a correct Pulumi state, you should pulumi import
the resource before defining it in code. Otherwise, it already exists in your stack when the import command adds it again. Alternatively, define it in code and use the import
resource option. Let me know if that helps.
Oh, I just remembered #3333 - @danielrbradley I imagine that would be a problem for import
as well until it's fixed in 3.0?
What happened?
Hey Guys, when creating KeyVault Access Policy in the stack with the following code
and importing the existing access policy with below
I get the resource imported by I get the state updated with following line
"policy.objectId": "8a48c337-90bf-4fef-acbb-9aaca225711d"
that enforces resources recreation which also fails as it can locate the resource. The only solution I see at the moment is to manually update the stack and remove that line but when we get stacks encrypted and much more access policies to track, the problem will get serious.Provider version: azure-native::default_2_53_0 Pulumi version: 3.66.0-alpha.48eae07
Example
Steps:
_ = new AccessPolicy( $"policy-{SvCdKv.GetResourceName()}-{policy.Key}", new AccessPolicyArgs() { VaultName = SvCdKv.GetResourceName(), Policy = policy.Value, ResourceGroupName = ResourceGroup.Name }, new CustomResourceOptions() { Parent = SvCdKv });
pulumi import azure-native:keyvault:AccessPolicy policy-depo-spcred-euw-key-dev-6d7a7007-9664-4e29-a203-80324da8641b /subscriptions/6c288f12-751d-4a98-bb2a-537be023beb5/resourceGroups/depo-shared-euw-dev/providers/Microsoft.KeyVault/vaults/depo-svcd-euw-key-dev/accessPolicy/6d7a7007-9664-4e29-a203-80324da8641b --parent urn:pulumi:depo.dev::AllegroPay.IaC.Depo.Shared.ProjectStack::azure-native:keyvault:Vault::depo-spcred-euw-key-dev
Output of
pulumi about
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).