-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Case sensitivity of subnet_id in gateway_ip_configuration for azurerm_application_gateway causes perpetual changes #23940
Comments
Hi, @tony-harverson-moonpig Thank you for submitting this! The provider is case-sensitive, so the behavior you're experiencing is expected. I'm not sure why we need to manually composite a subnet ID here. Could we use data "azurerm_subnet" "test" {
name = azurerm_subnet.test.name
virtual_network_name = azurerm_virtual_network.test.name
resource_group_name = azurerm_resource_group.spike.name
}
resource "azurerm_application_gateway" "test" {
....
gateway_ip_configuration {
name = "appGatewayIpConfig"
subnet_id = data.azurerm_subnet.test.id
}
.... If this is not what you want, then you need a |
Hi @wuxu92 . We do usually use the azurerm_subnet data source for this, the manual construction of the subnet id in the example was used to show the issue. It's worth noting that the azurerm_subnet data source has a separate case-sensitivity bug where it returns the wrong casing for the subnet id (issue #23916). Regardless of the case-sensitivity of the provider, having it never settle when there's been no changes in the terraform seems wrong. In terms of provider case sensitivity, it looks like past issues with other resources having similar problems have been fixed (#17090, #20484) by making those comparisons case insensitive. |
@tony-harverson-moonpig The case issue of the static segment of the ID can be fixed in the provider(just like #20484), but as for the dynamic segments, i,e the virtual network name and subnet name here, the provider has no knowledge to fix the case. |
Hello, |
Hi @xmaluenda Could you pleease share the configuration and more detailed output of your case? That way, I can check if it is the same issue. |
Hi @wuxu92 , First one, I apologize for my later answer... It wasn't possible for me to go ahead with this subject... After some test (manly trying to upgrade our APIM service from stv1 to stv2 platform) I think that I found the root cause of the problem described here: The main action to do to execute this upgrade, is to change the associated subnet (we are running our APIM service in a injected virtual network) by a new one honouring some constraints (be bound to a Network Security Group, etc...). We were running terraform V1.5.0 and Azurerm provider V 3.81. We get an error saying that upgrade were impossible because a Stv1 APIM service was in the subnet, the problem was Terrafom tryed to change the old subnet by the same old subnet (although the Plan shown that the subnet will get changed by the new on).... After some investigation we found that the payload of the Apply Patch request to change the subnet DIDN'T set the new subnet reference in the body... Looking at the Changelog of Azurerm provider, we found that in v 3.70 the provider was update to use the after that, we try the AzureRm provider V 3.69 and everything was Ok : No more problem to change the subnet, the service was upgraded to stv2 and some recurrent changes about the update of APIM endpoints certificates disappears from Terrafom Plan execution...) So we understand that this new sdk is not going on as well as expected and it brings some instability to the provider for the APIM service . I suppose that this sdk is not in your "perimeter" but could be that you have some clues to bring to me to drive this information to the right people/team... |
Hi @xmaluenda , Apologies for my delayed response and thank you for the update. I'm not quite clear on the details of the error you mentioned. Could you please provide more information, such as the error message or Terraform plan output? Additionally, @sinbai, could you kindly look into this APIM SDK related issue when you have a moment? |
@wuxu92 sure. @xmaluenda thanks for providing the information regarding the APIM issue. It is recommended to create a new issue for your case. In addition, could you please provide the TF configuration and reproduction steps for the mentioned APIM issue ? In order to find the root cause faster, a TF configuration file (contains dependent resources and variable values) and steps would be of great help in quickly reproducing/troubleshooting the issue. Thanks in advance. |
@wuxu92 thanks a lot for your time and I apologizes to be not clear enough... Thanks a lot for your time... |
Is there an existing issue for this?
Community Note
Terraform Version
1.6.3
AzureRM Provider Version
3.80.0
Affected Resource(s)/Data Source(s)
azurerm_application_gateway
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
The plan should settle, and not detect a change.
Actual Behaviour
The plan never settles, and will always attempt to update the subnet id.
Steps to Reproduce
Important Factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: