terraform-provider-azurerm
terraform-provider-azurerm copied to clipboard
azurerm_postgresql_flexible_server_active_directory_administrator can't be destroyed when linked to Group and active_directory_auth_enabled is on
Is there an existing issue for this?
- [X] I have searched the existing issues
Community Note
- Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.
Terraform Version
1.4.6
AzureRM Provider Version
3.75.0
Affected Resource(s)/Data Source(s)
azurerm_postgresql_flexible_server_active_directory_administrator
Terraform Configuration Files
resource "azurerm_postgresql_flexible_server_active_directory_administrator" "aad_admin" {
server_name = azurerm_postgresql_flexible_server.db.name
resource_group_name = var.resource_group_name
tenant_id = var.tenant_id
object_id = data.azuread_group.admin.object_id
principal_name = data.azuread_group.admin.display_name
principal_type = "Group"
}
Debug Output/Panic Output
module.XXX.azurerm_postgresql_flexible_server_active_directory_administrator.aad_admin: Still destroying... [id=/subscriptions/XXXX...s/XXX, 23m39s elapsed]
Expected Behaviour
It should be destroyed
Actual Behaviour
It never destroys
Steps to Reproduce
Use this (populate with your own variables)
resource "azurerm_postgresql_flexible_server" "db" {
...
authentication {
active_directory_auth_enabled = true
password_auth_enabled = false
tenant_id = var.tenant_id
}
}
data "azuread_group" "admin" {
object_id = var.admin_group_id
security_enabled = true
}
resource "azurerm_postgresql_flexible_server_active_directory_administrator" "aad_admin" {
server_name = azurerm_postgresql_flexible_server.db.name
resource_group_name = var.resource_group_name
tenant_id = var.tenant_id
object_id = data.azuread_group.admin.object_id
principal_name = data.azuread_group.admin.display_name
principal_type = "Group"
}
And then run terraform apply
.
Important Factoids
Azure West europe
References
https://discuss.hashicorp.com/t/delete-postgresql-flexible-server-with-ad-admins-enabled/57042 seems to be reporting the same thing