terraform-provider-azurerm icon indicating copy to clipboard operation
terraform-provider-azurerm copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

azurerm_logic_app_standard removes Function Connections Authentication Keys

Open djbark opened this issue 9 months ago • 2 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Community Note

  • Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.8.2

AzureRM Provider Version

3.102.0

Affected Resource(s)/Data Source(s)

azurerm_logic_app_standard

Terraform Configuration Files

resource "azurerm_logic_app_standard" "la" {
    name                       = var.name
    location                   = var.location
    resource_group_name        = var.resource_group
    app_service_plan_id        = azurerm_service_plan.la.id
    storage_account_name       = azurerm_storage_account.la.name
    storage_account_access_key = azurerm_storage_account.la.primary_access_key
    storage_account_share_name = var.shareName
    virtual_network_subnet_id  = var.vnetId
    version                    = "~4"

    app_settings = {
        "FUNCTIONS_WORKER_RUNTIME"              = "node"
        "WEBSITE_NODE_DEFAULT_VERSION"          = "~18"
        "APPINSIGHTS_INSTRUMENTATIONKEY"        = azurerm_application_insights.la.instrumentation_key
        "APPLICATIONINSIGHTS_CONNECTION_STRING" = azurerm_application_insights.la.connection_string
        "WEBSITE_CONTENTOVERVNET"               = "1"
        "WEBSITE_VNET_ROUTE_ALL"                = "1"
    }
  
    identity {
        type = "SystemAssigned"
    }
    tags            = var.tags
}

Debug Output/Panic Output

# module.logicapp.azurerm_logic_app_standard.la will be updated in-place
  ~ resource "azurerm_logic_app_standard" "la" {
      ~ app_settings                   = {
          - "azureFunctionOperation_11_functionAppKey" = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==" -> null
          - "azureFunctionOperation_12_functionAppKey" = "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy==" -> null
          - "azureFunctionOperation_13_functionAppKey" = "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz==" -> null
          - "azureFunctionOperation_functionAppKey"    = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa==" -> null

Expected Behaviour

The Function Connection Authentication Keys that are stored in app_settings are kept.

Actual Behaviour

The Function Connection Authentication Keys that are stored in app_settings are removed.

Steps to Reproduce

  1. Create logic app via terraform
  2. Create Function Connections via the Portal
  3. Re-run terraform plan/deploy

I do not want to ignore all changes to app_settings. nor do I want to add an ignore entry for every single key that is created as I do not believe wildcards can be used. Not sure if there are any other options or whether the provider should be updated to ignore changes to these settingts?

Important Factoids

No response

References

No response

djbark avatar May 08 '24 14:05 djbark

Hi @djbark, thanks for opening the issue.

If I'm understanding the issue correctly, you want to partially ignore some items inside app_settings. I'm afraid there is no official way to achieve this for now. There is a related issue on the Terraform: https://github.com/hashicorp/terraform/issues/5666

Personally, you can try this mptf project, but it's not an official solution and it's still in development.

For any further questions please leave comments. Thanks

ziyeqf avatar May 13 '24 05:05 ziyeqf

@ziyeqf Thanks for the reply. Yes that is my issue - I want to ignore app_settings that I have absolutely no control over as part of the resource deployment. I'll have a look at mptf

djbark avatar May 14 '24 05:05 djbark

Thank you for taking the time to raise this! I am going to close this with @ziyeqf‘s response as an answer. If you have future questions, I suggest using the Community Resources, such as the Azure Provider forum.

rcskosir avatar May 20 '24 19:05 rcskosir

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

github-actions[bot] avatar Jun 20 '24 02:06 github-actions[bot]