Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[azurerm_mssql_server] updating administrator_login_password throws error even though azuread_authentication_only is disabled #25116

Open
1 task done
AtakanColak opened this issue Mar 1, 2024 · 4 comments · May be fixed by #25182
Open
1 task done

[azurerm_mssql_server] updating administrator_login_password throws error even though azuread_authentication_only is disabled #25116

AtakanColak opened this issue Mar 1, 2024 · 4 comments · May be fixed by #25182
Labels
bug service/mssql Microsoft SQL Server v/3.x

Comments

@AtakanColak
Copy link

AtakanColak commented Mar 1, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.5.7

AzureRM Provider Version

3.84.0

Affected Resource(s)/Data Source(s)

azurerm_mssql_server

Terraform Configuration Files

resource "azurerm_mssql_server" "sql_server" {
  name                         = local.sql_server_name
  resource_group_name          = azurerm_resource_group.rg.name
  location                     = azurerm_resource_group.rg.location
  version                      = "12.0"
  administrator_login          = local.sql_admin_username // not present in previous state
  administrator_login_password = local.sql_admin_password // not present in previous state
  minimum_tls_version          = "1.2"
  connection_policy            = "Proxy"

  identity {
    type = "SystemAssigned"
  }

  azuread_administrator {
    login_username              = data.azuread_group.sql_admin_ad_group.display_name
    object_id                   = data.azuread_group.sql_admin_ad_group.id
    azuread_authentication_only = false // true in previous state 
  }
}

Debug Output/Panic Output

administrator_login_password` cannot be changed once `azuread_administrator.0.azuread_authentication_only = true

Expected Behaviour

It should have allowed the change because azuread_authentication_only IS false in the current config

Actual Behaviour

It didn't allow the change because azuread_authentication_only is true in the previous state

Steps to Reproduce

No response

Important Factoids

No response

References

This issue is basically the opposite of #14348
@github-actions github-actions bot added the service/mssql Microsoft SQL Server label Mar 1, 2024
@rcskosir rcskosir added the v/3.x label Mar 1, 2024
@sinbai
Copy link
Contributor

sinbai commented Mar 4, 2024

Hi @AtakanColak thanks for opening this issue. I would like to explain that the value TF checks for azuread_administrator.0.azuread_authentication_only is from the state file, but not the current configuration. Could you please check the value of azuread_administrator.0.azuread_authentication_only in state file whether is true? If so, I assume this is by design.

@AtakanColak
Copy link
Author

Hi @sinbai, thank you for your response. I do think the current state would have the value as true, and thus producing the error.

My point in raising this issue is, by only checking against state for this change, it becomes impossible to reverse from azuread_authentication_only=True back to azuread_authentication_only=False without manual intervention.

@sinbai sinbai linked a pull request Mar 8, 2024 that will close this issue
Open
4 tasks
@sinbai
Copy link
Contributor

sinbai commented Mar 8, 2024

Hi @AtakanColak I have submitted PR to fix this issue. Could you please track it for more updates?

@rcskosir rcskosir added the bug label Mar 8, 2024
@AtakanColak
Copy link
Author

Thanks @sinbai will track from there!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug service/mssql Microsoft SQL Server v/3.x
Projects
None yet
Milestone
No milestone
3 participants
@AtakanColak @sinbai @rcskosir