Skip to content

Instantly share code, notes, and snippets.

@magodo

magodo/27733_migrate.md

Last active December 7, 2024 01:27
Show Gist options
  • Save magodo/386c3ff5a9acd4cf6eb76540d39b2e84 to your computer and use it in GitHub Desktop.
Save magodo/386c3ff5a9acd4cf6eb76540d39b2e84 to your computer and use it in GitHub Desktop.
Download ZIP
AzureRM #27733 Breaking Change Migration Step
Raw
27733_migrate.md

Discussion below based on terraform-provider-azurerm v4.13.0

Problem

#27733 Introduces a couple of breaking changes:

  1. Introduces storage_account_id in azurerm_storage_container and azurerm_storage_share and deprecates the storage_account_name.

  2. Depending on whether the new storage_account_id or the the deprecated storage_account_name is used, the two resources above will change their behavior:

    • storage_account_name used: Data plane API is used to manage the resource. The resource id is the data plane endpoint
    • storage_account_id: used: Management plane API is used to manage the resource. The resource id is the management plane id

  3. If the storage_account_id is used, any downstream resource that depend on the id of the azurerm_storage_container or azurerm_storage_share will break (as it is now a management palne id).

    Examples: azurerm_storage_share_file, azurerm_storage_share_directory

Fix

Following sections talks about how to manually migrate to using the new storage_account_id for modules not applied (i.e. stateless), and modules that have been applied (i.e. stateful).

  1. (stateful only) Re-import the azurerm_storage_container and azurerm_storage_share, since the import logic will import your resource with the storage_account_id only:

    For azurerm_storage_container:

    addr=azurerm_storage_container.foo
id=$(terraform state show $addr | hclgrep -x 'resource_manager_id = $x' -w x | tr -d '"')

terraform state rm $addr
terraform import $addr $id

    For azurerm_storage_share, though it also has the resource_manager_id attribute, but it is a slightly different in the old version (the one in the state) than the expected one. The last segment has to be renamed from fileshares to shares:

    addr=azurerm_storage_share.foo
id=$(terraform state show $addr | hclgrep -x 'resource_manager_id = $x' -w x | tr -d '"'|  sed 's;/fileshares/;/shares/;')

terraform state rm $addr
terraform import $addr $id

    The two resources are now imported with storage_account_id only, hence they are behaving as the new way, i.e. management resource id and management plane API only.

  2. Update the config for azurerm_storage_container and azurerm_storage_share to use storage_account_id

  3. Update the config for the downstream resources that reference the id of azurerm_storage_container and azurerm_storage_share:

    1. For azurerm_storage_share downstream resources, changing from azurerm_storage_share.foo.id to azurerm_storage_share.foo.url
    2. For azurerm_storage_container downstream resources, there is no endpoint defined in this resource itself. While can be constructed by combining azurerm_storage_account.foo.primary_blob_endpoint and azurerm_storage_container.foo.name

Reference

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment