terraform-provider-azurerm: Resource must be replaced. azurerm_linux_virtual_machine must be replaced

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Terraform v0.12.24

• provider.azurerm v2.25.0
• provider.template v2.1.2
• provider.tls v2.2.0

I’m not using 0.13 yet because of this issue which blocks the terrafrom apply required.

Affected Resource(s)

• azurerm_linux_virtual_machine

Terraform Configuration Files

data "azurerm_subnet" "private" {
  name                 = "private"
  resource_group_name  = "gitlab-${var.environment}"
  virtual_network_name = data.azurerm_virtual_network.default.name
}

resource "azurerm_network_interface" "runner" {
  for_each = var.runners

  name                = "${local.prefix}-${each.key}"
  location            = azurerm_resource_group.runner.location
  resource_group_name = azurerm_resource_group.runner.name

  ip_configuration {
    name                          = "ipconfig"
    subnet_id                     = data.azurerm_subnet.private.id
    private_ip_address_allocation = "Dynamic"
  }
}


variable "runners" {
  type = map(object({
    vm_size  = string
    tag_list = string
  }))
}
runners = {
  "standard-1" = {
    vm_size  = "Standard_F2"
    tag_list = "high-memory"
  }
}
resource "azurerm_linux_virtual_machine" "runner" {
  for_each = var.runners

  name                  = "${local.prefix}-${each.key}"
  location              = azurerm_resource_group.runner.location
  resource_group_name   = azurerm_resource_group.runner.name
  size                  = each.value.vm_size
  network_interface_ids = [azurerm_network_interface.runner[each.key].id]
  admin_username        = var.admin_username
  custom_data           = data.template_cloudinit_config.server[each.key].rendered

  admin_ssh_key {
    username   = var.admin_username
    public_key = tls_private_key.ssh_keypair.public_key_openssh
  }

  source_image_reference {
    offer     = var.os_image.offer
    publisher = var.os_image.publisher
    sku       = var.os_image.sku
    version   = var.os_image.version
  }

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }
}

Expected Behavior

Nothing to change.

Actual Behavior

  # azurerm_linux_virtual_machine.runner["standard-1"] must be replaced
-/+ resource "azurerm_linux_virtual_machine" "runner" {
        admin_username                  = "admin"
        allow_extension_operations      = true
      ~ computer_name                   = "gitlab-prod-runner-standard-1" -> (known after apply)
      ~ custom_data                     = (sensitive value)
        disable_password_authentication = true
      ~ id                              = "/subscriptions/aaaa0000-aa00-aa00-aa00-aaa000aaa000/resourceGroups/gitlab-prod-runner/providers/Microsoft.Compute/virtualMachines/gitlab-prod-runner-standard-1" -> (known after apply)
        location                        = "switzerlandnorth"
        max_bid_price                   = -1
        name                            = "gitlab-prod-runner-standard-1"
        network_interface_ids           = [
            "/subscriptions/aaaa0000-aa00-aa00-aa00-aaa000aaa000/resourceGroups/gitlab-prod-runner/providers/Microsoft.Network/networkInterfaces/gitlab-prod-runner-standard-1",
        ]
        priority                        = "Regular"
      ~ private_ip_address              = "10.2.0.9" -> (known after apply)
      ~ private_ip_addresses            = [
          - "10.2.0.9",
        ] -> (known after apply)
        provision_vm_agent              = true
      + public_ip_address               = (known after apply)
      ~ public_ip_addresses             = [] -> (known after apply)
        resource_group_name             = "gitlab-prod-runner"
        size                            = "Standard_F2"
      - tags                            = {} -> null
      ~ virtual_machine_id              = "aaaa0000-aa00-aa00-aa00-aaa000aaa000" -> (known after apply)
      + zone                            = (known after apply)

        admin_ssh_key {
            public_key = <<~EOT
                ssh-rsa SOME-KEY
            EOT
            username   = "admin"
        }

      ~ os_disk {
            caching                   = "ReadWrite"
          ~ disk_size_gb              = 30 -> (known after apply)
          ~ name                      = "gitlab-prod-runner-standard-1_OsDisk_1_00000a0cb00b45f7b2b1f7754ecf23d4" -> (known after apply)
            storage_account_type      = "Standard_LRS"
            write_accelerator_enabled = false
        }

        source_image_reference {
            offer     = "UbuntuServer"
            publisher = "Canonical"
            sku       = "18.04-LTS"
            version   = "latest"
        }
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Steps to Reproduce

1. terraform apply for creating the vm
2. terraform plan for the replace

Important Factoids

It is running in Switzerland North without Availability Zones

So why is this resource being replaced without any taint nor change which implies recreation.