-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error "Provider produced inconsistent final plan" for Application Gateway TLS certs #18263
Comments
Hi @devbeard, thank you for reaching out. |
Hi, I have the same error. Terraform Version AzureRM Provider Version This is my configuration. The issue appeared after adding cert2. I tried removing the newly added code, also tried upgrading/downgrading both terraform and provider versions, but nothing helped.
|
I solved this issue by simply going to the Listeners > Listeners TLS Certificates Tab on Azure Portal, editing the certificate in question and re-selecting the certificate from the key vault. Re-ran terraform and it passed successfully. |
Thanks for taking the time to submit this issue. @mdimovskihtec had the same error and has listed a solution above. As such, I am going to mark this issue as closed. If this does not solve the issue for you, please reach out. |
@mdimovskihtec's solution isn't working for me, as I have ~50 certificates, and I can't update all of them in the portal every time I need to make a change to the application gateway. I have been resorting to deleting it and re-creating it, but the issue always resurfaces. I have tried unsuccessfully (so far) to reproduce the issue in a sample project. |
I also tried to remove the azurerm_application_gateway from the state and import it, and run into the same problem:
|
It seems to be related to the use of
When I use |
Sorry for spamming this issue, but I realised that when referring to the
Seems to have resolved the issue for now |
Can we continue the investigation in a fix in the provider? None of the solutions here are acceptable. I shouldn't need to do manually edit the application gateway or do work arounds to bypass an azurerm resource output. |
The listed workaround is NOT acceptable. The provider does not work as intended. Please re-open this issue @rcskosir |
Thanks for reaching out, I can reopen this issue. |
Same issue here. Not sure if others have noticed that as well, but we have several application gateways. The ones with only a few listener, the issue does not occur. With the ones with more (+10), it fails. After re-apply, the issue is gone. Also as a side note, whenever I add a new listener or make a change in the existing one, all other listeners/certificates/redirect_configuration/request_routing_rule...(essentially all dynamic blocks) get's planned and shown as a diff again, where I am only interessted in the one block I changed. Is there a way to prevent this? |
Any update ? |
Is there an existing issue for this?
Community Note
Terraform Version
1.2.6
AzureRM Provider Version
3.21.1
Affected Resource(s)/Data Source(s)
azurerm_application_gateway
Terraform Configuration Files
Expected Behaviour
TLS certificates rotated without state issues in provider
Actual Behaviour
After planning and applying 2-3 times, everything works as expected, but always fails on first try
Steps to Reproduce
terraform apply
Important Factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: