Terraform-provider-azurerm: how to change the API version in Terraform. (Error on required API version)

@sijusamueltech You can't change the API version in Terraform, the API version that is being used is hardcoded into the provider code:

import (
"github.com/Azure/azure-sdk-for-go/services/authorization/mgmt/2015-07-01/authorization"
)

func resourceArmRoleAssignment() *schema.Resource 

@jeffreyCline Thanks a lot for the insight. In general, how to solve the similar scenarios, when some or a part of the features are not supported by Terraform. What is the general guidance when using Azure ? Also how do we solve this specific case, where a azure built-in role like "Contributor", 'Owner" etc are supported by Terraform, but not some of the roles like "In the Virtual Machine User Login". thanks.

hey @sijusamueltech

Thanks for opening this issue :)

Whilst it appears support for this API is now available in the Azure SDK for Go.

In reference to the error message you're seeing:

Assignments to roles with DataActions and NotDataActions are not supported on API version '2015-07-01'. The minimum required API version for this operations is '2018-01-01-preview'.

IMO this is a bug in the API - where the API should be silently handling this in the background (by making a call to the newer API for you) rather than returning this error message. Whilst we'll take this as a task to update Terraform to use this new API version - I'm also going to raise a bug on the Azure side about this (since this isn't a great user experience).

Out of interest - is it possible to know if the particular role/behaviour in question is in Preview?

Thanks!

Azure SDK for Go issue: https://github.com/Azure/azure-sdk-for-go/issues/1895

hey @sijusamueltech

Just to let you know that I've opened #1284 which includes a fix for this (by upgrading to the new API version) :)

Thanks!

@tombuildsstuff Thanks for taking this issue. The role in question is "Virtual Machine User Login " . https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-user-login . (I tried only that , other than "Owner " which is working fine). And the above role has "Actions" and "DataActions". How can I get this with latest update. Do I need to check out the code and build manually, or is it available for download as package? Thanks Again!

@sijusamueltech it's not merged yet - but it'll be released as a part of v1.6 soon ™️ :)

@tombuildsstuff thank you again and it is working!!! Steps done : checked out the code and 'make build' the "authorization-sdk" branch. Then copied the output to .terraform/plugins/linux_amd64/ Performed terraform init (again) and then the usual steps terraform plan. terrraform apply . Thanks again

Hey @sijusamueltech ,

Just wanted to let you know we have released v1.6.0 of the provider, so you shouldn't have to use your own custom build anymore 🙂

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!