Terraform: azurerm_subnet does not track route_table_id association.
Terraform Version
Terraform v0.7.0
Affected Resource(s)
- azurerm_subnet
Terraform Configuration Files
resource "azurerm_resource_group" "test" {
name = "acceptanceTestResourceGroup1"
location = "West US"
}
resource "azurerm_virtual_network" "test" {
name = "acceptanceTestVirtualNetwork1"
address_space = ["10.0.0.0/16"]
location = "West US"
resource_group_name = "${azurerm_resource_group.test.name}"
}
resource "azurerm_subnet" "test" {
name = "testsubnet"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_network_name = "${azurerm_virtual_network.test.name}"
address_prefix = "10.0.1.0/24"
route_table_id = "${azurerm_route_table.test.id}"
}
resource "azurerm_route_table" "test" {
name = "acceptanceTestRouteTable1"
location = "West US"
resource_group_name = "${azurerm_resource_group.test.name}"
}
Debug Output
Panic Output
Expected Behavior
The plan should detect that the subnet is not associated with the route table.
Actual Behavior
No differences were detected.
Steps to Reproduce
terraform apply- Manually disassociate the subnet and route table (either azure cli or azure portal)
Portal; You can disassociate by drilling down through ResourceGroup->RouteTable->Subnets-> Click on ... to dissassociate. terraform plan
Important Factoids
References
carinadigital
All 8 comments
The error is in the function resourceArmSubnetRead() . It doesn't have a section to read the subnet association from a routeTable object.
carinadigital
on 19 Aug 2016
Hi @carinadigital
Is this still an issue?
P.
stack72
on 2 Nov 2016
Yes. You are unable to change the Network Security Group on a subnet after initial creation.
carinadigital
on 2 Nov 2016
Maybe see #9648 for more indepth information.
carinadigital
on 2 Nov 2016
@carinadigital I ran this test with the terraform code block at the bottom of this comment to exploit this bug.
Terraform version
0.7.10
Reproduce Steps
Initial Apply
terraform apply with the no tags passed into the module.
tags = {}
Result:
Resource Group, Virtual Network, Subnet, and Route Table is create. ๐
The Route Table has the Subnet associated. ๐
Updating Apply
Update Terraform to add new tags to the module.
tags = {
newtag = "I am a new tag"
}
Result:
Tags have been added to the Resource Group, Virtual Network, and Route Table.
However, the Routes in the Route Table have been dropped (was addressed and should be fixed in the next release here). โ๏ธ
_The Subnet is no longer associated to the Route Table (this is the bug)._ โ๏ธ
Terraform Used
variable "tenant_id" {}
variable "client_id" {}
variable "client_secret" {}
variable "subscription_id" {}
variable "location" {}
variable "module_name" {}
variable "vnet_address_space" {}
variable "stack_subnet1" {}
variable "tags" {
description = "(Optional) Tags to be assigned to every resource in the module."
type = "map"
default = {}
}
provider "azurerm" {
tenant_id = "${var.tenant_id}"
subscription_id = "${var.subscription_id}"
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
}
resource "azurerm_resource_group" "module" {
name = "${var.module_name}-NI"
location = "${var.location}"
tags = "${var.tags}"
}
resource "azurerm_virtual_network" "module" {
name = "${var.module_name}-Vnet1"
resource_group_name = "${azurerm_resource_group.module.name}"
address_space = ["${var.vnet_address_space}"]
location = "${var.location}"
tags = "${var.tags}"
}
resource "azurerm_subnet" "subnet1" {
name = "${var.module_name}-SubNet1"
resource_group_name = "${azurerm_resource_group.module.name}"
virtual_network_name = "${azurerm_virtual_network.module.name}"
address_prefix = "${var.stack_subnet1}"
route_table_id = "${azurerm_route_table.module.id}"
}
resource "azurerm_route_table" "module" {
name = "${var.module_name}-RT"
location = "${var.location}"
resource_group_name = "${azurerm_resource_group.module.name}"
tags = "${var.tags}"
}
resource "azurerm_route" "route_a" {
name = "Test Route A"
resource_group_name = "${azurerm_resource_group.module.name}"
route_table_name = "${azurerm_route_table.module.name}"
address_prefix = "10.100.0.0/14"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = "10.10.1.1"
}
TStraub-rms
on 28 Nov 2016
This issue came back and hit me again.
Can we get any traction on this?
Any way I can help progress this PR/Change?
Cheers!
TStraub-rms
on 16 Dec 2016
+1
Just tried to remove a route table association from a subnet via terraform, and terraform said no changes were necessary.
geofffranks
on 7 Feb 2017
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 11 Apr 2020
Related issues
larstobi
ยท
3Comments
c4milo
ยท
3Comments
rnowosielski
ยท
3Comments
rkulagowski
ยท
3Comments
jrnt30
ยท
3Comments
Most helpful comment
@carinadigital I ran this test with the terraform code block at the bottom of this comment to exploit this bug.
Terraform version
0.7.10Reproduce Steps
Initial Apply
terraform applywith the no tags passed into the module.Result:
Resource Group, Virtual Network, Subnet, and Route Table is create. ๐
The Route Table has the Subnet associated. ๐
Updating Apply
Update Terraform to add new tags to the module.
Result:
Tags have been added to the Resource Group, Virtual Network, and Route Table.
However, the Routes in the Route Table have been dropped (was addressed and should be fixed in the next release here). โ๏ธ
_The Subnet is no longer associated to the Route Table (this is the bug)._ โ๏ธ
Terraform Used