https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# azure
s
This message was deleted.
b
@elegant-stone-54832 can you show me the diff? it's more than likely because the upstream API doesn't allow that field to be modified
e
Do you mean this? updating stack... Updating (dev): pulumipulumiStack pulumi-test-project-dev running azure-nativeresourcesResourceGroup myapp-dev ++ azure-nativesqlServer myServer creating replacement [diff: +administrators,identity] azure-nativewebAppServicePlan pulitestserviceplan azure-nativewebWebApp myApp ++ azure-nativesqlServer myServer created replacement [diff: +administrators,identity] +- azure-nativesqlServer myServer replacing [diff: +administrators,identity] +- azure-nativesqlServer myServer replaced [diff: +administrators,identity] -- azure-nativesqlDatabase myDb deleting original -- azure-nativesqlDatabase myDb deleted original +- azure-nativesqlDatabase myDb replacing [diff: ~serverName] +- azure-nativesqlDatabase myDb replaced [diff: ~serverName] ++ azure-nativesqlDatabase myDb creating replacement [diff: ~serverName] ++ azure-nativesqlDatabase myDb created replacement [diff: ~serverName] -- azure-nativesqlServer myServer deleting original [diff: +administrators,identity] -- azure-nativesqlServer myServer deleted original [diff: +administrators,identity] pulumipulumiStack pulumi-test-project-dev
Seems like I also changed the identity column.
b
yes that helps, if you update properties in your pulumi program (like the administrators) and rerun, pulumi checks the upstreams API to determine if it allows a patch operation. if it can't, it'll replace the resource
you stop this behaviour by setting the 
ignoreChanges
resource property, so that only new instantiations of a resource will have that property, and existing ones will not be modified
finally, if you have critical resources which you want to make sure are never deleted (like databases) you can set 
protect
on the resource options
e
So when I use pulumi it is not possible to update a sql server administrator property without recreating the sql server? I could ignore this property, but then I still have not won anything 😮 Tbh for me this is a showstopper. Please correct me, if I am wrong 😕
@tall-librarian-49374 maybe you can jump in here.
b
@elegant-stone-54832 this is a limitation of the cloud api I believe
It's not unique to Pulumi
I could be wrong, but this is usually the case with other tools
e
ok, but is the terraform provider better in this scenario?
t
So, a change in this property causes a replacement
e
ok interessting thank you guys!
b
Just to answer the tf question, it'll be the same for terraform too, in case that wasn't clear
👍 1
c
@tall-librarian-49374 may I ask why this seems possible using the Azure Portal? Is there something else that does not rely on ARM api? Because if you have a db in place (more in general for everything that has a state) destroy and replace it (it depends on the server) most of the time is absolutely unthinkable 😅 Thanks!
t
this
What exactly is possible?
c
change the Administrators of the server without touching the underlying DBs...if I try to do the same in Pulumi dbs will be destroyed and re-created
t
(maybe I picked a wrong type but I think the point holds)
c
yes I saw this 😅, do you think there is a way to work around this problem? We setup the Administators with AzureAD and sometimes we need to change permissions. Can we just change them using the portal and then refresh the Pulumi state?
Copy code
Administrators = new ServerExternalAdministratorArgs
{
    AzureADOnlyAuthentication = true,
    Login = "Alm Devs",
    PrincipalType = Pulumi.AzureNative.Sql.PrincipalType.Group,
    Sid = "...",
    TenantId = "...",
}
14 Views
Open in Slack
PreviousNext
Powered by