Hi, we had an incident yesterday where after a

pulumi refresh

command pulumi for the next

pulumi up

got the idea that an sql server instance had to be re-created. (Despite our Pulumi code regarding the databases not having changed at all.) As a result, all databases on said server were lost. Luckily, this was our DEV environment, so no harm done, BUT I would like to investigate why this happened, to ensure something like this can never happen on PROD. How do we go about this? I can point you guys at the relevant pulumi up and refresh builds, I assume you can see more in your logs than I do, to figure out why this happened. On a separate note, I think that even if pulumi decides a database server needs to be re-created, at the very least it should come with a HUGE warning that one needs to actively confirm. Even better would be if it copied the databases, so no data gets lost.

Hi Mark. You can mark the database resources as

protected: true

and this will block this from happening in your automation.

Hi rawkode! first of all, where do I add that attribute "protected..."? second, I think I might have found out what triggers the re-creation in our case: when we go into the Azure portal and set a user as AAD sql admin on the server. (I have the same thing happening right now, I ran pulumi refresh, then pulumi preview, and I see it wants to re-create the server). re logs: here comes the portion from pulumi preview concerning the sql-server: ``` sqlserver (azure-nativesqlServer) -- azure-nativesqlServer (delete-replaced) [id=/subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgDEV/providers/Microsoft.Sql/servers/sqlserver85693a2b] [urn=urnpulumiDevelopment:☁️azure nativesqlServer:sqlserver] __createBeforeDelete : true administratorLogin : "deonsqladmin" administratorLoginPassword: "[secret]" administrators : { administratorType: "ActiveDirectory" login : "hajek@deon.de" principalType : "Group" sid : "576a4759-7452-407f-8988-e1795b8987eb" tenantId : "4194f5e7-c264-402f-b50a-1771cb365744" } location : "westeurope" minimalTlsVersion : "1.2" resourceGroupName : "rgDEV" serverName : "sqlserver85693a2b" blobServiceProperties (azure-nativestorageBlobServiceProperties) ~ azure-nativestorageBlobServiceProperties (update) [id=/subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgDEV/providers/Microsoft.Storage/storageAccounts/bsfontsb0c10337/blobServices/default] [urn=urnpulumiDevelopment:☁️azure nativestorageBlobServiceProperties:blobServiceProperties] __inputs : "[secret]" deleteRetentionPolicy : {"enabled":false} => Output<T> id : "/subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgDEV/providers/Microsoft.Storage/storageAccounts/bsfontsb0c10337/blobServices/default" => Output<T> sku : {"name":"Standard_RAGRS","tier":"Standard"} => Output<T> type : "Microsoft.Storage/storageAccounts/blobServices" => Output<T>

can you show me

pulumi preview --diff

?

sec

You only need to share the diff for the resource that's causing you problems

ah, sry

It's OK 🙂

line 306

OK

yes?

you can add

ignoreChanges: ["administrators"]

to stop this replace

where do I add this?

next to

protect

ah!

The reason for the change is that your declaration doesn't provide

administrators

directly

yes, that makes sense

Why the protect doesn't work is confusing me though

yes, me, too. also, I wonder what would happen if it tried to recreate the server, while the databases are protected. I'd hope the re-create would fail.

Cool

works!

hi five

one more question: that ignoreChanges property, how does it match? simple string.contains()? just if we need this in the future for other stuff...