Hi all, trying to diagnose an issue in production with our Pulumi pipeline. It uses and AzureAD Provider (Terraform under the covers?) with a clientid/secret as follows:

var userTenantProvider = new Provider("UserTenantProvider", new ProviderArgs

{

TenantId = _config.Environment.ActiveDirectory.UserTenantId,

ClientId = _userTenantProviderConfig.ClientId,

ClientSecret = _userTenantProviderConfig.ClientSecret

});

The secret has been rotated and the new one is passed into the pipeline. However the pipeline still fails with the following message: _building client: unable to obtain access token: clientCredentialsToken: received HTTP status 401 with response: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '[secret]'._ The pipeline was working fine before the secret changed, it's as if the old one is cached somewhere. Any ideas?