Private Endpoint gets destroyed and recreated when terraform state file is refreshed

kollimouni30 · December 10, 2021, 9:19am

Hello everyone,

I have deployed storage account and Private endpoint to storage restricting the public access through a single tfvars file.
If the same tfvars file is used for creating one more storage account, existing Private endpoint is getting destroyed and recreated though there are no changes in terms of configuration. Please help.

Need to understand what is the root cause of this issue. Thanks in advance !

Module code :

main.tf

resource “azurerm_private_endpoint” “pe” {
for_each = var.private_endpoint
name = lookup(each.value, “name”)
resource_group_name = var.resource_group_name
location = var.location
subnet_id = lookup(each.value, “subnet_id”)
tags = var.tags
private_service_connection {
name = lookup(each.value, “name”)
is_manual_connection = lookup(each.value, “is_manual_connection”)
#request_message = lookup(each.value,“request_message”)
request_message = lookup(each.value, “is_manual_connection”) ? “Please approve” : null
private_connection_resource_id = lookup(each.value, “private_connection_resource_id”)
#private_connection_resource_alias = lookup(each.value, “private_connection_resource_alias”)
subresource_names = lookup(each.value, “subresource_names”)
}
private_dns_zone_group {
name = lookup(each.value, “private_dns_zone_name”)
private_dns_zone_ids = lookup(each.value, “private_dns_zone_ids”)
}
}

variables.tf

variable private_endpoint {
type = map(object({
subnet_id = any
is_manual_connection = any
private_connection_resource_id = any
subresource_names = any
#request_message = string
name = any
private_dns_zone_ids = any
private_dns_zone_name = string
}))
default = {}
}

variable resource_group_name {
type = string
default = “”
}

variable location {
type = string
default = “”
}

cody.tipton · March 1, 2022, 8:37pm

@ kollimouni30

Did you ever find a solution for this issue? I am facing the same. I had thought that for some reason tf was losing track of the private link resource in state, but found that a subsequent import of the private link results in an error stating that the private link was already managed by tf and found in state. So as best as I can tell, tf despite keeping track of the private link, sends some request that causes the link to get deleted. The end result of this behavior is that every other terraform apply fails (having sent some message, I assume checking the private link status, which unintentionally implies its deletion before the end of the run).

madinenikalyan · July 28, 2022, 1:14pm

did you find the issue ,why private endpoint is recreating.

i am also facing same issue

Topic		Replies	Views
Terraform State Refresh Error with Azurerm Storage account with private endpoint Terraform azure	11	1997	June 10, 2024
[Azure] Terraform refresh stops working after adding private endpoint to storage account Azure	5	2033	February 27, 2024
Terraform plan against storage account with private endpoint Azure	1	1328	December 8, 2023
Private Endpoint Forcing Replacement on Identical Subnet_id Azure	0	618	June 2, 2021
When using tfvars terraform want to replace the resource, instead of creating a new resource Terraform	9	1821	February 22, 2023

Private Endpoint gets destroyed and recreated when terraform state file is refreshed

Module code :

main.tf

variables.tf

Related topics