Problem managing state of security rules in NSGs

Hi Terraform Community,

I think this is a repost, but I can’t find my original request for this now

using Terraform v1.5.2
Tested: hashicorp/azurerm v3.63.0
** hashicorp/azurerm v3.86.0**
Resource Type: azurerm_network_security_group

When using terraform to delete security rules from NSGs that have themselves been created and managed in terraform state by the same pipeline we see behaviour where

  • Terraform says a security rule has been deleted (delete command accepted by provider and Azure)
  • In Azure, there is a chance that the rule delete will then fail with “RetryableError” (this can be seen in the activity log for the resource that was being updated)
  • The rule does not in fact delete from the NSG
  • The Terraform job completes successfully, which I assume means the state file updates and removes tracking for the rules its successfully deleted

Now, in a second run, when I attempt to re-add all of the rules I’ve just removed

Terraform says there is already an existing rule that is not being managed by the terraform state. Import or delete the rule

Expected behaviour:
Rules that terraform says have been successfully deleted are actually deleted in Azure managed resources
Validate with the Azure provider that the rules were in fact actually deleted or else throw an error

Is this previously known behavior or something I can modify the settings on the provider to mitigate?