Terraform lifecycle ignore_changes applies to all keys for azurerm_linux_web_app.site_config, although only one key is selected

Terraform Providers Azure
1

This is my first post - after several years of reading, so hopefully I do not miss something.

I’m using terraform azurerm_linux_web_app to deploy some app services.
As their content is deployed via ci pipelines there are some attributes I want/have to ignore during terraform plan / apply

So my tf module has the following lifecycle:

  lifecycle {
    ignore_changes = [
      app_settings["section1__setting"],
      app_settings["section2__setting"],
      app_settings["just_another_setting"],
      site_config["app_command_line"]
    ]
  }

On a first glance this is working like a charm. But now I added some allowed regions to site_config.cors like:

  site_config {
    cors {
      allowed_origins = var.frontendWebAppURis  # a list of strings
      support_credentials = false
    }
  }

When I run terraform plan there are no changes to be made.
If I remove site_config["app_command_line"] from ignore list the plan will contain all entries to add.

What am I missing in “ignore_changes” syntax for map keys ?

References:

PS: This is a repost of my question on stackoverflow. Initially I expected a fast reaction time there which did not happen. I will gladly share the anser there as well.

2

Did you figure out how to overcome this issue? I am facing this problem now.

3

I found a solution to this issue using a different syntax on the ignore_changes block for site_config.

Can you please try using the following code block?

  lifecycle {
    ignore_changes = [
      app_settings["section1__setting"],
      app_settings["section2__setting"],
      app_settings["just_another_setting"],
      site_config[0].app_command_line
    ]
  }
1 Like
4

@arahimee no I did not, otherwise the wisdom would have been spread :wink:

@serherca Thanks for your reply, Will try later today

1 Like