[AVM Module Issue]: Add the possibility of associating routing tables managed outside this module

[But4ler]

Check for previous/existing GitHub issues

• I have checked for previous/existing GitHub issues

Issue Type?

Feature Request

(Optional) Module Version

No response

(Optional) Correlation Id

No response

Description

Hello
Currently:

• We create the subnets via this module
• We use the module "Azure/avm-res-network-routetable/azurerm" to create a lot of our route tables and associate them with the subnets

The problem:

• During the first tf apply, the route table module associates with the subnet, and the tf apply is OK
• During the second tf apply, the vnet module tries to remove the association with the route table subnet
• During the third tf apply, the udr module tries to create the association with the route table subnet

Would it be possible to add one option for ignore the associations of subnets and route tables on this module ?

$ terraform apply
Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:

  # module.udr_onprem_to_spokes.azurerm_route_table.this has changed
  ~ resource "azurerm_route_table" "this" {
        id                            = "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/routeTables/udr_onprem_to_spokes-npr-frc-01"
        name                          = "udr_onprem_to_spokes-npr-frc-01"
      ~ subnets                       = [
          - "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/virtualNetworks/vnet-intranettransit-npr-frc-01/subnets/GatewaySubnet",
          - "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/virtualNetworks/vnet-intranettransit-npr-frc-01/subnets/snet-intratz-agw-npr-frc-01",
          - "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/virtualNetworks/vnet-intranettransit-npr-frc-01/subnets/snet-intratz-agw-npr-frc-02",
        ]
        tags                          = {}
        # (5 unchanged attributes hidden)
    }

Thanks


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.

───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.vnet.module.subnet["agw-01"].azapi_resource.subnet will be updated in-place
  ~ resource "azapi_resource" "subnet" {
      ~ body                      = {
          ~ properties = {
              ~ routeTable                        = null -> {
                  + id = "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/routeTables/udr_onprem_to_spokes-npr-frc-01"
                }
                # (11 unchanged attributes hidden)
            }
        }
        id                        = "/subscriptions/5c3a7590-dcca-XXXXXXX-16d9ff8f338a/resourceGroups/rg-intranettransit-network-npr-01/providers/Microsoft.Network/virtualNetworks/vnet-intranettransit-npr-frc-01/subnets/snet-intratz-agw-npr-frc-01"
        name                      = "snet-intratz-agw-npr-frc-01"
      ~ output                    = {} -> (known after apply)
        # (7 unchanged attributes hidden)
    }
.....

[jaredfholgate]

Thank you for raising this. We'll take a look ASAP. Hopefully by next week.

[jaredfholgate]

This is not simple to do since Terraform modules do not support the lifecycle ignore. We'd have to duplicate the resource or use the azapi_update_resource to support this. I'll add the long term label for now and look into as time allows. We are happy to accept and review PR's of course.

[jaredfholgate]

I have taken this back to the core team to discuss as we are having more requests similar to this and need to come up with a generic solution.