Skip to content

Releases: hashicorp/terraform-provider-azurerm


17 May 06:20
Choose a tag to compare


  • New Data Source: azurerm_elastic_san (#25719)


  • New Resource - azurerm_key_vault_managed_hardware_security_module_key (#25935)
  • Data Source - azurerm_kubernetes_service_version - support for the default_version property (#25953)
  • network/applicationgateways - update to use hashicorp/go-azure-sdk (#25844)
  • dataprotection - update API version to 2024-04-01 (#25882)
  • databasemigration - update API version to 2021-06-30 (#25997)
  • network/ips - update to use hashicorp/go-azure-sdk (#25905)
  • network/localnetworkgateway - update to use hashicorp/go-azure-sdk (#25905)
  • network/natgateway - update to use hashicorp/go-azure-sdk (#25905)
  • network/networksecuritygroup - update to use hashicorp/go-azure-sdk (#25971)
  • network/publicips - update to use hashicorp/go-azure-sdk (#25971)
  • network/virtualwan - update to use hashicorp/go-azure-sdk (#25971)
  • network/vpn - update to use hashicorp/go-azure-sdk (#25971)
  • azurerm_databricks_workspace - support for the default_storage_firewall_enabled property (#25919)
  • azurerm_key_vault - allow previously existing key vaults to continue to manage the contact field prior to the v3.93.0 conditional polling change (#25777)
  • azurerm_linux_function_app - support for the PowerShell 7.4 (#25980)
  • azurerm_log_analytics_cluster - support for the value UserAssigned in the identity.type property (#25940)
  • azurerm_pim_active_role_assignment - remove hard dependency on the roleAssignmentScheduleRequests API, so that role assignments will not become unmanageable over time (#25956)
  • azurerm_pim_eligible_role_assignment - remove hard dependency on the roleEligibilityScheduleRequests API, so that role assignments will not become unmanageable over time (#25956)
  • azurerm_windows_function_app - support for the PowerShell 7.4 (#25980)


  • azurerm_container_app_job - Allow event_trigger_config.scale.min_executions to be 0 (#25931)
  • azurerm_container_app_job - update validation to allow the replica_retry_limit property to be set to 0 (#25984)
  • azurerm_data_factory_trigger_custom_event - one of subject_begins_with and subject_ends_with no longer need to be set (#25932)
  • azurerm_kubernetes_cluster_node_pool - prevent race condition by checking the virtual network status when creating a node pool with a subnet ID (#25888)
  • azurerm_postgresql_flexible_server - fix for default storage_tier value when storage_mb field has been changed (#25947)
  • azurerm_pim_active_role_assignment - resolve a number of potential crashes (#25956)
  • azurerm_pim_eligible_role_assignment - resolve a number of potential crashes (#25956)
  • azurerm_redis_enterprise_cluster_location_zone_support - add Central India zones support (#26000)
  • azurerm_sentinel_alert_rule_scheduled - the alert_rule_template_version property is no longer ForceNew (#25688)
  • azurerm_storage_sync_server_endpoint - preventing a crashed due to initial_upload_policy (#25968)


10 May 08:05
Choose a tag to compare


  • loadtest - fixing an issue where the SDK Clients weren't registered (#25920)


10 May 00:54
Choose a tag to compare


  • New Resource: azurerm_container_app_job (#23871)
  • New Resource: azurerm_container_app_environment_custom_domain (#24346)
  • New Resource: azurerm_data_factory_credential_service_principal (#25805)
  • New Resource: azurerm_network_manager_connectivity_configuration (#25746)
  • New Resource: azurerm_maintenance_assignment_dynamic_scope (#25467)
  • New Resource: azurerm_virtual_machine_gallery_application_assignment (#22945)
  • New Resource: azurerm_virtual_machine_automanage_configuration_assignment (#25480)


  • provider - support for the recover_soft_deleted_backup_protected_vm feature (#24157)
  • dependencies: updating to v0.69.0 (#25903)
  • loganalytics - update cluster resource to api version 2022-01-01 (#25686)
  • azurerm_bastion_host - support for the kerberos_enabled property (#25823)
  • azurerm_container_app - secrets can now be removed (#25743)
  • azurerm_container_app_environment - support for the custom_domain_verification_id property (#24346)
  • azurerm_linux_virtual_machine - support for the additional capability hibernation_enabled (#25807)
  • azurerm_linux_virtual_machine - support for additional values for the license_type property (#25909)
  • azurerm_linux_virtual_machine_scale_set - support for the maximum_surge_instances property for vmss rolling upgrades (#24914)
  • azurerm_windows_virtual_machine - support for the additional capability hibernation_enabled (#25807)
  • azurerm_windows_virtual_machine_scale_set - support for the maximum_surge_instances_enabled property for vmss rolling upgrades (#24914)
  • azurerm_storage_account - support for the permanent_delete_enabled property within retention policies (#25778)


  • azurerm_kubernetes_cluster - erase load_balancer_profile when changing network_profile.outbound_type from loadBalancer to another outbound type (#25530)
  • azurerm_log_analytics_saved_search - the function_parameters property now repsects the order of elements (#25869)
  • azurerm_linux_web_app - fix slow_request with path issue in auto_heal by adding support for slow_request_with_path block (#20049)
  • azurerm_linux_web_app_slot - fix slow_request with path issue in auto_heal by adding support for slow_request_with_path block (#20049)
  • azurerm_monitor_private_link_scoped_service - normalize case of the linked_resource_id property during reads (#25787)
  • azurerm_role_assignment - add addtional retry logic to assist with cross-tenant use (#25853)
  • azurerm_web_pubsub_network_acl - fixing a crash when networkACL.PublicNetwork.Deny was nil (#25886)
  • azurerm_windows_web_app - fix slow_request with path issue in auto_heal by adding support for slow_request_with_path block (#20049)
  • azurerm_windows_web_app_slot - fix slow_request with path issue in auto_heal by adding support for slow_request_with_path block (#20049)


03 May 02:19
Choose a tag to compare


  • New Resource: azurerm_storage_sync_server_endpoint (#25831)
  • New Resource: azurerm_storage_container_immutability_policy (#25804)


  • azurerm_load_test - add support for encryption (#25759)
  • azurerm_network_connection_monitor - update validation for target_resource_type and target_resource_id (#25745)
  • azurerm_mssql_managed_database - support for a Restorable Database ID to be used as the source_database_id for point in time restore (#25568)
  • azurerm_storage_account - support for the managed_hsm_key_id property (#25088)
  • azurerm_storage_account_customer_managed_key - support for the managed_hsm_key_id property (#25088)


  • azurerm_linux_function_app - now sets docker registry url in linux_fx_version by default (#23911)
  • azurerm_resource_group - work around sporadic eventual consistency errors (#25758)


  • azurerm_key_vault_managed_hardware_security_module_role_assignment - the vault_base_url property has been deprecated in favour of the managed_hsm_id property (#25601)


26 Apr 04:44
Choose a tag to compare


  • dependencies: updating to v0.20240424.1114424 of (#25749)
  • dependencies: updating to v0.27.0 of (#25702)
  • dependencies: updating to 0.23.0
  • azurerm_cognitive_account - the kind property now supports ConversationalLanguageUnderstanding (#25735)
  • azurerm_container_app_custom_domain - support the ability to use Azure Managed Certificates (#25356)


  • Data Source: azurerm_application_insights - set correct AppID in data source (#25687)
  • azurerm_virtual_network - suppress diff in ordering for address_space due to inconsistent API response (#23793)
  • azurerm_storage_data_lake_gen2_filesystem - add context deadline for import (#25712)
  • azurerm_virtual_network_gateway - preserve existing nat_rules on updates (#25690)


19 Apr 04:52
Choose a tag to compare


  • dependencies: updating hashicorp/go-azure-sdk to v0.20240417.1084633 (#25659)
  • compute - update Virtual Machine and Virtual Machine Scale Set resources and data sources to use hashicorp/go-azure-sdk (#25533)
  • machine_learning - Add new machine_learning block that supports purge_soft_deleted_workspace_on_destroy (#25624)
  • loganalytics - update cluster resource to use hashicorp/go-azure-sdk (#23373)
  • Data Source: azurerm_management_group - now exports the tenant_scoped_id attribute (#25555)
  • azurerm_container_app - the ingress.ip_security_restriction.ip_address_range property will now accept an IP address as valid input (#25609)
  • azurerm_container_group - the identity block can now be updated (#25543)
  • azurerm_express_route_connection - support for the private_link_fast_path_enabled property (#25596)
  • azurerm_hdinsight_hadoop_cluster - support for the private_link_configuration block (#25629)
  • azurerm_hdinsight_hbase_cluster - support for the private_link_configuration block (#25629)
  • azurerm_hdinsight_interactive_query_cluster - support for the private_link_configuration block (#25629)
  • azurerm_hdinsight_kafka_cluster - support for the private_link_configuration block (#25629)
  • azurerm_hdinsight_spark_cluster - support for the private_link_configuration block (#25629)
  • azurerm_management_group - now exports the tenant_scoped_id attribute (#25555)
  • azurerm_monitor_activity_log_alert - support for the location property (#25389)
  • azurerm_mysql_flexible_server - update validating regex for sku_name (#25642)
  • azurerm_postgresql_flexible_server - support for the GeoRestore create_mode (#25664)
  • azurerm_virtual_network_gateway_connection - support for the private_link_fast_path_enabled property (#25650)
  • azurerm_windows_web_app - support for the handler_mapping block (#25631)
  • azurerm_windows_web_app_slot - support for the handler_mapping block (#25631)


  • storage: prevent a bug causing the second storage account key to be used for authentication instead of the first (#25652)
  • azurerm_active_directory_domain_service - prevent an issue where filtered_sync_enabled was not being updated (#25594)
  • azurerm_application_insights - add a state migration to fix the resource ID casing of Application Insights resources (#25628)
  • azurerm_function_app_hybrid_connection - can now use relay resources created in a different resource group (#25541)
  • azurerm_kubernetes_cluster_node_pool - prevent plan diff when the windows_profile.outbound_nat_enabled property is unset (#25644)
  • azurerm_machine_learning_compute_cluster - fix location to point to parent resource for computes (#25643)
  • azurerm_machine_learning_compute_instance - fix location to point to parent resource for computes (#25643)
  • azurerm_storage_account - check replication type when evaluating support level for shares and queues for V1 storage accounts (#25581)
  • azurerm_storage_account - added a sanity check for dns_endpoint_type and blob_properties.restore_policy (#25450)
  • azurerm_web_app_hybrid_connection - can now use relay resources created in a different resource group (#25541)
  • azurerm_windows_web_app - prevent removal of site_config.application_stack.node_version when app_settings are updated (#25488)
  • azurerm_windows_web_app_slot - prevent removal of site_config.application_stack.node_version when app_settings are updated (#25489)


  • logz - the Logz resources are deprecated and will be removed in v4.0 of the AzureRM Provider since the API no longer allows new instances to be created (#25405)
  • azurerm_machine_learning_compute_instance - marked the location field as deprecated in v4.0 of the provider (#25643)
  • azurerm_kubernetes_cluster - the following properties have been deprecated since the API no longer supports cluster creation with legacy Azure Entra integration: client_app_id, server_app_id, server_app_secret and managed (#25200)


12 Apr 01:35
Choose a tag to compare


  • azurerm_linux_web_app - site_config.0.application_stack.0.java_version must be specified with java_server and java_server_version (#25553)


  • dependencies: updating to v0.20240411.1104331 of and (#25546)
  • dependencies: updating to v0.26.1 of (#25551)
  • azurerm_key_vault - deprecate the contact property from v3.x provider and update properties to Computed & Optional (#25552)
  • azurerm_key_vault_certificate_contacts - in v4.0 make the contact property optional to allow for deletion of contacts from the key vault (#25552)
  • azurerm_signalr_service - support for setting the sku property to Premium_P2 (#25578)
  • azurerm_snapshot - support for the network_access_policy and public_network_access_enabled properties (#25421)
  • azurerm_storage_account - extend the support level of (blob|queue|share)_properties for Storage kind (#25427)
  • azurerm_storage_blob - support for the encryption_scope property (#25551)
  • azurerm_storage_container - support for the default_encryption_scope and encryption_scope_override_enabled properties (#25551)
  • azurerm_storage_data_lake_gen2_filesystem - support for the default_encryption_scope property (#25551)
  • azurerm_subnet - the property now supports Oracle.Database/networkAttachments (#25571)
  • azurerm_web_pubsub - support setting the sku property to Premium_P2 (#25578)


  • provider: fix an issue where the provider was not correctly configured when using a custom metadata host (#25546)
  • storage: fix a number of potential crashes during plan/apply with resources using the Storage data plane API (#25525)
  • azurerm_application_insights - fix issue where the wrong Application ID was set into the property app_id (#25520)
  • azurerm_application_insights_api_key - add a state migration to re-case static segments of the resource ID (#25567)
  • azurerm_container_app_environment_certificate - the subject_name attribute is now correctly populated (#25516)
  • azurerm_function_app_slot - will now taint the resource when partially created (#24520)
  • azurerm_linux_function_app - will now taint the resource when partially created (#24520)
  • azurerm_managed_disk - filtering the Resource SKUs response to reduce the memory overhead, when determining whether a Managed Disk can be online resized or not (#25549)
  • azurerm_monitor_alert_prometheus_rule_group - the severity property is now set correctly when 0 (#25408)
  • azurerm_monitor_smart_detector_alert_rule - normalising the value for id within the action_group block (#25559)
  • azurerm_redis_cache_access_policy_assignment - the object_id_alias property now allows usernames (#25523)
  • azurerm_windows_function_app - will not taint the resource when partially created (#24520)
  • azurerm_windows_function_app - will not taint the resource when partially created (#24520)


  • azurerm_cosmosdb_account - the connection_strings property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly (#25510)
  • azurerm_cosmosdb_account - the enable_free_tier property has been superseded by free_tier_enabled (#25510)
  • azurerm_cosmosdb_account - the enable_multiple_write_locations property has been superseded by multiple_write_locations_enabled (#25510)
  • azurerm_cosmosdb_account - the enable_automatic_failover property has been superseded by automatic_failover_enabled (#25510)


05 Apr 03:09
Choose a tag to compare


  • New Resource: azurerm_static_web_app_function_app_registration (#25331)
  • New Resource: azurerm_system_center_virtual_machine_manager_inventory_items (#25110)
  • New Resource: azurerm_workloads_sap_discovery_virtual_instance (#24342)
  • New Resource: azurerm_redis_cache_policy (#25477)
  • New Resource: azurerm_redis_cache_policy_assignment (#25477)


  • dependencies: updating to v0.20240402.1085733 of (#25482)
  • dependencies: updating to v0.67.0 of (#25446)
  • dependencies: updating to v0.25.4 of (#25404)
  • alertsmanagement - updating remaining resources to use hashicorp/go-azure-sdk (#25486)
  • applicationinsights - updating remaining resources to use hashicorp/go-azure-sdk (#25376)
  • compute - update to API version 2024-03-01 (#25436)
  • compute - update shared image resources and data sources to use hashicorp/go-azure-sdk (#25503)
  • containerinstance - update to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#25416)
  • maintenance - updating to API Version 2023-04-01 (#25388)
  • recovery_services - Add recovery_service block to the provider that supports vm_backup_stop_protection_and_retain_data_on_destroy and purge_protected_items_from_vault_on_destroy(#25515)
  • storage - the Storage Account cache is now populated using hashicorp/go-azure-sdk (#25437)
  • azurerm_bot_service_azure_bot - support for the cmk_key_vault_key_url property (#23640)
  • azurerm_capacity_reservation - update validation for capacity (#25471)
  • azurerm_container_app - add support for key_vault_id and identity properties in the secret block (#24773)
  • azurerm_databricks_workspace - expose managed_services_cmk_key_vault_id and managed_disk_cmk_key_vault_id and key_vault_id to support cross subscription CMK's. (#25091)
  • azurerm_databricks_workspace_root_dbfs_customer_managed_key - expose key_vault_id to support cross subscription CMK's. (#25091)
  • azurerm_managed_hsm_role_*_ids - use specific resource id to replace generic nested item id (#25323)
  • azurerm_mssql_database - add support for secondary_type (#25360)
  • azurerm_monitor_scheduled_query_rules_alert_v2 - support for the identity block (#25365)
  • azurerm_mssql_server_extended_auditing_policy - support for audit_actions_and_groups and predicate_expression (#25425)
  • azurerm_netapp_account - can now be imported (#25384)
  • azurerm_netapp_volume - support for the kerberos_enabled, smb_continuous_availability_enabled, kerberos_5_read_only_enabled, kerberos_5_read_write_enabled, kerberos_5i_read_only_enabled, kerberos_5i_read_write_enabled, kerberos_5p_read_only_enabled, and kerberos_5p_read_write_enabled properties (#25385)
  • azurerm_recovery_services_vault - upgrading to version 2024-01-01 (#25325)
  • azurerm_stack_hci_cluster - the client_id property is now optional (#25407)
  • azurerm_storage_encryption_scope - refactoring to use hashicorp/go-azure-sdk rather than Azure/azure-sdk-for-go (#25437)
  • azurerm_mssql_elasticpool - the maintenance_configuration_name property now supports values SQL_SouthAfricaNorth_DB_1, SQL_SouthAfricaNorth_DB_2, SQL_WestUS3_DB_1 and SQL_WestUS3_DB_2 (#25500)
  • azurerm_lighthouse_assignment - updating API Version from 2019-06-01 to 2022-10-01 (#25473)


  • network - updating the GatewaySubnet validation to show the Subnet Name when the validation fails (#25484)
  • azurerm_function_app_hybrid_connection - fix an issue during creation when send_key_name is specified (#25379)
  • azurerm_linux_web_app_slot - fix a crash when upgrading the provider to v3.88.0 or later (#25406)
  • azurerm_mssql_database - update the behavior of the enclave_type field. (#25508)
  • azurerm_mssql_elasticpool - update the behavior of the enclave_type field. (#25508)
  • azurerm_network_manager_deployment - add locking (#25368)
  • azurerm_resource_group_template_deployment - changes to parameters_content and template_content now force output_content to be updated in the plan (#25403)
  • azurerm_storage_blob - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_container - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_data_lake_gen2_filesystem - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_data_lake_gen2_filesystem_path - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_queue - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_share - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_share_directory - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_share_directory - resolve an issue where directories might fail to destroy (#25404)
  • azurerm_storage_share_file - fix a potential crash when the endpoint is unreachable (#25404)
  • azurerm_storage_share_file - fix several bugs with path handling when creating files in subdirectories (#25404)
  • azurerm_web_app_hybrid_connection - fix an issue during creation when send_key_name is specified (#25379)
  • azurerm_windows_web_app - prevent a panic during resource upgrade (#25509)


22 Mar 09:21
Choose a tag to compare


  • azurerm_nginx_deployment - support for the configuration block (#24276)


  • azurerm_data_factory_integration_runtime_self_hosted - ensure that autorizationh keys are exported (#25246)
  • azurerm_storage_account - defaulting the value for dns_endpoint_type to Standard when it's not returned from the Azure API (#25367)


22 Mar 05:32
Choose a tag to compare


  • azurerm_linux_function_app - app_settings["WEBSITE_RUN_FROM_PACKAGE"] must be added to ignore_changes for deployments where an external tool modifies the WEBSITE_RUN_FROM_PACKAGE property in the app_settings block. (#24848)
  • azurerm_linux_function_app_slot - app_settings["WEBSITE_RUN_FROM_PACKAGE"] must be added to ignore_changes for deployments where an external tool modifies the WEBSITE_RUN_FROM_PACKAGE property in the app_settings block. (#24848)


  • New Resource: azurerm_elastic_san_volume (#24802)


  • dependencies: updating to v0.25.3 of (#25362)
  • dependencies: updating to v0.20240321.1145953 of (#25332)
  • dependencies: updating to v0.25.2 of (#25305)
  • azurestackhci: updating to API Version 2024-01-01 (#25279)
  • monitor/scheduledqueryrules: updatingt to API version 2023-03-15-preview (#25350)
  • cosmosdb: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#25166)
  • Data Source azurerm_stack_hci_cluster: refactoring the association to use hashicorp/go-azure-sdk (#25293)
  • azurerm_app_configuration - support for Environments other than Azure Public (#25271)
  • azurerm_automanage_configuration - refactoring to use hashicorp/go-azure-sdk (#25293)
  • azurerm_container_app_environment - add support for Consumption workload profile (#25285)
  • azurerm_cosmosdb_postgresql_cluster - expose list of server names and FQDN in the servers block (#25240)
  • azurerm_data_share - hyphens are now allowed in the resource's name (#25242)
  • azurerm_data_factory_integration_runtime_azure_ssis - support for the copy_compute_scale and pipeline_external_compute_scale blocks (#25281)
  • azurerm_healthcare_service - support for the identity and configuration_export_storage_account_name properties (#25193)
  • azurerm_nginx_deployment - support the auto_scale_profile block (#24950)
  • azurerm_netapp_account_resource - support for the kerberos_ad_name, kerberos_kdc_ip property, enable_aes_encryption, local_nfs_users_with_ldap_allowed, server_root_ca_certificate, ldap_over_tls_enabled, and ldap_signing_enabled properties (#25340)
  • azurerm_netapp_account_resource - support for [Support for Azure Netapp Files - AD Site Name #12462] via the site_name property (#25340)
  • azurerm_stack_hci_cluster: refactoring the association to use hashicorp/go-azure-sdk (#25293)
  • azurerm_storage_account - support for the dns_endpoint_type property (#22583)
  • azurerm_storage_blob_inventory_policy - refactoring to use hashicorp/go-azure-sdk (#25268)
  • azurerm_synapse_spark_pool - added support for 3.4 (#25319)


  • Data Source: azurerm_storage_blob - fix a bug that incorrectly parsed the endpoint in the resource ID (#25283)
  • Data Source: azurerm_storage_table_entity - fixing a regression when parsing the table endpoint (#25307)
  • netapp_account_resource - correct the smb_server_name property validation (#25340)
  • azurerm_backup_policy_file_share - prevent a bug when the include_last_days property does not work when days is empty (#25280)
  • azurerm_backup_policy_vm - prevent a bug when the include_last_days property does not work when days is empty (#25280)
  • azurerm_container_app_custom_domain - prevent an issue where the secret was not being passed through (#25196) (#25251)
  • azurerm_data_protection_backup_instance_kubernetes_cluster - prevent the protection errosr ScenarioPluginInvalidWorkflowDataRequest and UserErrorKubernetesBackupExtensionUnhealthy [azurerm_data_protection_backup_instance_kubernetes_cluster is created with message "Fix protection error for the backup instance" and code ScenarioPluginInvalidWorkflowDataRequest #25294] (#25345)
  • azurerm_purview_account - will now allow for PurView accounts with missing or disabled eventhubs without keys (#25301)
  • azurerm_storage_account - fix a crash when the storage account becomes unavailable whilst reading (#25332)
  • azurerm_storage_blob - fixing a regression where blobs within a nested directory wouldn't be parsed correctly (#25305)
  • azurerm_storage_data_lake_gen2_path - fixing a bug where there was no timeout available during import (#25282)
  • azurerm_storage_queue - fixing a bug where the Table URI was obtained rather than the Queue URI (#25262)
  • azurerm_subscription - fixing an issue when creating a subscription alias (#25181)