v2.7.0

ENHANCEMENTS:

• azapi_resource resource: Refactor move-state logic to centrally derive ARM IDs from data-plane IDs for selected azurerm resources.
• Add more verified azapi examples.
• Add documentation for choosing the resource type.
• azapi_resource data source: Support ignore_not_found argument and exists computed field to optionally suppress 404 errors and expose resource existence.
• azapi provider: Support for disabling instance discovery via new disable_instance_discovery provider argument and ARM_DISABLE_INSTANCE_DISCOVERY environment variable (GH-964).
• azapi provider: Support for explicit custom environment configuration where endpoints must be manually specified (GH-964).
• Update bicep types to ms-henglu/bicep-types-az@6b9ca69

BUG FIXES:

• azapi_client_config data source: Fix a bug that specified subscription ID should not be overridden by Azure CLI default subscription ID.
• azapi_resource resource: Support moving from azurerm_storage_container whose id is a data-plane URL by leveraging the resource_manager_id attribute (GH-955).
• azapi_resource resource: Support moving from azurerm_key_vault_secret whose id is a data-plane URL by leveraging the resource_versionless_id attribute (GH-917).
• azapi_resource resource: Support moving from azurerm_key_vault_key whose id is a data-plane URL by leveraging the resource_versionless_id attribute.
• Fix panic in retry policy when HTTP response is nil (GH-985).

v2.6.1

DEPRECATIONS:

• azapi provider: The maximum_busy_retry_attempts field is deprecated and will be removed in the next major release. Please remove them from the azapi provider block. The provider will use the default value for this field.

BUG FIXES:

• Fix a regression issue when authenticating via Managed Identity (MSI).
• Fix a regression issue that default retry policy doesn't work.

v2.6.0

DEPRECATIONS:

• retry block: The multiplier and randomization_factor are deprecated and will be removed in the next major release. Please remove them from the retry block. The provider will use the default values for these fields.

ENHANCEMENTS:

• Use aztfauth for the shared authentication logic.
• Update bicep types to ms-henglu/bicep-types-az@a3cf29c

BUG FIXES:

• Fix a bug that invalid resource ID containing | character is not detected when validating the configuration.
• Fix a bug that schema validation fails to validate when the discriminator field is unknown.
• Fix the crash that occurs when the identity.type returns a value that is not a string.

v2.5.0

ENHANCEMENTS:

• azapi_resource resource: ignore the changes when the body field matches the remote state even if the body field or api-version field is changed.
• azapi_resource resource: ignore the order of the identity_ids array.
• azapi_resource resource: support ignore_null_property field, which is used to ignore the null properties in the body field.
• azapi_resource resource: support sensitive_body_version field, which is used to manually control the version of the sensitive body.
• azapi_update_resource resource: remove the readonly fields from identity.userAssignedIdentities in the request body.
• Update bicep types to ms-henglu/bicep-types-az@a50156f

BUG FIXES:

• Fix a bug that schema validation fails to validate unknown string values when both body and sensitive_body are specified.
• Fix a bug that azapi_update_resource does not update the correct items in an array when the order of the items is different from the remote state.
• Update the list of readonly fields which should be excluded from the default output.

v2.4.0

FEATURES:

• New Provider Function: unique_string

ENHANCEMENTS:

• azapi_resource resource: Support schema validation in terraform validate.
• azapi_resource resource: Preflight validation supports nested resources.
• azapi resources/data sources: Support User-Agent header, which is used to specify the user agent which is appended to the default user agent.
• azapi_resource, azapi_update_resource resources: Support sensitive_body field, which is used to specify the write-only properties in the request body.
• Update bicep types to ms-henglu/bicep-types-az@0ce6ee9

BUG FIXES:

• Fix a bug that azapi_update_resource resource produced inconsistent results when only error_message_regex is changed.
• Fix a bug that azapi_resource_action resource could not be migrated correctly when the body is empty string.
• Fix a bug that after moving resource from azurerm provider, the azapi_resource resource could not be updated correctly.
• Fix a bug that azapi_resource is replaced if the API returns a readonly location.
• Fix a bug that resource group's api-version 2024-11-01 is disabled in the provider.

v2.3.0

FEATURES:

• New Ephemeral Resource: azapi_resource_action

ENHANCEMENTS:

• azapi provider: The oidc_azure_service_connection_id field can be sourced from the ARM_ADO_PIPELINE_SERVICE_CONNECTION_ID or ARM_OIDC_AZURE_SERVICE_CONNECTION_ID Environment Variables.
• azapi provider: The enable_preflight field can be sourced from the ARM_ENABLE_PREFLIGHT Environment Variable.
• azapi provider: The disable_default_output field can be sourced from the ARM_DISABLE_DEFAULT_OUTPUT Environment Variable.
• azapi provider: Support maximum_busy_retry_attempts field, which is used to specify the maximum number of busy retry attempts if the Azure API returns an HTTP 408, 429, 500, 502, 503, or 504 response.
• azapi_resource_action resource, data source: Support sensitive_response_export_values field, which is used to specify the sensitive fields to export.
• azaapi_resource_action resource, data source: Support sensitive_output field, which is a sensitive computed field that contains the fields exported by sensitive_response_export_values.
• Update bicep types to ms-henglu/bicep-types-az@c4c1c04
• azapi resources: Skip external requests when no resource changes are detected.

BUG FIXES:

• Fix a bug that query parameters and headers don't work properly with unknown values
• Fix more edge cases that the provider produced inconsistent result after apply when default output feature is enabled.
• Fix a bug that when moving resource from azurerm resource, the id could not be parsed correctly.
• Fix a bug that custom retry configuration doesn't override the default retry configuration.

v2.2.0

ENHANCEMENTS:

• azapi_resource resource: Improved 403 handling for management group resources to include child resources
• Update bicep types to ms-henglu/bicep-types-az@4da2e19

BUG FIXES:

• Fix a bug that the provider produced inconsistent result after apply when default output feature is enabled.
  Notice: Terraform will detect the output field's changes made outside of Terraform since the last "terraform apply". You can run terraform refresh to update the state file with the latest values.
• Fix a bug that the GET after PUT retry timeout doesn't work properly when the environment variable is set.

v2.1.0

FEATURES:

• azapi_resource resource: Support resource move operation, it allows moving resources from azurerm provider.

ENHANCEMENTS:

• azapi_client_config data source: Support object_id field.
• Update bicep types to ms-henglu/bicep-types-az@401bed5

BUG FIXES:

• Fix a bug when body contains an unknown float number, the provider will crash.
• Fix the crash that occurs when no tenant ID is configured in Azure CLI.
• Fix a bug that using multiple locks can result in a deadlock.

v2.0.1

NOTES

• Major Version: Version 2.0 of the AzAPI Provider is a major version - some behaviours have changed and some deprecated fields/resources have been removed - please refer to the 2.0 upgrade guide for more information.
• When upgrading to v2.0 of the AzAPI Provider, we recommend upgrading to the latest version of Terraform Core (which can be found here).

BREAKING CHANGES

• azapi_resource, azapi_update_resource resources and data sources' output field defaults to the readonly fields when the response_export_values is not specified.
• azapi_resource_list data source's output field defaults to the response when the response_export_values is not specified.
• Provider field default_naming_prefix and default_naming_suffix are removed. Please specify the naming prefix and suffix in the resource's name field instead.
• Provider field enable_hcl_output_for_data_source is removed. The output field in the data source is always in HCL format.
• The azapi_resource's removing_special_chars field is removed. Please specify the name field and remove the special characters in the name field instead.
• The ignore_body_changes field is removed. Please use the lifecyle.ignore_changes to ignore some properties when comparing the resource with its current state.
• The body field now only accepts an HCL object. Please remove the jsonencode function when using the body field.
• The output field now only exports an HCL object. Please remove the jsondecode function when using the output field.
• The use_msi field now defaults to false, please set it to true explicitly if you want to authenticate using Managed Service Identity.

ENHANCEMENTS:

• azapi_data_plane_resource resource: Support Microsoft.Purview/accounts/Scanning/managedvirtualnetworks type.
• Support a default retry policy that retries when GET request fails with 404 status code after resource creation.
• azapi provider: Support disable_default_output field, which is used to disable the default output for the resources and data sources.
• Update bicep types to ms-henglu/bicep-types-az@c3ff45d

BUG FIXES:

• Fix a bug that non-standard LRO error responses are not handled properly.

v2.0.0-beta

BREAKING CHANGES:

• Provider field default_naming_prefix and default_naming_suffix are removed. Please specify the naming prefix and suffix in the resource's name field instead.
• Provider field enable_hcl_output_for_data_source is removed. The output field in the data source is always in HCL format.
• The azapi_resource's removing_special_chars field is removed. Please specify the name field and remove the special characters in the name field instead.
• The ignore_body_changes field is removed. Please use the lifecyle.ignore_changes to ignore some properties when comparing the resource with its current state.
• The body field now only accepts an HCL object. Please remove the jsonencode function when using the body field.
• The output field now only exports an HCL object. Please remove the jsondecode function when using the output field.
• The use_msi field now defaults to false, please set it to true explicitly if you want to authenticate using Managed Service Identity.

FEATURES:

• New Provider Function: build_resource_id
• New Provider Function: parse_resource_id
• New Provider Function: subscription_resource_id
• New Provider Function: tenant_resource_id
• New Provider Function: management_group_resource_id
• New Provider Function: resource_group_resource_id
• New Provider Function: extension_resource_id

ENHANCEMENTS:

• azapi provider: Support enable_preflight field, which is used to enable Preflight Validation, the default value is false.
• azapi_resource and azapi_data_plane_resource resource: Support replace_triggers_external_values field which is used to trigger a replacement of the resource.
• azapi_resource and azapi_data_plane_resource resource: Support replace_triggers_refs field which is used to trigger a replacement of the resource.
• azapi resources and data sources: Support retry field, which is used to specify the retry configuration.
• azapi resources and data sources: Support headers and query_parameters fields, which are used to specify the headers and query parameters.
• azapi resources and data sources: The response_export_values field supports JMESPath expressions.
• Accept AZURE_CLIENT_ID and AZURE_TENANT_ID environment variables when authenticating using AKS workload identity.
• azapi provider: Support oidc_azure_service_connection_id field, which is used to specify the Azure Service Connection ID for OIDC authentication with Azure DevOps.
• Update bicep types to ms-henglu/bicep-types-az@7492c6d