I'm currently managing an Azure Application Gateway (WAF_v2) using Terraform with the azurerm provider. I've noticed that whenever I update the configuration, especially when adding new components like backend address pools, HTTP listeners, probes, or routing rules, Terraform ends up proposing a complete redeployment of the entire Application Gateway. This means it plans to destroy and recreate the whole gateway instead of just making incremental changes. I've tried using for_each within the azurerm_application_gateway resource to manage these blocks dynamically, but it doesn't resolve the issue. This repeated full redeployment leads to extended downtimes for my production workloads whenever I want to modify or add specific parts. Has anyone figured out a way to prevent this behavior and make changes without causing the entire Application Gateway to redeploy in Terraform?
5 Answers
If you’re using lists, I recommend switching to maps. They can provide more stability and prevent issues with changes triggering full redeploys.
Can you share your code? Adding or removing those blocks shouldn't cause the entire application gateway to redeploy. Normally, Terraform handles these changes better. Just a heads-up, the way Terraform structures certain properties as Sets can lead to this issue, as it doesn't manage the order of elements. When anything is added or removed, it views it as a total change and ends up recreating everything instead of just updating what's needed.
Whoever designed the Azure Application Gateway configuration without sub-resources seems to have overlooked usability. This approach can lead to excessive redeployments that are frustrating.
You might be facing a known issue mentioned here: https://github.com/hashicorp/terraform-provider-azurerm/issues/16136#issuecomment-2658678703. It suggests that while it shows everything is being recreated, it shouldn't truly do that if set up correctly. It really complicates the resource's usability.
You might want to try using the ignore_changes argument. It can help you avoid the replacement of the whole resource when you modify certain attributes. Just remember that it’s useful to prevent unwanted behavior for specific settings you change.
Related Questions
How To: Running Codex CLI on Windows with Azure OpenAI
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically