azurerm_linux_function_app container_registry_managed_identity_client_id is not being used

[PaulMaksud]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

v1.7.5

AzureRM Provider Version

3.97.1

Affected Resource(s)/Data Source(s)

azurerm_linux_function_app

Terraform Configuration Files

provider "azurerm" {
  features {}
}

variable "resource_group_name" {
  type = string
}

variable "location" {
  type = string
}

variable "functionapp_service_plan_id" {
  type = string
}

variable "webapps_subnet_id" {
  type = string
}

variable "user_assigned_identity_id" {
  type = string
}

variable "user_assigned_identity_client_id" {
  type = string
}

resource "azurerm_resource_group" "example" {
  name     = var.resource_group_name
  location = var.location
}

resource "azurerm_app_service_plan" "example" {
  name                = "example-app-service-plan"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  kind                = "FunctionApp"
  reserved            = true

  sku {
    tier = "Dynamic"
    size = "Y1"
  }
}

resource "azurerm_storage_account" "example" {
  name                     = "examplestorageacct"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

resource "azurerm_linux_function_app" "example" {
  name                       = "example-function-app"
  location                   = azurerm_resource_group.example.location
  resource_group_name        = azurerm_resource_group.example.name
  service_plan_id            = azurerm_app_service_plan.example.id
  storage_account_name       = azurerm_storage_account.example.name
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  https_only                 = true

  app_settings = {
    "WEBSITE_RUN_FROM_PACKAGE" = "1"
  }

  site_config {
    minimum_tls_version                           = "1.2"
    http2_enabled                                 = true
    container_registry_use_managed_identity       = true
    container_registry_managed_identity_client_id = var.user_assigned_identity_client_id
  }

  identity {
    type         = "UserAssigned"
    identity_ids = [var.user_assigned_identity_id]
  }
}

Debug Output/Panic Output

NA

Expected Behaviour

Similar to https://github.com/hashicorp/terraform-provider-azurerm/issues/20344 but for function app when you set a container_registry_managed_identity_client_id in site config it should display in azure ui in deployment center section but it appears as unselected. It's also seems to sometimes cause instability when pulling image from the acr. When i trigger it with cli instead it's displaying correctly in deployment center section and the instability dissapear. Note that the paramter is always set to null in the descriptive json

Actual Behaviour

Instability to use the use manage identity to pull docker image. identity not set in the deployment center section

Steps to Reproduce

No response

Important Factoids

No response

References

#20344