Terraform Azure Provider: 7 New Features in Automation Runbook, Kusto Eventgrid Data Connection

Impact Assessment

Severity rating: Moderate

This update brings a mix of new features and behavior changes to various Azure resources, including the addition of support for Python 3.14 in Linux Function Apps and changes to the validation of certain properties, which may require adjustments to existing configurations.

Detailed Breakdown

#### Azure Automation Runbook

What specifically changed: The azurerm_automation_runbook resource now supports the runtime_environment_name property.

Why this matters: This addition allows for more flexibility in managing runbook environments.

Concrete migration steps: Review existing runbooks and update their configurations to utilize the new runtime_environment_name property if necessary.

#### Azure Kusto Eventgrid Data Connection

What specifically changed: The validation for the eventhub_consumer_group_name property in azurerm_kusto_eventgrid_data_connection now allows $Default as input.

Why this matters: This change provides more options for configuring event hub consumer groups.

Concrete migration steps: Update existing data connections to take advantage of the new validation rule if applicable.

#### Azure Linux Function App and Slot

What specifically changed: Both azurerm_linux_function_app and azurerm_linux_function_app_slot now support Python 3.14 in their site_config.application_stack.python_version.

Why this matters: This update allows developers to use a more recent version of Python for their function apps.

Concrete migration steps: Review function app configurations and update the python_version to 3.14 if necessary.

#### Azure Netapp Volume Group SAP Hana Resource

What specifically changed: The azurerm_netapp_volume_group_sap_hana_resource now supports additional properties: zone, encryption_key_source, key_vault_private_endpoint_id, and network_features.

Why this matters: These additions enhance the security and configuration capabilities of NetApp volume groups.

Concrete migration steps: Evaluate the need for these new properties in existing volume group configurations and update them accordingly.

#### Azure User Assigned Identity

What specifically changed: The azurerm_user_assigned_identity resource now supports the isolation_scope property.

Why this matters: This property can help in managing the isolation of user-assigned identities.

Concrete migration steps: Consider adding the isolation_scope property to existing user-assigned identity configurations if required.

#### Azure Kubernetes Cluster

What specifically changed: The network_policy property of azurerm_kubernetes_cluster now allows updating from calico to cilium.

Why this matters: This change provides more flexibility in managing network policies for Kubernetes clusters.

Concrete migration steps: Review cluster configurations and update the network_policy if a switch from calico to cilium is desired.

#### Azure Logic App Trigger HTTP Request

What specifically changed: An issue preventing the import of existing resources due to empty trigger inputs in azurerm_logic_app_trigger_http_request has been fixed.

Why this matters: This fix resolves a potential barrier to resource import and management.

Concrete migration steps: Retry importing resources that previously failed due to this issue.

#### Azure MSSQL Database

What specifically changed: Validation for min_capacity and auto_pause_delay_in_minutes in azurerm_mssql_database has been fixed.

Why this matters: Correct validation ensures that database configurations are properly set up.

Concrete migration steps: Review database configurations for these properties and adjust them according to the corrected validation rules.

Editor's Note:

As we review this update, it's clear that the Terraform Azure provider is continually evolving to support more features and improve existing ones. This release, while not revolutionary, is a step forward in manageability and flexibility for Azure resources. One practical tip for developers is to thoroughly review the updated properties and validation rules for resources like azurerm_linux_function_app and azurerm_kusto_eventgrid_data_connection, as these changes can significantly impact application performance and data handling.

Before You Upgrade

1. Verify that all azurerm_automation_runbook resources are compatible with the new runtime_environment_name property.

2. Check azurerm_kusto_eventgrid_data_connection resources for any event hub consumer groups set to $Default to ensure they are correctly validated.

3. Review azurerm_linux_function_app and azurerm_linux_function_app_slot configurations for Python version updates to 3.14.

4. Use the command terraform show to inspect the current state of your resources before applying changes.

5. Run terraform plan to preview the changes that will be applied during the upgrade.

6. Ensure that the isolation_scope property is correctly set for azurerm_user_assigned_identity resources if using this feature.

7. Test updating the network_policy of an azurerm_kubernetes_cluster from calico to cilium in a non-production environment first.

8. Validate that azurerm_mssql_database resources comply with the corrected validation rules for min_capacity and auto_pause_delay_in_minutes.

Sources & Timeline

Release v4.59.0: https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v4.59.0

Release v4.58.0: https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v4.58.0

Last verified at: 2026-02-18T13:46:27.840412+00:00