Unable to update "Claims" arguments using the resource azuread_service_principal_delegated_permission_grant on version 3.0.1

[jprioux160]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureAD Provider) Version 3.0.1

Affected Resource(s)

• azuread_service_principal_delegated_permission_grant

Terraform Configuration Files

data "azuread_service_principal" "msgraph" {
  client_id = data.azuread_application_published_app_ids.well_known.result["MicrosoftGraph"]
}

resource "azuread_application_registration" "example" {
  display_name = "example"
}

resource "azuread_service_principal" "example" {
  client_id = azuread_application_registration.example.client_id
}

resource "azuread_service_principal_delegated_permission_grant" "delegated" {
  service_principal_object_id          = azuread_service_principal.example.object_id
  resource_service_principal_object_id = data.azuread_service_principal.msgraph.object_id
  claim_values = [
    "AccessReview.Read.All",
    "email"
  ]
}

Debug Output

Panic Output

Expected Behavior

Claims get updated.

Actual Behavior

unexpected status 400 (400 Bad Request) with error: Request_BadRequest: Property cannot be updated: clientId

Steps to Reproduce

1. Add claim
2. Terraform apply --> Everything works great.
3. Add an additional claim
4. Terraform Apply ---> unexpected status 400 (400 Bad Request) with error: Request_BadRequest: Property cannot be updated: clientId

Important Factoids

It works without any problem in version 2.0 of the provider.

References

• #0000