Terraform Configuration Drift Detected

[github-actions]

Terraform Plan Output

Click to expand

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azuread_application.observe_app_registration will be created
  + resource "azuread_application" "observe_app_registration" {
      + app_role_ids                = (known after apply)
      + application_id              = (known after apply)
      + client_id                   = (known after apply)
      + disabled_by_microsoft       = (known after apply)
      + display_name                = "observeApp-179969258044-eastus-16efb6a4"
      + id                          = (known after apply)
      + logo_url                    = (known after apply)
      + oauth2_permission_scope_ids = (known after apply)
      + object_id                   = (known after apply)
      + owners                      = [
          + "60400f49-81ac-44df-a6a4-218d51ad8fde",
        ]
      + prevent_duplicate_names     = false
      + publisher_domain            = (known after apply)
      + sign_in_audience            = "AzureADMyOrg"
      + tags                        = (known after apply)
      + template_id                 = (known after apply)
    }

  # azuread_application_password.observe_password will be created
  + resource "azuread_application_password" "observe_password" {
      + application_id        = (known after apply)
      + application_object_id = (known after apply)
      + display_name          = (known after apply)
      + end_date              = (known after apply)
      + id                    = (known after apply)
      + key_id                = (known after apply)
      + start_date            = (known after apply)
      + value                 = (sensitive value)
    }

  # azuread_service_principal.observe_service_principal will be created
  + resource "azuread_service_principal" "observe_service_principal" {
      + account_enabled             = true
      + app_role_ids                = (known after apply)
      + app_roles                   = (known after apply)
      + application_id              = (known after apply)
      + application_tenant_id       = (known after apply)
      + client_id                   = (known after apply)
      + display_name                = (known after apply)
      + homepage_url                = (known after apply)
      + id                          = (known after apply)
      + logout_url                  = (known after apply)
      + oauth2_permission_scope_ids = (known after apply)
      + oauth2_permission_scopes    = (known after apply)
      + object_id                   = (known after apply)
      + redirect_uris               = (known after apply)
      + saml_metadata_url           = (known after apply)
      + service_principal_names     = (known after apply)
      + sign_in_audience            = (known after apply)
      + tags                        = (known after apply)
      + type                        = (known after apply)
    }

  # azurerm_eventhub.observe_eventhub will be created
  + resource "azurerm_eventhub" "observe_eventhub" {
      + id                  = (known after apply)
      + message_retention   = 7
      + name                = "observeEventHub-179969258044-eastus-16efb6a4"
      + namespace_name      = "eu17996925804416efb6a4"
      + partition_count     = 32
      + partition_ids       = (known after apply)
      + resource_group_name = "observeResources-179969258044-eastus-16efb6a4"
      + status              = "Active"
    }

  # azurerm_eventhub_authorization_rule.observe_eventhub_access_policy will be created
  + resource "azurerm_eventhub_authorization_rule" "observe_eventhub_access_policy" {
      + eventhub_name                     = "observeEventHub-179969258044-eastus-16efb6a4"
      + id                                = (known after apply)
      + listen                            = true
      + manage                            = false
      + name                              = "observeSharedAccessPolicy-179969258044-eastus-16efb6a4"
      + namespace_name                    = "eu17996925804416efb6a4"
      + primary_connection_string         = (sensitive value)
      + primary_connection_string_alias   = (sensitive value)
      + primary_key                       = (sensitive value)
      + resource_group_name               = "observeResources-179969258044-eastus-16efb6a4"
      + secondary_connection_string       = (sensitive value)
      + secondary_connection_string_alias = (sensitive value)
      + secondary_key                     = (sensitive value)
      + send                              = false
    }

  # azurerm_eventhub_namespace.observe_eventhub_namespace will be created
  + resource "azurerm_eventhub_namespace" "observe_eventhub_namespace" {
      + auto_inflate_enabled                      = false
      + capacity                                  = 2
      + default_primary_connection_string         = (sensitive value)
      + default_primary_connection_string_alias   = (sensitive value)
      + default_primary_key                       = (sensitive value)
      + default_secondary_connection_string       = (sensitive value)
      + default_secondary_connection_string_alias = (sensitive value)
      + default_secondary_key                     = (sensitive value)
      + id                                        = (known after apply)
      + local_authentication_enabled              = true
      + location                                  = "eastus"
      + maximum_throughput_units                  = (known after apply)
      + minimum_tls_version                       = (known after apply)
      + name                                      = "eu17996925804416efb6a4"
      + network_rulesets                          = (known after apply)
      + public_network_access_enabled             = true
      + resource_group_name                       = "observeResources-179969258044-eastus-16efb6a4"
      + sku                                       = "Standard"
      + tags                                      = {
          + "created_by" = "Observe Terraform"
        }
      + zone_redundant                            = false
    }

  # azurerm_key_vault.key_vault will be created
  + resource "azurerm_key_vault" "key_vault" {
      + access_policy                 = (known after apply)
      + id                            = (known after apply)
      + location                      = "eastus"
      + name                          = "eu17996925804416efb6a4"
      + public_network_access_enabled = true
      + resource_group_name           = "observeResources-179969258044-eastus-16efb6a4"
      + sku_name                      = "standard"
      + soft_delete_retention_days    = 90
      + tenant_id                     = "81665909-a4e6-466b-9671-4d9ef491267f"
      + vault_uri                     = (known after apply)
    }

  # azurerm_key_vault_access_policy.app will be created
  + resource "azurerm_key_vault_access_policy" "app" {
      + id                 = (known after apply)
      + key_vault_id       = (known after apply)
      + object_id          = (known after apply)
      + secret_permissions = [
          + "Backup",
          + "Restore",
          + "Get",
          + "Set",
          + "List",
          + "Delete",
          + "Purge",
        ]
      + tenant_id          = "81665909-a4e6-466b-9671-4d9ef491267f"
    }

  # azurerm_key_vault_access_policy.user will be created
  + resource "azurerm_key_vault_access_policy" "user" {
      + id                 = (known after apply)
      + key_vault_id       = (known after apply)
      + object_id          = "60400f49-81ac-44df-a6a4-218d51ad8fde"
      + secret_permissions = [
          + "Backup",
          + "Restore",
          + "Get",
          + "Set",
          + "List",
          + "Delete",
          + "Purge",
        ]
      + tenant_id          = "81665909-a4e6-466b-9671-4d9ef491267f"
    }

  # azurerm_key_vault_secret.observe_password will be created
  + resource "azurerm_key_vault_secret" "observe_password" {
      + id                      = (known after apply)
      + key_vault_id            = (known after apply)
      + name                    = "observe-password"
      + resource_id             = (known after apply)
      + resource_versionless_id = (known after apply)
      + value                   = (sensitive value)
      + version                 = (known after apply)
      + versionless_id          = (known after apply)
    }

  # azurerm_key_vault_secret.observe_token will be created
  + resource "azurerm_key_vault_secret" "observe_token" {
      + id                      = (known after apply)
      + key_vault_id            = (known after apply)
      + name                    = "observe-token"
      + resource_id             = (known after apply)
      + resource_versionless_id = (known after apply)
      + value                   = (sensitive value)
      + version                 = (known after apply)
      + versionless_id          = (known after apply)
    }

  # azurerm_linux_function_app.observe_collect_function_app will be created
  + resource "azurerm_linux_function_app" "observe_collect_function_app" {
      + app_settings                                   = (known after apply)
      + builtin_logging_enabled                        = true
      + client_certificate_enabled                     = false
      + client_certificate_mode                        = "Optional"
      + content_share_force_disabled                   = false
      + custom_domain_verification_id                  = (sensitive value)
      + daily_memory_time_quota                        = 0
      + default_hostname                               = (known after apply)
      + enabled                                        = true
      + ftp_publish_basic_authentication_enabled       = true
      + functions_extension_version                    = "~4"
      + hosting_environment_id                         = (known after apply)
      + https_only                                     = false
      + id                                             = (known after apply)
      + key_vault_reference_identity_id                = (known after apply)
      + kind                                           = (known after apply)
      + location                                       = "eastus"
      + name                                           = "observeApp-179969258044-eastus-16efb6a4"
      + outbound_ip_address_list                       = (known after apply)
      + outbound_ip_addresses                          = (known after apply)
      + possible_outbound_ip_address_list              = (known after apply)
      + possible_outbound_ip_addresses                 = (known after apply)
      + public_network_access_enabled                  = true
      + resource_group_name                            = "observeResources-179969258044-eastus-16efb6a4"
      + service_plan_id                                = (known after apply)
      + site_credential                                = (sensitive value)
      + storage_account_access_key                     = (sensitive value)
      + storage_account_name                           = "179969258044eu16efb6a4"
      + storage_uses_managed_identity                  = false
      + webdeploy_publish_basic_authentication_enabled = true
      + zip_deploy_file                                = (known after apply)

      + identity {
          + principal_id = (known after apply)
          + tenant_id    = (known after apply)
          + type         = "SystemAssigned"
        }

      + site_config {
          + always_on                               = (known after apply)
          + app_scale_limit                         = (known after apply)
          + container_registry_use_managed_identity = false
          + default_documents                       = (known after apply)
          + detailed_error_logging_enabled          = (known after apply)
          + elastic_instance_minimum                = (known after apply)
          + ftps_state                              = "Disabled"
          + health_check_eviction_time_in_min       = (known after apply)
          + http2_enabled                           = false
          + ip_restriction_default_action           = "Allow"
          + linux_fx_version                        = (known after apply)
          + load_balancing_mode                     = "LeastRequests"
          + managed_pipeline_mode                   = "Integrated"
          + minimum_tls_version                     = "1.2"
          + pre_warmed_instance_count               = (known after apply)
          + remote_debugging_enabled                = false
          + remote_debugging_version                = (known after apply)
          + scm_ip_restriction_default_action       = "Allow"
          + scm_minimum_tls_version                 = "1.2"
          + scm_type                                = (known after apply)
          + scm_use_main_ip_restriction             = false
          + use_32_bit_worker                       = false
          + vnet_route_all_enabled                  = false
          + websockets_enabled                      = false
          + worker_count                            = (known after apply)

          + application_stack {
              + python_version              = "3.9"
              + use_dotnet_isolated_runtime = false
            }
        }
    }

  # azurerm_resource_group.observe_resource_group will be created
  + resource "azurerm_resource_group" "observe_resource_group" {
      + id       = (known after apply)
      + location = "eastus"
      + name     = "observeResources-179969258044-eastus-16efb6a4"
    }

  # azurerm_role_assignment.observe_role_assignment will be created
  + resource "azurerm_role_assignment" "observe_role_assignment" {
      + id                               = (known after apply)
      + name                             = (known after apply)
      + principal_id                     = (known after apply)
      + principal_type                   = (known after apply)
      + role_definition_id               = (known after apply)
      + role_definition_name             = "Monitoring Reader"
      + scope                            = "/subscriptions/df9e45ea-4082-4855-9c9e-97d216efb6a4"
      + skip_service_principal_aad_check = (known after apply)
    }

  # azurerm_service_plan.observe_service_plan will be created
  + resource "azurerm_service_plan" "observe_service_plan" {
      + id                           = (known after apply)
      + kind                         = (known after apply)
      + location                     = "eastus"
      + maximum_elastic_worker_count = (known after apply)
      + name                         = "observeServicePlan-179969258044eastus-16efb6a4"
      + os_type                      = "Linux"
      + per_site_scaling_enabled     = false
      + reserved                     = (known after apply)
      + resource_group_name          = "observeResources-179969258044-eastus-16efb6a4"
      + sku_name                     = "Y1"
      + worker_count                 = (known after apply)
    }

  # azurerm_storage_account.observe_storage_account will be created
  + resource "azurerm_storage_account" "observe_storage_account" {
      + access_tier                        = (known after apply)
      + account_kind                       = "StorageV2"
      + account_replication_type           = "LRS"
      + account_tier                       = "Standard"
      + allow_nested_items_to_be_public    = true
      + cross_tenant_replication_enabled   = true
      + default_to_oauth_authentication    = false
      + dns_endpoint_type                  = "Standard"
      + enable_https_traffic_only          = true
      + id                                 = (known after apply)
      + infrastructure_encryption_enabled  = false
      + is_hns_enabled                     = false
      + large_file_share_enabled           = (known after apply)
      + local_user_enabled                 = true
      + location                           = "eastus"
      + min_tls_version                    = "TLS1_2"
      + name                               = "179969258044eu16efb6a4"
      + nfsv3_enabled                      = false
      + primary_access_key                 = (sensitive value)
      + primary_blob_connection_string     = (sensitive value)
      + primary_blob_endpoint              = (known after apply)
      + primary_blob_host                  = (known after apply)
      + primary_blob_internet_endpoint     = (known after apply)
      + primary_blob_internet_host         = (known after apply)
      + primary_blob_microsoft_endpoint    = (known after apply)
      + primary_blob_microsoft_host        = (known after apply)
      + primary_connection_string          = (sensitive value)
      + primary_dfs_endpoint               = (known after apply)
      + primary_dfs_host                   = (known after apply)
      + primary_dfs_internet_endpoint      = (known after apply)
      + primary_dfs_internet_host          = (known after apply)
      + primary_dfs_microsoft_endpoint     = (known after apply)
      + primary_dfs_microsoft_host         = (known after apply)
      + primary_file_endpoint              = (known after apply)
      + primary_file_host                  = (known after apply)
      + primary_file_internet_endpoint     = (known after apply)
      + primary_file_internet_host         = (known after apply)
      + primary_file_microsoft_endpoint    = (known after apply)
      + primary_file_microsoft_host        = (known after apply)
      + primary_location                   = (known after apply)
      + primary_queue_endpoint             = (known after apply)
      + primary_queue_host                 = (known after apply)
      + primary_queue_microsoft_endpoint   = (known after apply)
      + primary_queue_microsoft_host       = (known after apply)
      + primary_table_endpoint             = (known after apply)
      + primary_table_host                 = (known after apply)
      + primary_table_microsoft_endpoint   = (known after apply)
      + primary_table_microsoft_host       = (known after apply)
      + primary_web_endpoint               = (known after apply)
      + primary_web_host                   = (known after apply)
      + primary_web_internet_endpoint      = (known after apply)
      + primary_web_internet_host          = (known after apply)
      + primary_web_microsoft_endpoint     = (known after apply)
      + primary_web_microsoft_host         = (known after apply)
      + public_network_access_enabled      = true
      + queue_encryption_key_type          = "Service"
      + resource_group_name                = "observeResources-179969258044-eastus-16efb6a4"
      + secondary_access_key               = (sensitive value)
      + secondary_blob_connection_string   = (sensitive value)
      + secondary_blob_endpoint            = (known after apply)
      + secondary_blob_host                = (known after apply)
      + secondary_blob_internet_endpoint   = (known after apply)
      + secondary_blob_internet_host       = (known after apply)
      + secondary_blob_microsoft_endpoint  = (known after apply)
      + secondary_blob_microsoft_host      = (known after apply)
      + secondary_connection_string        = (sensitive value)
      + secondary_dfs_endpoint             = (known after apply)
      + secondary_dfs_host                 = (known after apply)
      + secondary_dfs_internet_endpoint    = (known after apply)
      + secondary_dfs_internet_host        = (known after apply)
      + secondary_dfs_microsoft_endpoint   = (known after apply)
      + secondary_dfs_microsoft_host       = (known after apply)
      + secondary_file_endpoint            = (known after apply)
      + secondary_file_host                = (known after apply)
      + secondary_file_internet_endpoint   = (known after apply)
      + secondary_file_internet_host       = (known after apply)
      + secondary_file_microsoft_endpoint  = (known after apply)
      + secondary_file_microsoft_host      = (known after apply)
      + secondary_location                 = (known after apply)
      + secondary_queue_endpoint           = (known after apply)
      + secondary_queue_host               = (known after apply)
      + secondary_queue_microsoft_endpoint = (known after apply)
      + secondary_queue_microsoft_host     = (known after apply)
      + secondary_table_endpoint           = (known after apply)
      + secondary_table_host               = (known after apply)
      + secondary_table_microsoft_endpoint = (known after apply)
      + secondary_table_microsoft_host     = (known after apply)
      + secondary_web_endpoint             = (known after apply)
      + secondary_web_host                 = (known after apply)
      + secondary_web_internet_endpoint    = (known after apply)
      + secondary_web_internet_host        = (known after apply)
      + secondary_web_microsoft_endpoint   = (known after apply)
      + secondary_web_microsoft_host       = (known after apply)
      + sftp_enabled                       = false
      + shared_access_key_enabled          = true
      + table_encryption_key_type          = "Service"
    }

  # azurerm_storage_container.observe_storage_container will be created
  + resource "azurerm_storage_container" "observe_storage_container" {
      + container_access_type             = "private"
      + default_encryption_scope          = (known after apply)
      + encryption_scope_override_enabled = true
      + has_immutability_policy           = (known after apply)
      + has_legal_hold                    = (known after apply)
      + id                                = (known after apply)
      + metadata                          = (known after apply)
      + name                              = "container179969258044eu-16efb6a4"
      + resource_manager_id               = (known after apply)
      + storage_account_name              = "179969258044eu16efb6a4"
    }

Plan: 17 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + eventhub_name         = "observeEventHub-179969258044-eastus-16efb6a4"
  + eventhub_namespace_id = (known after apply)