Use AzApi provider to update Cosmos DB backup
Date published:
I will show you how you can update Azure Cosmos DB backup using the new terraform AzApi provider. A few weeks ago, I tried to figure out an approach to how I can change the resource because HashiCorp does not support the ability to change the backup retention period using Terraform. However, I found out I could use the new AzApi provider for this method. According to Azure, AzApi Provider is a layer on top of the Azure REST API used to authenticate and manage Resources using the Azure Resource Manager directly. More details can located on here. There are currently three main resources used by HashiCorp for terraform and these are:
azapi_resource - Used to manage any resource within ARM
azapi_resource_action - This resource can perform any Azure resource manager resource action that changes a resource state
azapi_update_resource - manage ARM resource’s properties.
1)Azapi Update Resource Template
This is the basics Azapi Update resource
resource "azapi_update_resource" "example" {
type = "Microsoft.Network/loadBalancers@2021-03-01"
resource_id = azurerm_lb.example.id
body = jsonencode({
properties = {
inboundNatRules = [
{
properties = {
idleTimeoutInMinutes = 15
}
}
]
}
})
}
2) Viewing Azure ARM Template
As you can see above, the azapi update resource requires the properties of the resource before it can be updated. I would assume you already have a Cosmos DB resource deployed on Azure. I would suggest if you need any other properties updated, deploy the resource that would have your desired configuration on the Azure Portal. In this example, I have already deployed the resource that set the backup mode to continuous and set it to 7 days retention period.
On your Cosmos DB resource scroll down and go to automation and export the Azure Resource Manager Template and go to the backup section to find the properties for it. After inspecting the template, I noticed there is no retention period and there is a backup type property which is set to continuous.
3) Investigation
After investigating, I found out the continuous mode properties within the retention period set on a different Azure Resource Manager template. However, this one is different from the above that has been generated on the Azure Portal. If you look closely you noticed the “apiVersion “2016-03-31”, which is an old date than above. The link to the template on Microsoft Docs here
3.1) I decided to look into the type properties and found that the latest version of the API does not support it. I found that the API version Microsoft.DocumentDB databaseAccounts 2022-05-15-preview will support it and have the continuousModeProperties. More details can be found here https://learn.microsoft.com/en-us/azure/templates/microsoft.documentdb/2022-05-15-preview/databaseaccounts?pivots=deployment-language-arm-template
3.2) By gathering all the information, I put continuousModeProperties and Tier into the backup type on the resource. Below is the complete AzApi Update resource used to update the backup retention period.
- When you have completed the azapi update resource, run the terraform to update the resource. As you can see from the terraform plan the backup period will change from 7 days to 30 days.
3.!) Following a successful change in your terraform deployment, head back into Azure Portal and view your Cosmos DB and it should be updated to 30-day Continuous backup mode.
3) Conclusion
When using the Azapi update resource I would recommend first checking the ARM template via the Azure portal and if it does not contain the correct properties you will need to look into the type of the resource.
Thanks for reading.
References