Quick Summary
The latest release of the AzureRM Terraform provider, version 4.57.0, includes a range of updates that enhance the functionality and stability of the platform. This release introduces several new features, including support for Managed HSM vault keys in various resources, as well as improvements to existing resources such as the azurerm_kubernetes_cluster. Additionally, several behavioral changes have been made to fix issues and improve the overall user experience. Overall, this release aims to provide a more robust and secure environment for managing Azure resources.
Editor's Note:
As we review this release, we notice that it continues the trend of enhancing security and flexibility in the AzureRM Terraform provider. One practical tip for developers affected by the top change is to review their existing configurations to take advantage of the new support for Managed HSM vault keys, which can provide an additional layer of security for sensitive data. We will continue to monitor the evolution of this platform and provide guidance on how to navigate these changes.
Changes by Severity
#### 🔴 Immediate Action Required
The azurerm_linux_function_app resource now requires all necessary permissions to be deployed without causing a panic, so ensure that your configurations include all required permissions to avoid deployment issues.
#### 🟡 Plan Ahead
The azurerm_data_factory resource has been updated to fix ID parsing errors when the customer_managed_key_identity_id is an empty string, which may affect existing configurations that rely on this behavior. Additionally, the azurerm_eventhub resource now allows updating the partition_count for dedicated clusters, which can impact performance and scalability.
#### 🟢 Informational
Several resources, including azurerm_automation_runtime_environment, azurerm_data_protection_backup_vault_customer_managed_key, azurerm_kubernetes_cluster, azurerm_log_analytics_cluster_customer_managed_key, and azurerm_mssql_database, have been updated with new features and support for Managed HSM vault keys, which can provide additional security and flexibility for managing Azure resources.
Migration Playbook
1. Review existing configurations to identify resources that can benefit from the new support for Managed HSM vault keys.
2. Update the key_vault_key_id property in resources such as azurerm_data_protection_backup_vault_customer_managed_key and azurerm_log_analytics_cluster_customer_managed_key to use keys from a Managed HSM vault.
3. Configure the node_provisioning_profile block in the azurerm_kubernetes_cluster resource to take advantage of the new feature.
4. Verify that all necessary permissions are included in the configuration for the azurerm_linux_function_app resource to avoid deployment issues.
5. Test and validate the updated configurations to ensure that they are working as expected.
Verification Checklist
key_vault_key_id property in relevant resources to use keys from a Managed HSM vault.node_provisioning_profile block in the azurerm_kubernetes_cluster resource.azurerm_linux_function_app resource.partition_count in the azurerm_eventhub resource.References
* Release v4.57.0: https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v4.57.0
* Release v4.56.0: https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v4.56.0
Last verified at: 2026-02-18T13:46:35.861488+00:00