Panic during read on azurerm_pim_active_role_assignment

[alexwilcox9]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.8.3

AzureRM Provider Version

3.102.0

Affected Resource(s)/Data Source(s)

azurerm_pim_active_role_assignment

Terraform Configuration Files

I've taken this snippet from our module 


resource "azurerm_pim_active_role_assignment" "active" {
  for_each = {
    for assignment in local.active_iam_assignments : "${assignment.group_name}.${assignment.role_name}" => assignment
  }

  scope              = var.scope
  role_definition_id = data.azurerm_role_definition.iam-lookup[each.value.role_name].id
  principal_id       = data.azuread_group.principal[each.value.group_name].object_id

  lifecycle {
    ignore_changes = [
      schedule
    ]
  }
}

Debug Output/Panic Output

│ Error: Plugin did not respond
│ 
│   with module.sandbox-iam.azurerm_pim_active_role_assignment.active["Group Name.Owner"],
│   on .terraform/modules/sandbox-iam/assignment.tf line 1, in resource "azurerm_pim_active_role_assignment" "active":
│    1: resource "azurerm_pim_active_role_assignment" "active" {
│ 
│ The plugin encountered an error, and failed to respond to the
│ plugin.(*GRPCProvider).ReadResource call. The plugin logs may contain more
│ details.
╵

Stack trace from the terraform-provider-azurerm_v3.102.0_x5 plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x5583cf5]

goroutine 1299 [running]:
github.com/hashicorp/terraform-provider-azurerm/internal/services/authorization/parse.RoleAssignmentScheduleRequestIdFromSchedule(0xc0028cd098)
	github.com/hashicorp/terraform-provider-azurerm/internal/services/authorization/parse/pim_role_assignment.go:75 +0x35
github.com/hashicorp/terraform-provider-azurerm/internal/services/authorization.(*PimActiveRoleAssignmentResource).Read.PimActiveRoleAssignmentResource.Read.func1({0x8dec858, 0xc001568cb0}, {0xc001ca9680, {0x8def178, 0xc000299020}, 0xc000927b00, 0x0, {0x8df00c8, 0xe681f20}})
	github.com/hashicorp/terraform-provider-azurerm/internal/services/authorization/pim_active_role_assignment_resource.go:284 +0x3a5
github.com/hashicorp/terraform-provider-azurerm/internal/sdk.(*ResourceWrapper).Resource.func3({0x8dec858, 0xc001568cb0}, 0x0?, {0x75ebc20?, 0xc001ca9680?})
	github.com/hashicorp/terraform-provider-azurerm/internal/sdk/wrapper_resource.go:68 +0x145
github.com/hashicorp/terraform-provider-azurerm/internal/sdk.(*ResourceWrapper).Resource.(*ResourceWrapper).diagnosticsWrapper.diagnosticsWrapper.func11({0x8dec858?, 0xc001568cb0?}, 0x0?, {0x75ebc20?, 0xc001ca9680?})
	github.com/hashicorp/terraform-provider-azurerm/internal/sdk/wrapper_resource.go:192 +0x59
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0xc0006b9a40, {0x8dec7b0, 0xc0033c0900}, 0xd?, {0x75ebc20, 0xc001ca9680})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:795 +0x11b
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc0006b9a40, {0x8dec7b0, 0xc0033c0900}, 0xc0005be820, {0x75ebc20, 0xc001ca9680})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:1089 +0x552
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0xc000aed998, {0x8dec7b0?, 0xc0033c0810?}, 0xc002b53c40)
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:649 +0x48a
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0xc00137b540, {0x8dec7b0?, 0xc0033c0060?}, 0xc001e37080)
	github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:789 +0x48b
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x8229260?, 0xc00137b540}, {0x8dec7b0, 0xc0033c0060}, 0xc0015685b0, 0x0)
	github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:431 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc000020000, {0x8e15580, 0xc001da51e0}, 0xc0027bcfc0, 0xc001d7bb30, 0xe641de8, 0x0)
	google.golang.org/[email protected]/server.go:1374 +0xde7
google.golang.org/grpc.(*Server).handleStream(0xc000020000, {0x8e15580, 0xc001da51e0}, 0xc0027bcfc0, 0x0)
	google.golang.org/[email protected]/server.go:1751 +0x9e7
google.golang.org/grpc.(*Server).serveStreams.func1.1()

### Expected Behaviour

During a plan the assignment should be read correctly and compared to state. If the assignment doesn't exist anymore then the plan should handle this without panicing

### Actual Behaviour

A panic occurs

### Steps to Reproduce

I'm not quite sure of the exact steps to reproduce as my pipeline has just started showing this behaviour recently but as it's a nil pointer dereference it probably just needs some extra nil checks thrown in

### Important Factoids

_No response_

### References

https://github.com/hashicorp/terraform-provider-azurerm/blob/main/internal/services/authorization/parse/pim_role_assignment.go#L75

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.