Error: Cannot import non-existent remote object

[zeusbaba]

I'm working on an important project for one of our customers.
my goal is using aztfexport to export existing environments from Azure into terraform so that I can refactor for further reuse.

However, I'm getting this error when exporting resource group

Error: Cannot import non-existent remote object

While attempting to import an existing object to "azurerm_resource_group.res-0",   
the provider detected that no object exists with the given id.   

Attached log in TRACE level, notice that subscriptionId etc is manually redacted.

Could you please help and advise further?

aztfexportResourceMapping_23apr2024.json

[magodo]

From the log, you are auth via client id & secret. In this case, you'd have to ensure:

1. The subscription indeed has a rg named rg-redacted-qa
2. The App associated by the client id has read permission in this subscription

(BTW, your log seems contain the access token, please remember to remove them to avoid leakage)

[zeusbaba]

re-uploading log files again. I'll respond to your comment separately

aztfexport_23apr2024.log

[zeusbaba]

From the log, you are auth via client id & secret. In this case, you'd have to ensure:

1. The subscription indeed has a rg named rg-redacted-qa
2. The App associated by the client id has read permission in this subscription

(BTW, your log seems contain the access token, please remember to remove them to avoid leakage)

thnx for quick response @magodo

1. yes rg-redacted-qa exists, confirmed via azure console and az
2. that is the tricky part. tenant+subscription is using delegation model. this is very specific to how this is setup for our customers.

soon, I'll experiment with connecting via registered App then come back to you again if the issue still happens

[zeusbaba]

as we found out, the issue was related to delegated permissions of registered app.
closing this issue, and I'll open a new one when new issues found out.