search

Azure / azure-dev

A developer CLI that reduces the time it takes for you to get started on Azure. The Azure Developer CLI (azd) provides a set of developer-friendly commands that map to key stages in your workflow - code, build, deploy, monitor, repeat.
https://aka.ms/azd
MIT License
369 stars 166 forks source link

[Issue] Remote end - `InvalidAuthenticationInfo` #3808

Open petr-stupka opened 2 weeks ago

petr-stupka commented 2 weeks ago

Output from azd version\ azd version 1.8.1

Describe the bug

Configured remote env state like this (also tried to define the containerName)

name: azd-poc
state:
  remote:
    backend: AzureBlobStorage
    config:
      accountName: myaccount01
      # containerName: azd # Defaults to project name if not specified

And following error is returned:

ERROR: loading environment: checking for existing environment: listing blobs: failed getting next page of containers: GET https://myaccount01.blob.core.windows.net
--------------------------------------------------------------------------------
RESPONSE 401: 401 Server failed to authenticate the request. Please refer to the information in the www-authenticate header.
ERROR CODE: InvalidAuthenticationInfo
--------------------------------------------------------------------------------
<?xml version="1.0" encoding="utf-8"?><Error><Code>InvalidAuthenticationInfo</Code><Message>Server failed to authenticate the request. Please refer to the information in the www-authenticate header.
RequestId:41af17c6-901e-0024-57ae-9985a6000000
Time:2024-04-28T20:54:57.4081095Z</Message><AuthenticationErrorDetail>Issuer validation failed. Issuer did not match.</AuthenticationErrorDetail></Error>
--------------------------------------------------------------------------------

To Reproduce Using terraform-starter template

Expected behavior This should work. I'm Owner of the Subscription, also have RBAC roles Storage Blob Data Owner and tried to add Storage Blob Data Contributor just to be on the safe side

Environment Information on your environment:

Additional Context I found this issue related to failing test > https://github.com/Azure/azure-dev/issues/3669 I assume the issue was not the test, but the AZD code and the test failed due to issue i'm facing now

rajeshkamal5050 commented 2 weeks ago

@wbreza can you take a look?

wbreza commented 2 weeks ago

@petr-stupka Based on your configuration it looks like you are attempting to use the AZD remote state configuration also as your remote storage configuration for terraform.

There isn't any reason you could not use the same Azure storage account for both Terraform remote state and AZD remote environment state but right now this would require a bit more configuration.

Take a look at the Terraform configuration feature docs which outlines the required environment variables that you will need to set.

If you also want to use AZD remote environments take a look at the Remote environments feature docs.

petr-stupka commented 2 days ago

Hi @wbreza sorry for the delay. The TF remote state is working fine for terraform. What is not working is to save the AZD remote environments on the same remote storage.