search

Azure / azure-rest-api-specs

The source for REST API specifications for Microsoft Azure.
MIT License
2.61k stars 5.01k forks source link

PostgreSQL server Entra ID administrator issue #27030

Open hknutsen opened 9 months ago

hknutsen commented 9 months ago

Original issue: hashicorp/terraform-provider-azurerm#24168

Getting the following error when trying to configure a PostgreSQL server Entra ID administrator using the AzureRM provider for Terraform:

╷
│ Error: creating/updating Server (Subscription: "<SUBSCRIPTION_ID>"
│ Resource Group Name: "rg-90af49e4e7fef93e"
│ Server Name: "psql-90af49e4e7fef93e"): polling after CreateOrUpdate: polling failed: the Azure API returned the following error:
│
│ Status: "InternalServerError"
│ Code: ""
│ Message: "An unexpected error occured while processing the request. Tracking ID: '287dc7a0-e0ff-4168-96e6-50a8f31588ba'"
│ Activity Id: ""
│
│ ---
│
│ API Response:
│
│ ----[start]----
│ {"name":"0c4553b2-1151-48be-aeb5-92aa8b3183e9","status":"Failed","startTime":"2023-12-08T14:14:01.477Z","error":{"code":"InternalServerError","message":"An unexpected error occured while processing the request. Tracking ID: '287dc7a0-e0ff-4168-96e6-50a8f31588ba'"}}
│ -----[end]-----
│
│
│   with azurerm_postgresql_active_directory_administrator.example,
│   on example.tf line 39, in resource "azurerm_postgresql_active_directory_administrator" "example":
│   39: resource "azurerm_postgresql_active_directory_administrator" "example" {
│
╵

Terraform configuration:

provider "azurerm" {
  features {}
}

resource "random_id" "suffix" {
  byte_length = 8
}

resource "azurerm_resource_group" "example" {
  name     = "rg-${random_id.suffix.hex}"
  location = "northeurope"
}

resource "random_password" "psql" {
  length      = 128
  lower       = true
  upper       = true
  numeric     = true
  special     = true
  min_lower   = 1
  min_upper   = 1
  min_numeric = 1
  min_special = 1
}

resource "azurerm_postgresql_server" "example" {
  name                         = "psql-${random_id.suffix.hex}"
  resource_group_name          = azurerm_resource_group.example.name
  location                     = azurerm_resource_group.example.location
  sku_name                     = "B_Gen5_1"
  version                      = "11"
  ssl_enforcement_enabled      = true
  administrator_login          = "psqladmin"
  administrator_login_password = random_password.psql.result
}

data "azurerm_client_config" "current" {}

resource "azurerm_postgresql_active_directory_administrator" "example" {
  resource_group_name = azurerm_resource_group.example.name
  server_name         = azurerm_postgresql_server.example.name
  login               = "adadmin"
  object_id           = data.azurerm_client_config.current.object_id
  tenant_id           = data.azurerm_client_config.current.tenant_id
}

I don't get this error 100% of the time, but I get it more often than not.

hknutsen commented 9 months ago

Just had the same issue using the AzAPI provider for Terraform:

resource "azapi_resource" "active_directory_admin" {
  type      = "Microsoft.DBforPostgreSQL/servers/administrators@2017-12-01"
  parent_id = azurerm_postgresql_server.example.id
  name      = "activeDirectory"

  body = jsonencode({
    properties = {
      administratorType = "ActiveDirectory"
      login             = "adadmin"
      sid               = data.azurerm_client_config.current.object_id
      tenantId          = data.azurerm_client_config.current.tenant_id
    }
  })
}