Azure / terraform-azurerm-avm-res-compute-virtualmachine

Terraform AVM module for virtual machines
MIT License
18 stars 27 forks source link

[AVM Module Issue]: VM provision failed with 'Plan required error' even though the image is owned by friend developer's gallery image #108

Open msjo66 opened 2 months ago

msjo66 commented 2 months ago

Check for previous/existing GitHub issues

Issue Type?

I'm not sure

(Optional) Module Version

0.15.1

(Optional) Correlation Id

No response

Description

provider "azurerm" {
  features {
  }
}

provider "azurerm" {
  features{}
  alias  = "for_gallery"
  subscription_id = "64061f25-366b-47a8-af8b-74a88656fbb2"
  # client_id = "${var.client_id}"
  # client_secret = "${var.client_secret}"
  # tenant_id = "${var.tenant_id}"
}

data "azurerm_client_config" "current" {}

data "azurerm_shared_image" "example" {
  name                = "image-rocky8.10-240820"
  gallery_name        = "cg_az01_co013601_01"
  resource_group_name = "rg-az01-co013601-azgov-infra-01"

  provider = "azurerm.for_gallery"  
}

resource "azurerm_marketplace_agreement" "barracuda" {
  publisher = "barracudanetworks"
  offer     = "waf"
  plan      = "hourly"

      name      = "8-base"
    product   = "resf"
    publisher = "rockylinux-x86_64"
}

module "this" {
  #source = "../../"
  source = "Azure/avm-res-compute-virtualmachine/azurerm"
  #version = "0.15.1"

  location            = var.base-info.location
  resource_group_name = var.base-info.rg_name
  os_type             = var.vm-info.os_type
  name                = var.vm-info.name
  sku_size            = var.vm-info.sku_size
  zone                = var.vm-info.zone

  admin_username                     = var.vm-info.admin_username
  admin_password                     = var.vm-info.admin_password
  disable_password_authentication    = var.vm-info.disable_password_authentication
  enable_telemetry                   = var.vm-info.enable_telemetry
  encryption_at_host_enabled         = var.vm-info.encryption_at_host_enabled
  generate_admin_password_or_ssh_key = var.vm-info.generate_admin_password_or_ssh_key

  source_image_resource_id = data.azurerm_shared_image.example.id
  # source_image_reference = {
  #   publisher = "myeong.lee"
  #   offer     = "rocky8.10"
  #   sku       = "rocky8.10"
  #   version   = "1.0.0"
  # }

  # source_image_reference = {
  #   publisher = var.vm-info.source_image_reference.publisher
  #   offer     = var.vm-info.source_image_reference.offer
  #   sku       = var.vm-info.source_image_reference.sku
  #   version   = var.vm-info.source_image_reference.version
  # }

  os_disk = {
    caching = var.vm-info.os_disk.caching
    storage_account_type = var.vm-info.os_disk.storage_account_type
    name = var.vm-info.os_disk.name
    disk_size_gb              = var.vm-info.os_disk.disk_size_gb
    write_accelerator_enabled = var.vm-info.os_disk.write_accelerator_enabled
  }

  # data_disk_managed_disks = {
  #   disk1 = {
  #       name                 = "my-vm01-data-disk01"
  #       storage_account_type = "Standard_LRS"
  #       lun                  = 0
  #       caching              = "ReadWrite"
  #       disk_size_gb         = 32
  #   }
  # }

  network_interfaces = {
    network_interface_1 = {
      ip_configurations = {
        ip_configuration_1 = {
          name                          = "${var.vm-info.nic_name}-ipconfig1"
          private_ip_subnet_resource_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${var.base-info.rg_name}/providers/Microsoft.Network/virtualNetworks/${var.vnet-info.vnet_name}/subnets/${var.vnet-info.subnets.app.name}"
        }
      }
      name = var.vm-info.nic_name
    }
  }

}

I've tried to provision a VM with above HCL. but the following error log returns

"Creating a virtual machine from Marketplace image or a custom image sourced from a Marketplace image requires Plan information in the request. VM: '/subscriptions/675f8b56-b926-4138-b129-24cd4f406d38/resourceGroups/rg-az01-ag015701-prd-idt-01/providers/Microsoft.Compute/virtualMachines/vm-az01-prd-idt-was-01'."

the referenced image and the gallery is owned by my colleague(another team developer) and I have read permission. Same error returns with following plan argument. I can provision vm using portal and the following plan argument is in the ARM template of the successfully provisioned vm. Is 'plan' argument applied with 'source_image_resource_id' argument?

  plan = {
     name      = "8-base"
     product   = "resf"
     publisher = "rockylinux-x86_64"
   }
jchancellor-ms commented 2 months ago

@msjo66 - Thanks for your submission. The plan variable is independent of the source image variables. So, if you have an input for the plan variable the module will attempt to implement it. Since you are successful when deploying in the portal, the way I typically duplicate that in terraform is to export the ARM template by selecting the Download a template for automation link prior to selecting the Create button in the portal experience. You can then determine which source image and plan values it is using to be successful by examining the json that is generated. image

msjo66 commented 1 month ago

I've exactly tried what you recommend before issue raised. But terraform said '... requires Plan information in the request.' As I mentioned earlier, The image exists in other subscription's gallery and I have read permission, not the public nor private marketplace. Could you reproduce same condition?

jchancellor-ms commented 1 month ago

@msjo66 - I'll try to reproduce this by creating a vm from a similar gallery image. Do you know which barracuda image the custom image was sourced from so I can try to get as close to your configuration as possible? Also, can you confirm whether this is a gov tenant or a commercial one?