search

Azure / terraform-azurerm-avm-res-storage-storageaccount

This Terraform module is designed to create Azure Storage Accounts and its related resources, including blob containers, queues, tables, and file shares. It also supports the creation of a storage account private endpoint which provides secure and direct connectivity to Azure Storage over a private network.
https://registry.terraform.io/modules/Azure/avm-res-storage-storageaccount
MIT License
19 stars 27 forks source link

[AVM Module Issue]: Permission issue and request timeout #113

Closed jerryshia closed 2 months ago

jerryshia commented 2 months ago

1. Describe the issue: When test the example customer-managed-key of module avm-res-storage-storageaccount, it returns AuthorizationFail.

image

If we change the default_action in the network_rules under the module "this" to ALLOW, it will run successfully.

image

Module Version: 0.1.3 Examples:customer-managed-key,diagnostic-settings,role_assignments, private-endpoint,private-endpoint-Staticip

Repro Steps:

  1. Execute commands: azd login, az login.
  2. Clone terraform template code. E.g:todo-python-mongo-terraform
  3. Copy and paste the example customer-managed-key into main.tf.
  4. Annotate the contents of the infra/output.tf file.
  5. Run azd provision.

Expected behavior: Test the example customer-managed-key successfully.

2. Describe the issue: In the example private-endpoint and private-endpoint-Staticip, after modifying the parameter default_action to "ALLOW" and running azd provision, the program gets stuck when creating the storage queue and file share, and eventually fails to run due to a request timeout.

image image

However, if the VPN is disconnected while creating the storage queue and file share, it ultimately runs successfully.

image

Module Version: 0.1.3 Examples: private-endpoint,private-endpoint-Staticip

Repro Steps:

  1. Execute commands: azd login, az login.
  2. Clone terraform template code. E.g:todo-python-mongo-terraform
  3. Copy and paste the example private-endpoint into main.tf.
  4. Annotate the contents of the infra/output.tf file.
  5. Run azd provision.

Expected behavior: Test the examples private-endpoint and private-endpoint-Staticip successfully.

@matt-FFFFFF, @jaredfholgate and @jongio for notification.

jaredfholgate commented 2 months ago

@jerryshia This is a known issue. @chinthakaru is migrating to AzAPI to resolve this. We'll get a release out ASAP.

PR is here: https://github.com/Azure/terraform-azurerm-avm-res-storage-storageaccount/pull/110

chinthakaru commented 2 months ago

@jerryshia We have released the AzApi version of sub resources. Please can you test it again?

jerryshia commented 2 months ago

@chinthakaru Ok, I will test it again.

jerryshia commented 2 months ago

This issue has been resolved. I will close it.

microsoft-github-policy-service[bot] commented 2 months ago

[!NOTE] The "Status: In PR :point_right:" label was removed as per ITA23.