search

Azure / terraform-azurerm-caf-enterprise-scale

Azure landing zones Terraform module
https://aka.ms/alz/tf
MIT License
785 stars 510 forks source link

Unable to create Default InvalidSubscriptionId - Message="The provided subscription identifier XXX is malformed or invalid." #974

Closed praveenambati1233 closed 3 weeks ago

praveenambati1233 commented 3 weeks ago

Versions

terraform: 

terraform version
Terraform v1.7.0

azure provider:

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">= 3.74.0"
    }
  }
}

Module Version: 5.2.1 module: Deploy-Default-Configuration https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/wiki/%5BExamples%5D-Deploy-Default-Configuration

Description : Error while running Default configuration module

Describe the bug

I am trying to create a Default configurations as per the article https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/wiki/%5BExamples%5D-Deploy-Default-Configuration with below change in the code 

provider "azurerm" {
  features {}
  client_id                  = "SP_APP_ID"
  client_secret              = "SP_Secret"
  subscription_id            = "00000000-0000-0000-0000-00000000000" #Since I don't have subscription on my tenant I have given this to pass the tf authentication
  tenant_id                  = "My_tenant_id"
  skip_provider_registration = true  #Since I don't have subscription on my tenant I have given this to pass the tf authentication
}

Error : 

│ Error: checking for presence of existing Subscription Template Deployment "pid-36dcde81-8c33-4da0-8dc3-265381502ccb_v5.0.0_0001_c417d5f4": resources.DeploymentsClient#GetAtSubscriptionScope: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="InvalidSubscriptionId" Message="The provided subscription identifier '00000000-0000-0000-0000-00000000000' is malformed or invalid."
│ 
│   with module.enterprise_scale.azurerm_subscription_template_deployment.telemetry_core[0],
│   on .terraform/modules/enterprise_scale/resources.telemetry.tf line 9, in resource "azurerm_subscription_template_deployment" "telemetry_core":
│    9: resource "azurerm_subscription_template_deployment" "telemetry_core" {

FYI - 231/232 resources are creation complete. Attached the terraform apply output. [Uploading default.module.enterprise_scale.txt…]()

New Bee Question - How to execute the the default module on the new tenant that don't have any MGs or subscriptions in place ?

praveenambati1233 commented 3 weeks ago

I have replaced subscription_id = "00000000-0000-0000-0000-00000000000" with one of the subscription id in our tenant. The problem is resolved. However, I can't see the Management Groups created in the tenant. Is it due to lack of permissions ?

matt-FFFFFF commented 3 weeks ago

The subscription deployment is the telemetry, you can disable this using input vars.

If the apply shows the MGs were created then they have been. Did you check the plan?

praveenambati1233 commented 3 weeks ago

@matt-FFFFFF how to disable it using input vars ?

praveenambati1233 commented 3 weeks ago

No need to check further. Not an issue.