search

Azure / terraform-provider-azapi

Terraform provider for Azure Resource Manager Rest API
https://registry.terraform.io/providers/Azure/azapi/latest
Mozilla Public License 2.0
193 stars 49 forks source link

Error: `resource_id` and `type` are not matched and tainted resources in TF state #147

Closed slime-uk closed 2 years ago

slime-uk commented 2 years ago

Hi,

Using 0.4.0 version of AzAPI provider, and AzureRM provider 3.12.0, I have created a Azure Front Door premium profile and then an endpoint using standard AzureRM definitions. Due to lack of support, I then went on to use the AzAPI provider for required origingroups and origins and finally a route.

The route seemed to create fine (201 status) but now I get the following error during any TF plan.

Error: `resource_id` and `type` are not matched
with azapi_resource.aks-cluster-afd-origingrp-simon-origin-route-azapi
on aks_creationCore.tf line 1610, in resource "azapi_resource" "aks-cluster-afd-origingrp-simon-origin-route-azapi":
resource "azapi_resource" "aks-cluster-afd-origingrp-simon-origin-route-azapi" {

I searched here under open and closed issues and noticed it can often be a case that the type is case sensitive but I think I have it correct on the route:

Here's my AzAPI TF definition for the AzFD route:

resource "azapi_resource" "aks-cluster-afd-origingrp-simon-origin-route-azapi" {
    type        = "Microsoft.Cdn/profiles/afdendpoints/routes@2021-06-01"
    name        = "route-simon-origin-azapi"
    parent_id           = azurerm_cdn_frontdoor_endpoint.aks-cluster-afd-endpoint.id

    # Ignore casing in body
    ignore_casing               = true

    body = jsonencode({
            properties = {
            originGroup = {
                id = azapi_resource.aks-cluster-afd-origingrp-simon-azapi.id
            }
            supportedProtocols = [
                "Http",
                "Https"
            ]
            patternsToMatch = [
                "/*"
            ]
            forwardingProtocol  = "MatchRequest"
            linkToDefaultDomain = "Enabled"
            httpsRedirect       = "Disabled"
            enabledState        = "Enabled"
            }
    })

    depends_on = [
        azurerm_cdn_frontdoor_endpoint.aks-cluster-afd-endpoint,
                azapi_resource.aks-cluster-afd-origingrp-simon-azapi,
    ]
}

I also noticed that the route is in the TFC state - but with a status of tainted - see extract...

{
      "mode": "managed",
      "type": "azapi_resource",
      "name": "aks-cluster-afd-origingrp-simon-origin-route-azapi",
      "provider": "provider[\"registry.terraform.io/azure/azapi\"]",
      "instances": [
        {
          "status": "tainted",
          "schema_version": 0,
          "attributes": {
         :
         :

Any ideas please?

Thanks!

ms-henglu commented 2 years ago

Hi @slime-uk ,

Thank you for opening this issue! Yes, the type is case-sensitive, and I highly recommended to install this VSCode extension, which will auto-complete the types and allowed properties.

Here's a full example for this case, please notice the diff on "Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01":

resource "azurerm_resource_group" "test" {
  name     = "henglu77cdn"
  location = "West Europe"
}

resource "azurerm_cdn_frontdoor_profile" "test" {
  name                = "henglu77cdn"
  resource_group_name = azurerm_resource_group.test.name
  sku_name            = "Standard_AzureFrontDoor"
}

resource "azurerm_cdn_frontdoor_endpoint" "test" {
  name                     = "henglu77cdn"
  cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.test.id
}

resource "azapi_resource" "group" {
  type      = "Microsoft.Cdn/profiles/originGroups@2021-06-01"
  name      = "henglu77cdn"
  parent_id = azurerm_cdn_frontdoor_profile.test.id
  body = jsonencode({
    properties = {
      loadBalancingSettings = {
        additionalLatencyInMilliseconds = 100
        sampleSize                      = 100
        successfulSamplesRequired       = 100
      }
    }
  })
}

resource "azapi_resource" "origin" {
  type = "Microsoft.Cdn/profiles/originGroups/origins@2021-06-01"
  name = "henglu77cdn"
  parent_id = azapi_resource.group.id
  body = jsonencode({
    properties = {
      hostName = "127.0.0.1"
    }
  })
}

resource "azapi_resource" "test" {
  type      = "Microsoft.Cdn/profiles/afdEndpoints/routes@2021-06-01"
  name      = "henglu77cdn"
  parent_id = azurerm_cdn_frontdoor_endpoint.test.id

  body = jsonencode({
    properties = {
      originGroup = {
        id = azapi_resource.group.id
      }
      supportedProtocols = [
        "Http",
        "Https"
      ]
      patternsToMatch = [
        "/*"
      ]
      forwardingProtocol  = "MatchRequest"
      linkToDefaultDomain = "Enabled"
      httpsRedirect       = "Disabled"
      enabledState        = "Enabled"
    }
  })

  depends_on = [
    azapi_resource.origin
  ]
}
slime-uk commented 2 years ago

Thank you for the reply. I did indeed have the vscode extension installed but clearly it was not working correctly! I find installing extensions under vscode not easy!

Have corrected my code, removed the tainted objects from TFC state and re-run - all looks good now.

To help others - maybe you could (when you have time) do a short "installing the extension into vscode" video under the help for the AzAPI provider?

Thanks!

ms-henglu commented 2 years ago

Hi @slime-uk ,

Glad to see it works! And it's a great idea to provide some videos about the azapi extension, I'll do it. Thanks!