stemaMSFT
commented
1 month ago Hey @v-vsj thanks for the issue! Is this on v1.14 of AzAPI? Does it work in a non for-each manner (if you tried, say, to create three auth rules)?
Closed v-vsj closed 1 month ago
stemaMSFT
commented
1 month ago Hey @v-vsj thanks for the issue! Is this on v1.14 of AzAPI? Does it work in a non for-each manner (if you tried, say, to create three auth rules)?
v-vsj
commented
1 month ago Hi @stemaMSFT Yes we are using the latest AzAPI provider v1.14.0 It works without for_each i.e. 1 : 1 mapping one auth rule associated against one WCF relay. We can't create 3 auth rules separately without iteration because of code placement.
All resource types such as relay namespace, relay auth rule, wcf relay, wcf auth rule are constructed under a single repo. a) Iteration using for_each works for WCF Relay creation. Able to create 2 relays. b) Multiple rules association against relays are not iterating properly.
v-vsj
commented
1 month ago @stemaMSFT Any findings from your end ?
hqhqhqhqhqhqhqhqhqhqhq
commented
1 month ago @v-vsj
Hi, the locks property should help here.
I can create the wcf_relays with corresponding auth_rule with no errors with below script (by setting the locks property in the auth_rule resource block)
resource "azurerm_resource_group" "rg" {
name = "rg-test22"
location = "East US"
}
resource "azapi_resource" "relay_namespace" {
type = "Microsoft.Relay/namespaces@2021-11-01"
parent_id = azurerm_resource_group.rg.id
name = "ns-test22"
location = "eastus"
body = {
properties = {
}
sku = {
name = "Standard"
tier = "Standard"
}
}
schema_validation_enabled = true
response_export_values = ["*"]
}
resource "azapi_resource" "wcf_relay" {
for_each = var.wcf_relays
type = "Microsoft.Relay/namespaces/wcfRelays@2021-11-01"
name = each.key
parent_id = azapi_resource.relay_namespace.id
body = jsonencode({
properties = {
relayType = "NetTcp"
}
})
depends_on = [azapi_resource.relay_namespace]
}
resource "azapi_resource" "auth_rule" {
for_each = var.auth_rules
type = "Microsoft.Relay/namespaces/wcfRelays/authorizationRules@2021-11-01"
name = each.value.rule_name
parent_id = azapi_resource.wcf_relay[each.value.relay_name].id
body = jsonencode({
properties = {
rights = each.value.rights
}
})
locks = [azapi_resource.wcf_relay[each.value.relay_name].id]
}
variable "wcf_relays" {
type = map(object({
relay_name = string
}))
default = {
"relay1" = { relay_name = "relay1" }
"relay2" = { relay_name = "relay2" }
"relay3" = { relay_name = "relay3" }
}
}
variable "auth_rules" {
type = map(object({
relay_name = string
rule_name = string
rights = list(string)
}))
default = {
"rule1" = { relay_name = "relay1", rule_name = "rule1", rights = ["Listen", "Send"] }
"rule2" = { relay_name = "relay2", rule_name = "rule2", rights = ["Listen"] }
"rule3" = { relay_name = "relay3", rule_name = "rule3", rights = ["Send"] }
}
}let me know if this didn't solve the issue
v-vsj
commented
1 month ago @hqhqhqhqhqhqhqhqhqhqhq Perfect. Able to deploy successfully. Thank you so much.
ms-henglu
commented
1 month ago I'll close this issue as it's resolved, but feel free to reopen it if there's any question.
We are able to create Multiple WCF relays, however creating and associating multiple authorization rules against the respective WCF relays aren't successful. We are iterating over the variable type map object using for_each for type="Microsoft.Relay/namespaces/wcfRelays/authorizationRules@2021-11-01"
parent_id = azapi_resource.wcf[each.value.relay_name].id as too loop over the relays created with type = "Microsoft.Relay/namespaces/wcfRelays@2021-11-01"
Only one of the random authorization rule from the map is associated to the relay and rest of them failing. Also, during subsequent runs it's noticed either creating another rule by destroying the previous one or not creating at all. We are trying to add 2 different rules against each 2 relays. Below is the error, please help us on this issue by providing a working code for our scenario.
-------------------xxx----------------------------------------------- RESPONSE 429: 429 Too Many Requests │ ERROR CODE: MessagingGatewayTooManyRequests │ -------------------------------------------------------------------------------- │ { │ "error": { │ "code": "MessagingGatewayTooManyRequests", │ "message": "SubCode=40901. Another conflicting operation is in progress. Wait for current operation to complete. To know visit https://aka.ms/sbResourceMgrExceptions. . TrackingId:ff8333e4-5886-41be-8fd9-689baf626653_G40, SystemTracker:a1a-12345-dev-rln-pvrns-uks-107.servicebus.windows.net:relay1, Timestamp:2024-07-23T15:48:39" │ } │ } │ -------------------------------------------------------------------------------- │ ╵ ╷ │ Error: Failed to create/update resource ------------------------------------------xxxxxxx---------------------------------------------------------------------------------