search

Azure / terraform-provider-azapi

Terraform provider for Azure Resource Manager Rest API
https://registry.terraform.io/providers/Azure/azapi/latest
Mozilla Public License 2.0
194 stars 51 forks source link

Problem with creation VNET link to the private dns zone #649

Open eking-go opened 1 month ago

eking-go commented 1 month ago

Full examples of code: https://github.com/Azure/terraform-provider-azapi/issues/642

I thought that my mistake was to use jsonencode function. But it is not the problem. From plan:

 resource "azapi_resource" "az_pdzvnl" {
      + body                      = {
          + properties = {
              + virtualNetwork = {
                  + id                  = "/subscriptions/630***/resourceGroups/rg-***/providers/Microsoft.Network/virtualNetworks/vnet-***"
                  + registrationEnabled = false
                }
            }
        }
      + id                        = (known after apply)
      + ignore_casing             = false
      + ignore_missing_property   = true
      + location                  = "global"
      + name                      = "vnet-dns-lnk-vnet-***"
      + output                    = (known after apply)
      + parent_id                 = "/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp"
      + response_export_values    = [
          + "*",
        ]
      + schema_validation_enabled = false
      + type                      = "Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01"
    }

Error:

│ creating/updating Resource: (ResourceId
│ "/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***"
│ / Api Version "2018-09-01"): PUT
│ https://management.azure.com/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***
│ --------------------------------------------------------------------------------
│ RESPONSE 400: 400 Bad Request
│ ERROR CODE: BadRequest
│ --------------------------------------------------------------------------------
│ {
│   "code": "BadRequest",
│   "message": "The specified virtual network link registration setting is invalid."
│ }
│ --------------------------------------------------------------------------------
eking-go commented 1 month ago

I have tested it with 1.15 and with 2.0 version of azapi provider. The same error

2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: [DEBUG] Oct 22 15:56:23.168513 Response: ==> REQUEST/RESPONSE (Try=1/103.871ms, OpTime=103.8934ms) -- RESPONSE RECEIVED
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    GET https://management.azure.com/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***?api-version=2018-09-01
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Accept: application/json
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Authorization: REDACTED
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    User-Agent: HashiCorp Terraform/1.4.7 (+https://www.terraform.io) terraform-provider-azapi/v2.0.1 pid-222c6c49-1b0a-5959-a213-6608f9eb8820
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Ms-Correlation-Request-Id: 8ecf6585-cca8-9af8-2623-4ec524e2ca6f
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    RESPONSE Status: 404 Not Found
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Cache-Control: no-cache
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Content-Length: 296
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Content-Type: application/json; charset=utf-8
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Date: Tue, 22 Oct 2024 15:56:23 GMT
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Expires: -1
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Pragma: no-cache
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Cache: REDACTED
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Content-Type-Options: nosniff
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Ms-Correlation-Request-Id: 8ecf6585-cca8-9af8-2623-4ec524e2ca6f
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Ms-Failure-Cause: gateway
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Ms-Request-Id: 3ff1178e-faf9-42a4-8083-f309c49f35fb
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Ms-Routing-Request-Id: NORTHEUROPE:20241022T155623Z:3ff1178e-faf9-42a4-8083-f309c49f35fb
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    X-Msedge-Ref: REDACTED
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: {"error":{"code":"ResourceNotFound","message":"The Resource 'Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***' under resource group 'rg-***' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"}}
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:    --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: [DEBUG] Live traffic: {"request":{"headers":{"Accept":"application/json","Authorization":"REDACTED","User-Agent":"HashiCorp Terraform/1.4.7 (+https://www.terraform.io) terraform-provider-azapi/v2.0.1 pid-222c6c49-1b0a-5959-a213-6608f9eb8820","X-Ms-Correlation-Request-Id":"8ecf6585-cca8-9af8-2623-4ec524e2ca6f"},"method":"GET","url":"https://management.azure.com/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***?api-version=2018-09-01","body":""},"response":{"statusCode":404,"headers":{"Cache-Control":"no-cache","Content-Length":"296","Content-Type":"application/json; charset=utf-8","Date":"Tue, 22 Oct 2024 15:56:23 GMT","Expires":"-1","Pragma":"no-cache","Strict-Transport-Security":"max-age=31536000; includeSubDomains","X-Cache":"CONFIG_NOCACHE","X-Content-Type-Options":"nosniff","X-Ms-Correlation-Request-Id":"8ecf6585-cca8-9af8-2623-4ec524e2ca6f","X-Ms-Failure-Cause":"gateway","X-Ms-Request-Id":"3ff1178e-faf9-42a4-8083-f309c49f35fb","X-Ms-Routing-Request-Id":"NORTHEUROPE:20241022T155623Z:3ff1178e-faf9-42a4-8083-f309c49f35fb","X-Msedge-Ref":"Ref A: A03A10C358114325AFF90D5C3B3AC18B Ref B: AMS231022012017 Ref C: 2024-10-22T15:56:23Z"},"body":"{\"error\":{\"code\":\"ResourceNotFound\",\"message\":\"The Resource 'Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***' under resource group 'rg-***' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix\"}}"}}
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: [DEBUG] Oct 22 15:56:23.168585 Retry: response 404
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: [DEBUG] Oct 22 15:56:23.168592 Retry: exit due to non-retriable status code
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: [DEBUG] Oct 22 15:56:23.168627 ResponseError: GET https://management.azure.com/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: RESPONSE 404: 404 Not Found
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: ERROR CODE: ResourceNotFound
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: {
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:   "error": {
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:     "code": "ResourceNotFound",
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:     "message": "The Resource 'Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***' under resource group 'rg-***' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:   }
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: }
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1: --------------------------------------------------------------------------------
2024-10-22T15:56:23.168Z [DEBUG] provider.terraform-provider-azapi_v2.0.1:
2024-10-22T15:56:23.168Z [ERROR] provider.terraform-provider-azapi_v2.0.1: Response contains error diagnostic: @module=sdk.proto diagnostic_detail="creating/updating Resource: (ResourceId "/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***" / Api Version "2018-09-01"): PUT https://management.azure.com/subscriptions/678***/resourceGroups/rg-***/providers/Microsoft.Network/privateDnsZones/***.corp/virtualNetworkLinks/vnet-dns-lnk-vnet-***
--------------------------------------------------------------------------------
RESPONSE 400: 400 Bad Request
ERROR CODE: BadRequest
--------------------------------------------------------------------------------
{
  "code": "BadRequest",
  "message": "The specified virtual network link registration setting is invalid."
}
--------------------------------------------------------------------------------

I have checked all ID's and links many times. All resources exist.

ms-henglu commented 1 month ago

Hi @eking-go ,

Thank you for taking time to report this issue!

Would you please check with Azure Support about this issue? Because they have better domain knowledge about how to configure this service.

eking-go commented 1 month ago

Hi, @ms-henglu

Will try. Thank you. Please, don't close this issue until that. I will update.

Strange, that I can create the resource (link) with azurerm provider, from the same VM with the same identity/rights...

ms-henglu commented 4 weeks ago

Strange, that I can create the resource (link) with azurerm provider, from the same VM with the same identity/rights...

Yes, indeed. Would you please check the debug logs of the azurerm provider, then we could check the difference of the API traffic between the two providers.