Restrict access to this Delivery Group not working

[dimi4ik]

Hello

Terraform Core Version

he semantic version of Terraform Core used when experiencing the bug. If multiple versions have been tested, a comma separated list.

Terraform v1.5.6 on linux_amd64

provider registry.terraform.io/citrix/citrix v0.4.0 provider registry.terraform.io/hashicorp/azurerm v3.87.0 provider registry.terraform.io/hashicorp/random v3.6.0

Description

When I try to add users to the delivery group, I receive the following message when running Terraform plan or Terraform apply

Error: Invalid Attribute Value Match │ │ with citrix_daas_delivery_group.dg, │ on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg": │ 6: resource "citrix_daas_delivery_group" "dg" { │ │ Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: user1@domain.com

The same error message occurs when I write the user or group in the format "user1@example.com" or in the format "user1\example."

Affected Resource(s)

Please list the affected resource(s) and/or data source(s). citrix_daas_delivery_group

Expected Behavior

What should have happened? a new DG mit User should be created.

Relevant Error/Panic Output Snippet

│  Error: Invalid Attribute Value Match
│ 
│   with citrix_daas_delivery_group.dg,
│   on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg":
│    6: resource "citrix_daas_delivery_group" "dg" {
│ 
│ Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: user1@domain.com
╵
###################################################################

Error: Invalid Attribute Value Match
│ 
│   with citrix_daas_delivery_group.dg,
│   on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg":
│    6: resource "citrix_daas_delivery_group" "dg" {
│ 
│ Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: domain\user1
╵
╷
│ Error: Invalid Attribute Value Match
│ 
│   with citrix_daas_delivery_group.dg,
│   on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg":
│    6: resource "citrix_daas_delivery_group" "dg" {
│ 
│ Attribute desktops[0].restricted_access_users.block_list[0] must be in Domain\UserOrGroupName format, got: domain\user1

Terraform Configuration Files

      restricted_access_users = { # Comment for restricted_access_users block
        allow_list = [
          "user1\\example" # Comment for allow_list
          "user1@example.com"
        ]
        block_list = [
          "domain\\azureser", # Comment for block_list
        ]
      }

Debug Output

2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.List: @module=sdk.framework description="element value must satisfy all validations: value must be one of: ["Sunday" "Monday" "Tuesday" "Wednesday" "Thursday" "Friday" "Saturday"]" tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:392 tf_attribute_path=reboot_schedules[1].days_in_week timestamp=2024-02-12T16:59:05.741+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Type implements TypeWithValidate: tf_attribute_path=associated_machine_catalogs tf_resource_type=citrix_daas_delivery_group @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:80 timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined Type Validate: tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @module=sdk.framework tf_attribute_path=associated_machine_catalogs tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:81 timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined Type Validate: tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:83 tf_attribute_path=associated_machine_catalogs tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @module=sdk.framework timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined validator.String: @module=sdk.framework description="must be specified with ID in GUID format" tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:707 tf_attribute_path=associated_machine_catalogs[0].machine_catalog tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.String: @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:717 tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @module=sdk.framework description="must be specified with ID in GUID format" tf_attribute_path=associated_machine_catalogs[0].machine_catalog timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Type implements TypeWithValidate: @module=sdk.framework tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:80 tf_rpc=ValidateResourceConfig tf_attribute_path=associated_machine_catalogs[0].machine_count tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.761+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined Type Validate: tf_attribute_path=associated_machine_catalogs[0].machine_count tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:81 @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined Type Validate: tf_resource_type=citrix_daas_delivery_group @module=sdk.framework tf_attribute_path=associated_machine_catalogs[0].machine_count tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:83 tf_provider_addr=registry.terraform.io/citrix/citrix tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined validator.Int64: tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:317 description="value must be at least 1" tf_attribute_path=associated_machine_catalogs[0].machine_count tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.Int64: tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:327 @module=sdk.framework description="value must be at least 1" tf_attribute_path=associated_machine_catalogs[0].machine_count tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Type implements TypeWithValidate: tf_attribute_path=desktops tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:80 tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig @module=sdk.framework timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined Type Validate: tf_rpc=ValidateResourceConfig @module=sdk.framework tf_attribute_path=desktops tf_resource_type=citrix_daas_delivery_group tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:81 tf_provider_addr=registry.terraform.io/citrix/citrix timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined Type Validate: tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig @module=sdk.framework tf_attribute_path=desktops tf_provider_addr=registry.terraform.io/citrix/citrix @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:83 tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Type implements TypeWithValidate: @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:80 tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined Type Validate: tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:81 @module=sdk.framework tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined Type Validate: tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:83 @module=sdk.framework tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined validator.List: tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig description="element value must satisfy all validations: must be in Domain\UserOrGroupName format" tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_provider_addr=registry.terraform.io/citrix/citrix @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:382 @module=sdk.framework tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.742+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.List: tf_provider_addr=registry.terraform.io/citrix/citrix tf_rpc=ValidateResourceConfig @module=sdk.framework tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:392 description="element value must satisfy all validations: must be in Domain\UserOrGroupName format" timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined validator.List: tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig description="list must contain at least 1 elements" tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:382 @module=sdk.framework timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.List: tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:392 @module=sdk.framework description="list must contain at least 1 elements" tf_attribute_path=desktops[0].restricted_access_users.allow_list tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Type implements TypeWithValidate: @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:80 tf_attribute_path=desktops[0].restricted_access_users.block_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined Type Validate: tf_attribute_path=desktops[0].restricted_access_users.block_list tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:81 @module=sdk.framework tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_resource_type=citrix_daas_delivery_group timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined Type Validate: tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @module=sdk.framework tf_attribute_path=desktops[0].restricted_access_users.block_list tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwschemadata/data_value.go:83 tf_provider_addr=registry.terraform.io/citrix/citrix timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Calling provider defined validator.List: @module=sdk.framework description="element value must satisfy all validations: must be in Domain\UserOrGroupName format" tf_attribute_path=desktops[0].restricted_access_users.block_list @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:382 tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Called provider defined validator.List: @caller=github.com/hashicorp/terraform-plugin-framework@v1.5.0/internal/fwserver/attribute_validation.go:392 tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @module=sdk.framework description="element value must satisfy all validations: must be in Domain\UserOrGroupName format" tf_attribute_path=desktops[0].restricted_access_users.block_list tf_provider_addr=registry.terraform.io/citrix/citrix tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Received downstream response: @module=sdk.proto tf_proto_version=6.4 tf_req_duration_ms=17 tf_resource_type=citrix_daas_delivery_group @caller=github.com/hashicorp/terraform-plugin-go@v0.21.0/tfprotov6/internal/tf6serverlogging/downstream_request.go:40 diagnostic_error_count=1 diagnostic_warning_count=0 tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 tf_rpc=ValidateResourceConfig timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [ERROR] provider.terraform-provider-citrix_v0.4.0: Response contains error diagnostic: diagnostic_detail="Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: user1@domain.com" @module=sdk.proto diagnostic_attribute=AttributeName("desktops").ElementKeyInt(0).AttributeName("restricted_access_users").AttributeName("allow_list").ElementKeyInt(0) tf_proto_version=6.4 tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig @caller=github.com/hashicorp/terraform-plugin-go@v0.21.0/tfprotov6/internal/diag/diagnostics.go:62 diagnostic_severity=ERROR tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 diagnostic_summary="Invalid Attribute Value Match" timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.762+0100 [TRACE] provider.terraform-provider-citrix_v0.4.0: Served request: @caller=github.com/hashicorp/terraform-plugin-go@v0.21.0/tfprotov6/tf6server/server.go:727 tf_resource_type=citrix_daas_delivery_group tf_rpc=ValidateResourceConfig tf_provider_addr=registry.terraform.io/citrix/citrix tf_req_id=ef1a5932-761b-af80-340f-d19dc8a50232 @module=sdk.proto tf_proto_version=6.4 timestamp=2024-02-12T16:59:05.743+0100
2024-02-12T16:59:05.761+0100 [TRACE] dag/walk: upstream of "citrix_daas_application.application-cmd" errored, so skipping
2024-02-12T16:59:05.762+0100 [TRACE] dag/walk: upstream of "citrix_daas_application.application-calc" errored, so skipping
2024-02-12T16:59:05.762+0100 [TRACE] dag/walk: upstream of "provider[\"registry.terraform.io/citrix/citrix\"] (close)" errored, so skipping
2024-02-12T16:59:05.763+0100 [TRACE] dag/walk: upstream of "root" errored, so skipping
2024-02-12T16:59:05.763+0100 [DEBUG] Azure Backend Request: 
HEAD /apc002tfstatefiles/apc001terraform.tfstate HTTP/1.1
Host: apc002tfstatebac03257.blob.core.windows.net
User-Agent: HashiCorp Terraform/1.5.6 (+https://www.terraform.io)
X-Ms-Date: Mon, 12 Feb 2024 15:59:05 GMT
X-Ms-Lease-Id: 405476a5-09f8-f696-d549-60d6612bfd7b
X-Ms-Version: 2018-11-09
2024-02-12T16:59:05.778+0100 [DEBUG] Azure Backend Response for https://apc002tfstatebac03257.blob.core.windows.net/apc002tfstatefiles/apc001terraform.tfstate: 
HTTP/1.1 200 OK
Content-Length: 19218
Accept-Ranges: bytes
Content-Md5: dXe5rGU/24GdcAvQhgFG7A==
Content-Type: application/json
Date: Mon, 12 Feb 2024 15:59:06 GMT
Etag: "0x8DC2BE389BB4689"
Last-Modified: Mon, 12 Feb 2024 15:59:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Ms-Access-Tier: Hot
X-Ms-Access-Tier-Inferred: true
X-Ms-Blob-Type: BlockBlob
X-Ms-Creation-Time: Sat, 10 Feb 2024 15:42:16 GMT
X-Ms-Lease-Duration: infinite
X-Ms-Lease-State: leased
X-Ms-Lease-Status: locked
X-Ms-Meta-Terraformlockid: eyJJRCI6IjQwNTQ3NmE1LTA5ZjgtZjY5Ni1kNTQ5LTYwZDY2MTJiZmQ3YiIsIk9wZXJhdGlvbiI6Ik9wZXJhdGlvblR5cGVQbGFuIiwiSW5mbyI6IiIsIldobyI6ImRpbWlAREVTS1RPUC0xTENWT1BNIiwiVmVyc2lvbiI6IjEuNS42IiwiQ3JlYXRlZCI6IjIwMjQtMDItMTJUMTU6NTk6MDMuODA4NzE3MVoiLCJQYXRoIjoiYXBjMDAydGZzdGF0ZWZpbGVzL2FwYzAwMXRlcnJhZm9ybS50ZnN0YXRlIn0=
X-Ms-Request-Id: 73b81f8c-d01e-0029-6ccc-5d99e5000000
X-Ms-Server-Encrypted: true
X-Ms-Version: 2018-11-09
2024-02-12T16:59:05.778+0100 [DEBUG] Azure Backend Request: 
HEAD /apc002tfstatefiles/apc001terraform.tfstate HTTP/1.1
Host: apc002tfstatebac03257.blob.core.windows.net
User-Agent: HashiCorp Terraform/1.5.6 (+https://www.terraform.io)
X-Ms-Date: Mon, 12 Feb 2024 15:59:05 GMT
X-Ms-Lease-Id: 405476a5-09f8-f696-d549-60d6612bfd7b
X-Ms-Version: 2018-11-09
2024-02-12T16:59:05.798+0100 [DEBUG] Azure Backend Response for https://apc002tfstatebac03257.blob.core.windows.net/apc002tfstatefiles/apc001terraform.tfstate: 
HTTP/1.1 200 OK
Content-Length: 19218
Accept-Ranges: bytes
Content-Md5: dXe5rGU/24GdcAvQhgFG7A==
Content-Type: application/json
Date: Mon, 12 Feb 2024 15:59:06 GMT
Etag: "0x8DC2BE389BB4689"
Last-Modified: Mon, 12 Feb 2024 15:59:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Ms-Access-Tier: Hot
X-Ms-Access-Tier-Inferred: true
X-Ms-Blob-Type: BlockBlob
X-Ms-Creation-Time: Sat, 10 Feb 2024 15:42:16 GMT
X-Ms-Lease-Duration: infinite
X-Ms-Lease-State: leased
X-Ms-Lease-Status: locked
X-Ms-Meta-Terraformlockid: eyJJRCI6IjQwNTQ3NmE1LTA5ZjgtZjY5Ni1kNTQ5LTYwZDY2MTJiZmQ3YiIsIk9wZXJhdGlvbiI6Ik9wZXJhdGlvblR5cGVQbGFuIiwiSW5mbyI6IiIsIldobyI6ImRpbWlAREVTS1RPUC0xTENWT1BNIiwiVmVyc2lvbiI6IjEuNS42IiwiQ3JlYXRlZCI6IjIwMjQtMDItMTJUMTU6NTk6MDMuODA4NzE3MVoiLCJQYXRoIjoiYXBjMDAydGZzdGF0ZWZpbGVzL2FwYzAwMXRlcnJhZm9ybS50ZnN0YXRlIn0=
X-Ms-Request-Id: 73b81f8e-d01e-0029-6ecc-5d99e5000000
X-Ms-Server-Encrypted: true
X-Ms-Version: 2018-11-09
2024-02-12T16:59:05.798+0100 [DEBUG] Azure Backend Request: 
PUT /apc002tfstatefiles/apc001terraform.tfstate?comp=metadata HTTP/1.1
Host: apc002tfstatebac03257.blob.core.windows.net
User-Agent: HashiCorp Terraform/1.5.6 (+https://www.terraform.io)
Content-Length: 0
X-Ms-Date: Mon, 12 Feb 2024 15:59:05 GMT
X-Ms-Lease-Id: 405476a5-09f8-f696-d549-60d6612bfd7b
X-Ms-Version: 2018-11-09
Accept-Encoding: gzip
2024-02-12T16:59:05.818+0100 [DEBUG] Azure Backend Response for https://apc002tfstatebac03257.blob.core.windows.net/apc002tfstatefiles/apc001terraform.tfstate?comp=metadata: 
HTTP/1.1 200 OK
Content-Length: 0
Date: Mon, 12 Feb 2024 15:59:06 GMT
Etag: "0x8DC2BE38AE2843C"
Last-Modified: Mon, 12 Feb 2024 15:59:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Ms-Request-Id: 73b81f90-d01e-0029-70cc-5d99e5000000
X-Ms-Request-Server-Encrypted: true
X-Ms-Version: 2018-11-09
2024-02-12T16:59:05.818+0100 [DEBUG] Azure Backend Request: 
PUT /apc002tfstatefiles/apc001terraform.tfstate?comp=lease HTTP/1.1
Host: apc002tfstatebac03257.blob.core.windows.net
User-Agent: HashiCorp Terraform/1.5.6 (+https://www.terraform.io)
Content-Length: 0
X-Ms-Date: Mon, 12 Feb 2024 15:59:05 GMT
X-Ms-Lease-Action: release
X-Ms-Lease-Id: 405476a5-09f8-f696-d549-60d6612bfd7b
X-Ms-Version: 2018-11-09
Accept-Encoding: gzip
2024-02-12T16:59:05.838+0100 [DEBUG] Azure Backend Response for https://apc002tfstatebac03257.blob.core.windows.net/apc002tfstatefiles/apc001terraform.tfstate?comp=lease: 
HTTP/1.1 200 OK
Content-Length: 0
Date: Mon, 12 Feb 2024 15:59:06 GMT
Etag: "0x8DC2BE38AE2843C"
Last-Modified: Mon, 12 Feb 2024 15:59:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Ms-Request-Id: 73b81f94-d01e-0029-73cc-5d99e5000000
X-Ms-Version: 2018-11-09
╷
│ Error: Invalid Attribute Value Match
│ 
│   with citrix_daas_delivery_group.dg,
│   on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg":
│    6: resource "citrix_daas_delivery_group" "dg" {
│ 
│ Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: user1@domain.com
╵
2024-02-12T16:59:05.842+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-02-12T16:59:05.844+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/citrix/citrix/0.4.0/linux_amd64/terraform-provider-citrix_v0.4.0 pid=7013
2024-02-12T16:59:05.844+0100 [DEBUG] provider: plugin exited

Thanks Dima

[aneeshk-citrix]

Hi Dima,

The error message says that the expected format is the SAM name which is Domain\Username or Domain\GroupName. In your case, it should be domain\User1 or example\user1.

We have restrcicted_access_users on the delivery_group level and also under desktops. Both follow the same format. Please ensure both have the correct values.

I see that the examples are outdated. We are working on updating this.

[dimi4ik]

Hi @aneeshk-citrix When I type like this I get the following error:

 restricted_access_users = { # Comment for restricted_access_users block
    allow_list = [
      "domain\azureuser" # Comment for allow_list
    ]
    block_list = [
      "domain\azureuser", # Comment for block_list
    ]
  }

│ Error: Invalid escape sequence │ │ on 07_delivery_group.tf line 68, in resource "citrix_daas_delivery_group" "dg": │ 68: "domain\azureuser" # Comment for allow_list │ │ The symbol "a" is not a valid escape sequence selector.

what's wrong with me?

[aneeshk-citrix]

Hi @dimi4ik ,

I think it needs to be "domain\azureuser". \ is used for escape characters and that's why you need two of them.

[dimi4ik]

Hi @aneeshk-citrix

As you informed me, the following code has been tested:

      restricted_access_users = { # Comment for restricted_access_users block
        allow_list = [
          "domain\\user1" # Comment for allow_list

        ]
        #block_list = [
        #  "domain\\user1", # Comment for block_list
        #]
      }
    }

When I type like this I get the following error:

rror: Invalid Attribute Value Match
│ 
│   with citrix_daas_delivery_group.dg,
│   on 07_delivery_group.tf line 6, in resource "citrix_daas_delivery_group" "dg":
│    6: resource "citrix_daas_delivery_group" "dg" {
│ 
│ Attribute desktops[0].restricted_access_users.allow_list[0] must be in Domain\UserOrGroupName format, got: domain\user1

Could you please check if there is an error on my end or if it's a bug from the Terraform provider? If you need any further information or logs, I can provide them.

what's wrong with me?

[aneeshk-citrix]

Hi @dimi4ik ,

Can you post your terraform configuration for delivery groups (.tf) file and I can take a look.

Thanks, Aneesh

[dimi4ik]

Hi @aneeshk-citrix

here is my delivery groups configuration. And just for you to know, I can successfully create the DG without restricted_access_users & restricted_access_users. Thanks for checking

#

#################################################################
#create a delivery group
#################################################################

resource "citrix_daas_delivery_group" "dg" {
  #name = var.delivery_group_name # Comment for name property
  name        = local.combined_10
  description = local.delivery_group_description # Comment for description property
  associated_machine_catalogs = [
    {
      machine_catalog = citrix_daas_machine_catalog.mc.id # Comment for machine_catalog property
      machine_count   = var.machine_count_dg              # Comment for machine_count property
    }
  ]
  desktops = [
    {
      published_name         = var.published_name_desktop       # Comment for published_name
      description            = "Desription for example desktop" # Comment for description
      enabled                = true                             # Comment for enabled property
      enable_session_roaming = false                            # Comment for enable_session_roaming property

      restricted_access_users = { # Comment for restricted_access_users block
        allow_list = [
          "domain\\user1" # Comment for allow_list

        ]
        #block_list = [
        #  "domain\\user1", # Comment for block_list
        #]
      }

    }
  ]
  #Comment for autoscale_settings property 
  autoscale_settings = {
    autoscale_enabled = true # Comment for autoscale_enabled property
    power_time_schemes = [
      {
        days_of_week = [
          "Monday",    # Comment for Monday value
          "Tuesday",   # Comment for Tuesday value
          "Wednesday", # Comment for Wednesday value
          "Thursday",  # Comment for Thursday value
          "Friday"     # Comment for Friday value
        ]
        name         = "weekdays test"     # Comment for name property
        display_name = "weekdays schedule" # Comment for display_name property
        peak_time_ranges = [
          "09:00-17:00" # Comment for peak_time_ranges value
        ]
        pool_size_schedules = [
          {
            time_range = "00:00-00:00", # Comment for time_range property
            pool_size  = 1              # Comment for pool_size property
          }
        ]
        pool_using_percentage = false # Comment for pool_using_percentage property
      },
    ]
  }

  restricted_access_users = { # Comment for restricted_access_users block
    allow_list = [
      "domain\\user1" # Comment for allow_list
    ]
    block_list = [
      "domain\\user1", # Comment for block_list
    ]
  }

  reboot_schedules = [
    {
      name                    = "example_reboot_schedule_weekly"
      reboot_schedule_enabled = true
      frequency               = "Weekly"
      frequency_factor        = 1
      days_in_week = [
        "Monday",
        "Tuesday",
        "Wednesday"
      ]
      start_time              = "12:12"
      start_date              = "2024-05-25"
      reboot_duration_minutes = 0
      ignore_maintenance_mode = true
      natural_reboot_schedule = false
    },
    {
      name                    = "example_reboot_schedule_monthly"
      description             = "example reboot schedule"
      reboot_schedule_enabled = true
      frequency               = "Monthly"
      frequency_factor        = 2
      week_in_month           = "First"
      day_in_month            = "Monday"
      start_time              = "12:12"
      start_date              = "2024-04-21"
      ignore_maintenance_mode = true
      reboot_duration_minutes = 120
      natural_reboot_schedule = false
      reboot_notification_to_users = {
        notification_duration_minutes       = 15
        notification_message                = "test message"
        notification_title                  = "test title"
        notification_repeat_every_5_minutes = true
      }
    }
  ]
}

[aneeshk-citrix]

Hi @dimi4ik ,

Your config looks good. I even ran terraform against your config and it has been working fine for me. If you have more delivery group configurations, can you make sure all of them are correct. In the meantime, I'll try to run some tests to see if I run into this issue.

Thanks

[dimi4ik]

@aneeshk-citrix Thank you for testing. I have now deleted the second DG, which is not controlled via TF, and applied Terraform again, but I still receive the same message. I can wait, but I ask you to consider this problem as a BUG. Thank you.

[dimi4ik]

@aneeshk-citrix @jamesrknox @louiseunice @ejchen Hello everyone, I tested with the new provider version and got the same error message. Could you classify the problem as a BUG and fix it in the new release?

Thanks

[zhuolun-citrix]

Hi @dimi4ik ,

I have just copied the full delivery group config to my own terraform and ran terraform plan. It worked on my end. I also changed the user account to unsupported format that might be used and we were able to catch those errors. @aneeshk-citrix tried and got the same result. It doesn't seem like a bug on the provider.

Please make sure that you don't use domain FQDN in your user list as prefix like domain.com\user, but only use the valid domain name prefix like domain\user. We do not allow having . in domain prefix.

If the issue still persist, please kindly provide one actual value that you use in the user list. You can mask out the actual domain name with placeholder strings but the format has to stay the same.

[dimi4ik]

Thanks @zhuolun-citrix 👍

I found the errors 💯 , my domain name is k000 and that's a problem. If I enter any other domain name instead of my domain, e.g. kkkk then it works, I get another error message. Can I convert the domain name to other variable type? or can you check it? fix

[dimi4ik]

Thanks for the fix, it works now