Error: creating/updating IotHub

[nemetht]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

bash-5.0# terraform -v Terraform v0.13.5

• provider registry.terraform.io/hashicorp/azuread v1.6.0
• provider registry.terraform.io/hashicorp/azurerm v2.73.0
• provider registry.terraform.io/hashicorp/null v3.1.0
• provider registry.terraform.io/hashicorp/random v3.1.0

Affected Resource(s)

• azurerm_iothub

Terraform Configuration Files

resource "azurerm_iothub" "device_hub" {
  name                = local.iot_hub_name
  resource_group_name = local.resource_group_name
  location            = var.long_region
  public_network_access_enabled = true

  dynamic "ip_filter_rule" {
    for_each = [for ip_mask in var.ip_ranges: {
      name    = replace(replace(ip_mask, ".", "_"), "/", "-")
      ip_mask = ip_mask
    }]
    content {
      name    = ip_filter_rule.value.name
      ip_mask = ip_filter_rule.value.ip_mask
      action  = "Accept"
    }
  }

  sku {
    name     = "S1"
    capacity = "1"
  }

  tags = {
    Environment = var.env_tag
  }

  lifecycle {
    ignore_changes = [
      sku
    ]
  }
}

variable "ip_ranges" {
  type = list(string)
  default = [
    "1.2.3.4/29",
    "5.6.7.8/29",
...
  ]
}

Debug Output

{"id":"/subscriptions/xxxxxxxxx-xxxx-../resourceGroups/rg/providers/Microsoft.Devices/IotHubs/fancy-iothub","name":"fancy-iothub","type":"Microsoft.Devices/IotHubs","location":"westeurope","tags":{"Environment":"fancy"},"subscriptionid":"xxxxxxxxx-xxxx-..","resourcegroup":"rg","etag":"AAAADFrb/ao=","properties":{"locations":[{"location":"West Europe","role":"primary"},{"location":"North Europe","role":"secondary"}],"state":"Active","provisioningState":"Succeeded","ipFilterRules":[{"filterName":"1-28","action":"Accept","ipMask":"1/28"},{"filterName":"2-29","action":"Accept","ipMask":"2/29"},],"hostName":"fancy-iothub.azure-devices.net","eventHubEndpoints":{"events":{"retentionTimeInDays":1,"partitionCount":4,"partitionIds":["0","1","2","3"],"path":"fancy-iothub","endpoint":"sb://iothub-ns-fancy-w-2306779-438a59a4f2.servicebus.windows.net/"}},"routing":{"endpoints":{"serviceBusQueues":[],"serviceBusTopics":[],"eventHubs":[{"connectionString":"Endpoint=sb://fancy-eh-ns.servicebus.windows.net:5671/;SharedAccessKeyName=fancy-event-hub-auth-rule;SharedAccessKey=****;EntityPath=fancy-eh","name":"telemetry_hub","id":"b2ec476b-9f11-45eb-a3f7-44c447942fb3","subscriptionId":"xxxxxxxxx-xxxx-..","resourceGroup":"rg"}],"storageContainers":[{"containerName":"events","fileNameFormat":"telemetry/{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}","batchFrequencyInSeconds":300,"maxChunkSizeInBytes":314572800,"encoding":"avro","endpointUri":"https://fancyweufancyevents.blob.core.windows.net","authenticationType":"identityBased","name":"datalake-endpoint","id":"2b2e837f-7fdf-4ca9-9d8f-59f628fa65cc","subscriptionId":"xxxxxxxxx-xxxx-..","resourceGroup":"rg"}]},"routes":[{"name":"route_to_telemetry_hub","source":"DeviceMessages","condition":"true","endpointNames":["telemetry_hub"],"isEnabled":true},{"name":"route-to-builtin-endpoint","source":"DeviceMessages","condition":"true","endpointNames":["events"],"isEnabled":true},{"name":"route-to-datalake-endpoint","source":"DeviceMessages","condition":"true","endpointNames":["datalake-endpoint"],"isEnabled":true}],"fallbackRoute":{"name":"$fallback","source":"DeviceMessages","condition":"true","endpointNames":["events"],"isEnabled":false}},"storageEndpoints":{},"messagingEndpoints":{"fileNotifications":{"lockDurationAsIso8601":"PT1M","ttlAsIso8601":"PT1H","maxDeliveryCount":10}},"enableFileUploadNotifications":false,"cloudToDevice":{"maxDeliveryCount":10,"defaultTtlAsIso8601":"PT1H","feedback":{"lockDurationAsIso8601":"PT1M","ttlAsIso8601":"PT1H","maxDeliveryCount":10}},"features":"None","publicNetworkAccess":"Enabled"},"sku":{"name":"S1","tier":"Standard","capacity":1},"identity":{"tenantId":"xxxxxxxxx-xxxx-..","type":"SystemAssigned","principalId":"xxxxxxxxx-xxxx-.."}}: timestamp=2021-10-25T16:05:30.483Z 2021-10-25T16:05:30.489Z [DEBUG] plugin.terraform-provider-azurerm_v2.73.0_x5: AzureRM Request: PUT /subscriptions/xxxxxxxxx-xxxx-../resourceGroups/rg/providers/Microsoft.Devices/IotHubs/fancy-iothub?api-version=2020-03-01 HTTP/1.1 Host: management.azure.com User-Agent: Go/go1.16.7 (amd64-linux) go-autorest/v14.2.1 Azure-SDK-For-Go/v56.2.0 devices/2020-03-01 HashiCorp Terraform/0.13.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/2.73.0 pid-222c6c49-1b0a-5959-a213-6608f9eb8820 Content-Length: 2764 Content-Type: application/json; charset=utf-8 X-Ms-Correlation-Request-Id: 03945d10-274d-efc7-ec53-5ad2f2966dce Accept-Encoding: gzip

{"location":"westeurope","properties":{"enableFileUploadNotifications":false,"eventHubEndpoints":{"events":{"partitionCount":4,"retentionTimeInDays":1}},"ipFilterRules":[{"filterName":...],"messagingEndpoints":{},"publicNetworkAccess":"Enabled","routing":{"endpoints":{"serviceBusQueues":[],"serviceBusTopics":[],"eventHubs":[{"connectionString":"Endpoint=sb://fancy-eh-ns.servicebus.windows.net:5671/;SharedAccessKeyName=fancy-event-hub-auth-rule;SharedAccessKey=****;EntityPath=fancy-eh","name":"telemetry_hub","subscriptionId":"xxxxxxxxx-xxxx-..","resourceGroup":"rg"}],"storageContainers":[{"connectionString":"","name":"datalake-endpoint","subscriptionId":"xxxxxxxxx-xxxx-..","resourceGroup":"rg","containerName":"events","fileNameFormat":"telemetry/{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}","batchFrequencyInSeconds":300,"maxChunkSizeInBytes":314572800,"encoding":"avro"}]},"routes":[{"name":"route_to_telemetry_hub","source":"DeviceMessages","condition":"true","endpointNames":["telemetry_hub"],"isEnabled":true},{"name":"route-to-builtin-endpoint","source":"DeviceMessages","condition":"true","endpointNames":["events"],"isEnabled":true},{"name":"route-to-datalake-endpoint","source":"DeviceMessages","condition":"true","endpointNames":["datalake-endpoint"],"isEnabled":true}],"fallbackRoute":{"source":"DeviceMessages","condition":"true","endpointNames":["events"],"isEnabled":false}},"storageEndpoints":{}},"sku":{"capacity":1,"name":"S1"},"tags":{"Environment":"fancy"}}: timestamp=2021-10-25T16:05:30.488Z 2021-10-25T16:05:32.860Z [DEBUG] plugin.terraform-provider-azurerm_v2.73.0_x5: AzureRM Response for https://management.azure.com/subscriptions/xxxxxxxxx-xxxx-../resourceGroups/rg/providers/Microsoft.Devices/IotHubs/fancy-iothub?api-version=2020-03-01: HTTP/2.0 400 Bad Request Content-Length: 310 Cache-Control: no-cache Content-Type: application/json; charset=utf-8 Date: Mon, 25 Oct 2021 16:05:32 GMT Expires: -1 Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Ms-Correlation-Request-Id: 03945d10-274d-efc7-ec53-5ad2f2966dce X-Ms-Ratelimit-Remaining-Subscription-Resource-Requests: 4999 X-Ms-Request-Id: 9b2ed180-d86d-4a19-9d53-b22eab5695d6 X-Ms-Routing-Request-Id: GERMANYWESTCENTRAL:20211025T160532Z:9b2ed180-d86d-4a19-9d53-b22eab5695d6

{"code":400116,"httpStatusCode":"BadRequest","message":"Valid Connection string should be provided. endpointName: datalake-endpoint. If you contact a support representative please include this correlation identifier: af667c68-ac23-4c7c-b7ab-b538ccf75959, timestamp: 2021-10-25 16:05:32Z, errorcode: IH400116."}: timestamp=2021-10-25T16:05:32.860Z 2021-10-25T16:05:32.860Z [DEBUG] plugin.terraform-provider-azurerm_v2.73.0_x5: Unlocking "azurerm_iothub.fancy-iothub": timestamp=2021-10-25T16:05:32.860Z 2021-10-25T16:05:32.861Z [DEBUG] plugin.terraform-provider-azurerm_v2.73.0_x5: Unlocked "azurerm_iothub.fancy-iothub": timestamp=2021-10-25T16:05:32.860Z 2021/10/25 16:05:32 [DEBUG] azurerm_iothub.device_hub: apply errored, but we're indicating that via the Error pointer rather than returning it: creating/updating IotHub "fancy-iothub" (Resource Group "rg"): devices.IotHubResourceClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="Failed" Message="The async operation failed." InnerError={"unmarshalError":"json: cannot unmarshal number into Go struct field serviceErrorInternal.code of type string"} AdditionalInfo=[{"code":400116,"httpStatusCode":"BadRequest","message":"Valid Connection string should be provided. endpointName: datalake-endpoint. If you contact a support representative please include this correlation identifier: af667c68-ac23-4c7c-b7ab-b538ccf75959, timestamp: 2021-10-25 16:05:32Z, errorcode: IH400116."}]

Expected Behaviour

The iothub gets updated with many ip_filter_rule entries.

Actual Behaviour

There was an error during updating IoTHub.

Important Factoids

The routes and routing-endpoints are created via cli and not via terraform (in a null resource)

[myc2h6o]

Hi @nemetht After looking at the issue, seems like the iothub routing endpoint is using identityBased authentication type which is not yet supported. There is an ongoing issue tracking this. Rather than having multiple issues open to track same thing, would you mind subscribing to https://github.com/hashicorp/terraform-provider-azurerm/issues/9139 for update?

[tombuildsstuff]

Consolidating into #9139, thanks @myc2h6o

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.