azurerm_subnet_network_security_group_association timeouts while running first time.

[nvenkatapavan]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.1.7

AzureRM Provider Version

3.9.0

Affected Resource(s)/Data Source(s)

azurerm_subnet_network_security_group_association

Terraform Configuration Files

provider "azurerm" {
  features {
    resource_group {
      prevent_deletion_if_contains_resources = false
    }
  }
}

resource "azurerm_resource_group" "my_resource_group" {
  name     = "my_resource_group"
  location = "eastus"
}

resource "azurerm_virtual_network" "main" {
  name                = "my-vnet"
  address_space       = ["172.21.0.0/19"]
  location            = "eastus"
  resource_group_name = azurerm_resource_group.my_resource_group.name
}

resource "azurerm_subnet" "private" {
  name                 = "my-private-subnet"
  resource_group_name  = azurerm_resource_group.my_resource_group.name
  virtual_network_name = azurerm_virtual_network.main.name
  address_prefixes     = ["172.21.0.0/20"]
  # enforce_private_link_endpoint_network_policies = true
}

resource "azurerm_subnet" "redis" {
  name                 = "my-redis-subnet"
  resource_group_name  = azurerm_resource_group.my_resource_group.name
  virtual_network_name = azurerm_virtual_network.main.name
  address_prefixes     = ["172.21.16.0/24"]
}

resource "azurerm_network_security_group" "main" {
  name                = "my-security_group"
  location            = "eastus"
  resource_group_name = azurerm_resource_group.my_resource_group.name

  security_rule {
    name                       = "test123"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "*"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

resource "azurerm_subnet_network_security_group_association" "private" {
  subnet_id                 = azurerm_subnet.private.id
  network_security_group_id = azurerm_network_security_group.main.id
  depends_on                = [azurerm_subnet.private, azurerm_network_security_group.main]
}

resource "azurerm_subnet_network_security_group_association" "redis" {
  subnet_id                 = azurerm_subnet.redis.id
  network_security_group_id = azurerm_network_security_group.main.id
  depends_on                = [azurerm_subnet.redis, azurerm_network_security_group.main]
}

Debug Output/Panic Output

│ Error: updating Network Security Group Association for Subnet: (Name "my-private-subnet" / Virtual Network Name "my-vnet" / Resource Group "my_resource_group"): network.SubnetsClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: context deadline exceeded

Expected Behaviour

terraform apply should be working first run also and azurerm_subnet_network_security_group_association should be working.

Actual Behaviour

azurerm_subnet_network_security_group_association running for 30mins and getting timed out, when we re-run terraform it's working. Our actual terraform code is big provided a sample file how it looks like and where are getting errors.

Steps to Reproduce

terraform init terraform plan terraform apply terraform destroy

Important Factoids

No response

References

No response

[magodo]

@nvenkatapavan This is likely duplicate to https://github.com/hashicorp/terraform-provider-azurerm/issues/16933. Please look at this answer: https://github.com/hashicorp/terraform-provider-azurerm/issues/16933#issuecomment-1139367306.