azurerm_api_management_user data can't find the user

[elvovsky]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.3.8

AzureRM Provider Version

3.55.0

Affected Resource(s)/Data Source(s)

azurerm_api_management_user

Terraform Configuration Files

data "azurerm_api_management_user" "example" {
  user_id             = "Test"
  api_management_name = "test"
  resource_group_name = "test"
}

output "stuff" {
  value = data.azurerm_api_management_user.example.*
}

Debug Output/Panic Output

User: (Name "Test" / Service Name "test" / Resource Group "test") was not found

Expected Behaviour

To see the data about the user

Actual Behaviour

error message that user is not found

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[sinbai]

Hi @elvovsky thanks for opening this issue. Unfortunately, I could not reproduce this issue by the following terraform config, could you try reproducing this issue with it?

terraform {
  required_providers {
    azurerm = {
      source = "hashicorp/azurerm"
      version = "3.55.0"
    }
  }
}
provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "test" {
  name     = "amtestRG-0510"
  location = "eastus"
}

resource "azurerm_api_management" "test" {
  name                = "acctestAM-0510"
  publisher_name      = "pub1"
  publisher_email     = "pub1@email.com"
  sku_name            = "Developer_1"
  location            = azurerm_resource_group.test.location
  resource_group_name = azurerm_resource_group.test.name
}

resource "azurerm_api_management_user" "test" {
  user_id             = "test-user"
  api_management_name = azurerm_api_management.test.name
  resource_group_name = azurerm_resource_group.test.name
  first_name          = "Acceptance"
  last_name           = "Test"
  email               = "azure-acctest%d@example.com"
  state               = "active"
  note                = "Used for testing in dimension C-137."
}

data "azurerm_api_management_user" "test" {
  user_id             = "test-user"
  api_management_name = "acctestAM-0510"
  resource_group_name = "amtestRG-0510"
  depends_on = [azurerm_resource_group.test, azurerm_api_management.test, azurerm_api_management_user.test]
}

output "stuff" {
  value = data.azurerm_api_management_user.test.*
}

output:

[elvovsky]

@sinbai Elena, you are creating a resource group and the instance of the APIM and then the user, after which you are getting the user. I already have existing apim and existing user and I tried to get multiple existing users. The only difference in your script, other than creating resources, is "depends on" part. But the reason that one is there is because you are creating resources first. I can't create APIM , except may be in my own subscription, but that won't be the same. I am not sure if turning the debug on when executing may be helpful ? Also question, there are 3 types of users that I see in APIM basic, Azure and AzureAd. Since there is nothing in the provider , I assume that should not matter .

[aristosvo]

Hi @elvovsky!

Can you try this request: az rest --method get --url https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/users?api-version=2022-08-01

This lists all the users, it might show that you don't have the necessary permissions or that it might be a mixup on the user_id for instance.

[elvovsky]

Thanks @aristosvo . I do have rights, but I will give it a try, I assume that servicename in this case is the API management service name?

[aristosvo]

I assume that servicename in this case is the API management service name?

Indeed!

[elvovsky]

I assume that servicename in this case is the API management service name?

Indeed!

I got a response json back with the data . I know this is not permissions issue, since I created a test user before

[elvovsky]

What do I use for user_id, if the account is based on azure ad authentication ?