Open lukerogers opened 1 year ago
@lukerogers Thank you for opening this issue. I was able to reproduce the issue and error messaging that you posted above. I also saw the 2 issues with the documentation that you mentioned. I think the issue is related to the mismatch in the url/endpoint and will look through the go code to see if there were any changes that may have caused this:
Expected a DisasterRecoveryConfigAuthorizationRule ID that matched (containing 12 segments):
> /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/example-resource-group/providers/Microsoft.ServiceBus/namespaces/namespaceValue/disasterRecoveryConfigs/disasterRecoveryConfigValue/authorizationRules/authorizationRuleValue
However this value was provided (which was parsed into 0 segments):
> /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/servicebus-replication/providers/Microsoft.ServiceBus/namespaces/servicebus-primary/authorizationRules/examplerule
@lukerogers I haven't found the cause of the error yet, but I found that the same terraform configuration works on 3.58 but starts breaking on 3.59 and forward. So if this is something you need, you could pin to 3.58 until there is a fix.
I am using 3.66 and getting the same error as DisasterRecoveryConfigAuthorizationRule ID: the number of segments didn't match Expected a DisasterRecoveryConfigAuthorizationRule ID that matched (containing 12 segments) as I see auth rule has only 9 segments.
I also have this issue, with the same code as OP.
I am using
Terraform v1.6.6
on darwin_arm64
+ provider registry.terraform.io/hashicorp/azurerm v3.88.0
@rcskosir is this officially accepted as a bug?
winding back the provider version isnt an option for me.
We are also hitting this issue on v3.97.1. Is regressing back to 3.58 the only option at the moment?
Is there any news regarding this @rcskosir? I'm facing the same issue as well
@rcskosir There is a simple work-around if you can do without a custom authorization_rule. From the documented examples drop the azurerm_servicebus_namespace_authorization_rule resource and the alias_authorization_rule_id attribute from the azurerm_servicebus_namespace_disaster_recovery_config resource and the provider will happily create the geo recovery configuration.
The error logs are explicit in where the problem lies; the documentation tells us to create a azurerm_servicebus_namespace_authorization_rule resource which translates to a resource with 10 segments :
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/authorizationRules/{ruleName}
and the azurerm_servicebus_namespace_disaster_recovery_config resource expects a rule with 12 segments:
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/disasterRecoveryConfigs/{disaterRecoveryConfigName}/authorizationRules/{ruleName}
Seems to me you're missing a resource that would create a disaster recovery config authorization rule, e.g. "azurerm_servicebus_namespace_disasterrecovery_authorization_rule" or something like that
Looking through the source code for your provider I can't find a 'resource' that uses disasterrecoveryconfigs.NewDisasterRecoveryConfigID from the Azure SDK that would generate a compatible rule for the 'azurerm_servicebus_namespace_disaster_recovery_config' resource.
version 3.111.0 - issue still reproduced
Confirmed this is still an issue in version 3.113
Even if you hardcode the parameter alias_authorization_rule_id
ID for the azurerm_servicebus_namespace_authorization_rule
in the resource: azurerm_servicebus_namespace_disaster_recovery_config
it will complain that there are not enough segements, eg:
resource "azurerm_servicebus_namespace_disaster_recovery_config" "geo_dr" { name = "abc-sbn-0001" primary_namespace_id = data.azurerm_servicebus_namespace.azsbnabcp0001.id partner_namespace_id = module.servicebus_namespace.servicebus_namespace_id alias_authorization_rule_id = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/AZRGPABCP0001/providers/Microsoft.ServiceBus/namespaces/azsbnabcp0001/disasterRecoveryConfigs/disasterRecoveryConfigValue/authorizationRules/abc-asb-auth-rule1" }
Is there an existing issue for this?
Community Note
Terraform Version
1.5.1
AzureRM Provider Version
3.62.1
Affected Resource(s)/Data Source(s)
azurerm_servicebus_namespace_disaster_recovery_config
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
The disaster recovery is configured and logged as successful
Actual Behaviour
The disaster recovery is setup as requested, but TF reports an error because it can't load the ID correctly.
I used the example from the documentation, but had to correct two errors:
Assuming I did things correctly, the documentation should be updated as well.
Steps to Reproduce
terraform apply
Important Factoids
No response
References
No response