Associate Application Group to Private Endpoint on Bot Service

[fdmsantos]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.5.7

AzureRM Provider Version

3.74.0

Affected Resource(s)/Data Source(s)

azurerm_private_endpoint_application_security_group_association

Terraform Configuration Files

resource "azurerm_application_security_group" "this" {
  for_each            = local.private_endpoints_with_app_sg
  name                = "${each.key}-appsecuritygroup"
  location            = var.location
  resource_group_name = var.resource_group_name
  tags                = var.tags
}

resource "azurerm_private_endpoint_application_security_group_association" "this" {
  for_each                      = local.private_endpoints_with_app_sg
  private_endpoint_id           = module.private_endpoint[each.key].private_endpoint_id
  application_security_group_id = azurerm_application_security_group.this[each.key].id
}

Debug Output/Panic Output

╷
│ Error: creating Private Endpoint (Subscription: "76a74f3e-8631-4336-8d9e-3d8416163c4a"
│ Resource Group Name: "bot"
│ Private Endpoint Name: "BotEndpoint"): polling after CreateOrUpdate: polling failed
│ 
│   with azurerm_private_endpoint_application_security_group_association.this["BotEndpoint"],
│   on ../../main.tf line 67, in resource "azurerm_private_endpoint_application_security_group_association" "this":
│   67: resource "azurerm_private_endpoint_application_security_group_association" "this" {
│ 
│ creating Private Endpoint (Subscription: ""
│ Resource Group Name: "bot"
│ Private Endpoint Name: "BotEndpoint"): polling after CreateOrUpdate: polling failed
╵

Expected Behaviour

Application Security Group created and associated to private endpoint without errors.

Actual Behaviour

The Application Security Group is created and it's associated to private endpoint (This is private endpoint for bot Service), but the terraform gives that error (The work was done). When try again, i got error saying the association already exists (it's true)

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[simon-pearson]

I am also experiencing this issue, with exactly the same polling after CreateOrUpdate: polling failed error message. My config is essentially the same as @fdmsantos:

resource "azurerm_application_security_group" "bot_asg" {
  name                = "${module.naming.standard["application-security-group"]}-bot"
  location            = var.location
  resource_group_name = var.resource_group_name
  tags                = var.tags
}

resource "azurerm_private_endpoint_application_security_group_association" "bot_pe_asg_association" {
  private_endpoint_id           = azurerm_private_endpoint.bot_pe.id
  application_security_group_id = azurerm_application_security_group.bot_asg.id
}

I'm on AzureRM version 3.72.0 and Terraform CLI v1.5.6.

[simon-pearson]

Any update on this?

[gasserp]

I am also experiencing this issue with azurerm provider version 3.82.0, terraform 1.6.4

[raidostar]

I have the same issue. Is this the issue of terraform or azure? If it's an issue of azure, I want to open the case in my azure portal.

[kkarballof]

Any updates on this? I am also getting: with module.redis_ent_private_endpoint["rdisent"].azurerm_private_endpoint_application_security_group_association.asg[0], │ on ..\..\..\..\..\modules\terraform\private-end-points\3.0.0\main.tf line 51, in resource "azurerm_private_endpoint_application_security_group_association" "asg": │ 51: resource "azurerm_private_endpoint_application_security_group_association" "asg" { │ │ creating Private Endpoint (Subscription: "c08a664b-96ae-41b7-a430-d284243fa3f5" │ Resource Group Name: "me2-network-rg" │ Private Endpoint Name: "iac-dev-me2-redis-rdisent-redise-pep"): polling after CreateOrUpdate: polling failed