can not use azurerm_sentinel_log_analytics_workspace_onboarding in chinaeast2

[cuntoulishifu]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.2.2

AzureRM Provider Version

3.76.0

Affected Resource(s)/Data Source(s)

azurerm_sentinel_log_analytics_workspace_onboarding

Terraform Configuration Files

resource "azurerm_resource_group" "test-sentinel-rg" {
    name     = "test-sentinel"
    location = "chinaeast2"
}

resource "azurerm_log_analytics_workspace" "test-sentinel-log" {
    name                = "test-sentinel-log"
    location            = azurerm_resource_group.test-sentinel-rg.location
    resource_group_name = azurerm_resource_group.test-sentinel-rg.name
    sku                 = "PerGB2018"
}
resource "azurerm_sentinel_log_analytics_workspace_onboarding" "example" {
    workspace_id =    azurerm_log_analytics_workspace.test-sentinel-log.id
}

Debug Output/Panic Output

Error: Error ensuring Resource Providers are registered. Terraform automatically attempts to register the Resource Providers it supports to ensure it's able to provision resources. If you don't have permission to register Resource Providers you may wish to use the "skip_provider_registration" flag in the Provider block to disable this functionality. Please note that if you opt out of Resource Provider Registration and Terraform tries to provision a resource from a Resource Provider which is unregistered, then the errors may appear misleading - for example: > API version 2019-XX-XX was not found for Microsoft.Foo Could indicate either that the Resource Provider "Microsoft.Foo" requires registration, but this could also indicate that this Azure Region doesn't support this API version. More information on the "skip_provider_registration" flag can be found here: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs#skip_provider_registration Original Error: determining which Required Resource Providers require registration: the required Resource Provider "Microsoft.MixedReality" wasn't returned from the Azure API

Expected Behaviour

onboard Microsoft Sentinel

Actual Behaviour

Error showed in Debug Output/Panic Output

Steps to Reproduce

1. set env in China Azure

2. terraform plan

Important Factoids

No response

References

No response

[cuntoulishifu]

I can onboard Microsoft Sentinel directly in Azure Portal, and I tried to set skip_provider_registration = true in terraform, I got below errror:

Error: checking for existing Onboarding State (Subscription: "xxxxxxxx" Resource Group Name: "test-sentinel" Workspace Name: "test-sentinel-log" Onboarding State Name: "default"): sentinelonboardingstates.SentinelOnboardingStatesClient#Get: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="NoRegisteredProviderFound" Message="No registered resource provider found for location 'chinaeast2' and API version '2022-11-01' for type 'onboardingStates'. The supported api-versions are '2021-03-01-preview, 2021-09-01-preview, 2021-10-01-preview, 2022-01-01-preview, 2022-04-01-preview, 2022-05-01-preview, 2022-06-01-preview, 2022-07-01-preview, 2022-08-01-preview, 2022-09-01-preview, 2022-10-01-preview, 2022-11-01-preview, 2022-12-01-preview, 2023-02-01-preview, 2023-03-01-preview, 2023-04-01-preview, 2023-05-01-preview, 2023-06-01-preview, 2023-07-01-preview, 2023-08-01-preview, 2023-09-01-preview, 2023-10-01-preview'. The supported locations are 'chinaeast2'."

[sstjean]

This is the same error I see in the Azure US Government Sovereign Cloud instance. It looks like the Azure RM provider isn't setup to hit preview versions of the APIs but the Sovereign Clouds only support preview, even today.