TerraformCLI init service connection scoped at management group can not login to specific subscription

[JQUINONES82]

*Describe the bug** A clear and concise description of what the bug is. When running terraform CLI init using a service connection scoped at the management group using the following:

Terraform CLI 0.7.8

To Reproduce Steps to reproduce the behavior:

1. Run pipeline and during the init process error build arm config: obtain subscription(xxxxx-xxxxx-xxxxx) from Azure CLI: parsing json ruslt from azure cli waiting for the Azure CLI exit status 1 Error please run 'az login'

Expected behavior A clear and concise description of what you expected to happen. I expected it login and initialize I'm using a service connection scoped at the management group level backendAzureRMSubscriptionId is set with storage account name, container name, and key.

Terraform 1.3.7 is installed

Screenshots If applicable, add screenshots to help explain your problem.

Pipeline Logs will attach log

Agent Configuration

• OS: RHEL7
• Hosted/Self Hosted: Self hosted
• Terraform version used (Default for hosted agent is acceptable) 1.3.7
• AzureCLI version used (Default for hosted agent is acceptable or N/A) 2.3.8

Additional context Add any other context about the problem here.

[JQUINONES82]

https://github.com/jason-johnson/azure-pipelines-tasks-terraform/blob/main/pipelines/test/azurerm_mgmt_group_service_connection.yml DOES NOT WORK.

If i export env vars this works. Again, I'm using a serivce connection scoped at a management group that will then deploy to different subscriptions.

[szymonbr]

The same happens in my case. But I'm using certificate-based authentication for the service connection hence I haven't found a workaround. Maybe any ideas?

I'm having backend configured in a tf file. The file has been succussfully tested from local CLI. The service connection has been successfully tested by an AzureCLI@2 task.