You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
When provisioning a subscription via Terraform, it would be useful to also provision some of the supporting services required from a governance perspective. i.e. diagnostics settings, Defender for Cloud pricing, Default RBAC groups and assignments etc.
Currently, to do this we must use a provider alias for the newly created subscription. However, though the correct Subscription ID is passed from the resource creating the subscription to the provider correctly, the provider alias is unable to find the subscription by it's ID since the JSON generated when the provider was initialised does not contain the newly created subscription. An az account list --refresh would refresh the cached JSON and allow the subscription to be used. However, there does not appear to be a way to enforce this for an alternate provider.
I'm not sure whether this is the correct place to put this, but I think it would be worthwhile. Maybe this could be implemented as a provider 'feature'?
Error: building AzureRM Client: obtain subscription(xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx) from Azure CLI: parsing json result from the Azure CLI: waiting for the Azure CLI: exit status 1: ERROR: Subscription 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' not found. Check the spelling and casing and try again.
│
│ with provider["registry.terraform.io/hashicorp/azurerm"].remote,
│ on provider.tf line 9, in provider "azurerm":
│ 9: provider "azurerm" {
│
╵
ERRO[0240] 1 error occurred:
* exit status 1
New or Affected Resource(s)/Data Source(s)
azurerm_subscription
Potential Terraform Configuration
No response
References
No response
The text was updated successfully, but these errors were encountered:
laughtonsm
changed the title
Support for Refreshing Azure CLI Subscription Cache when using Provider Alias
Support for Refreshing AzureRM Client Subscription Cache when using Provider Alias
Apr 6, 2022
Taking a look through here this appears to be a duplicate of #15894 (but for subscriptions, not management groups - although the solution is the same) - would you mind subscribing to that issue for updates?
Hi @tombuildsstuff. Sure thing. I had a look but didn't find this earlier, but yes, the same issue. Would be really useful if this could be resolved somehow. Following....
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Is there an existing issue for this?
Community Note
Description
When provisioning a subscription via Terraform, it would be useful to also provision some of the supporting services required from a governance perspective. i.e. diagnostics settings, Defender for Cloud pricing, Default RBAC groups and assignments etc.
Currently, to do this we must use a provider alias for the newly created subscription. However, though the correct Subscription ID is passed from the resource creating the subscription to the provider correctly, the provider alias is unable to find the subscription by it's ID since the JSON generated when the provider was initialised does not contain the newly created subscription. An
az account list --refresh
would refresh the cached JSON and allow the subscription to be used. However, there does not appear to be a way to enforce this for an alternate provider.I'm not sure whether this is the correct place to put this, but I think it would be worthwhile. Maybe this could be implemented as a provider 'feature'?
The above results in the following error:
New or Affected Resource(s)/Data Source(s)
azurerm_subscription
Potential Terraform Configuration
No response
References
No response
The text was updated successfully, but these errors were encountered: