terraform-provider-azurerm
terraform-provider-azurerm copied to clipboard
Published
20 hours ago •
hashicorp
hashicorp
Microsoft Storage Account Network ACL Validation
Is there an existing issue for this?
- [X] I have searched the existing issues
Community Note
- Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform Version
1.4.5
AzureRM Provider Version
3.54.0
Affected Resource(s)/Data Source(s)
azurerm_storage_account
Terraform Configuration Files
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.54.0"
}
}
resource "azurerm_storage_account" "storageAccount" {
...
network_rules{
...
virtual_network_subnet_ids = "subnet id from a different region: tested with SA in westeurope and subnet in eastus"
}
}
Debug Output/Panic Output
2023-04-28T10:47:17.085+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: AzureRM Response for https://management.azure.com/subscriptions/<subscription>/resourceGroups/CI-EUWE01-NPAS-DUMMYPROJECT-01/providers/Microsoft.Storage/storageAccounts/euwe01prddumac01?api-version=2021-09-01:
HTTP/2.0 202 Accepted
Content-Length: 0
Cache-Control: no-cache
Content-Type: text/plain; charset=utf-8
Date: Fri, 28 Apr 2023 09:47:16 GMT
Expires: -1
Location: https://management.azure.com/subscriptions/<subscription>/providers/Microsoft.Storage/locations/westeurope/asyncoperations/ccdc960c-4004-428a-b7ef-fcdcf36ce612?monitor=true&api-version=2021-09-01
Pragma: no-cache
Retry-After: 17
Server: Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 46b6cd19-4273-4bb3-ded1-99c920ee06fa
X-Ms-Ratelimit-Remaining-Subscription-Writes: 1199
X-Ms-Request-Id: ccdc960c-4004-428a-b7ef-fcdcf36ce612
X-Ms-Routing-Request-Id: FRANCECENTRAL:20230428T094717Z:fcdd1cbf-2fb4-4494-abf2-ff0956ce868a: timestamp=2023-04-28T10:47:17.085+0100
2023-04-28T10:47:18.552+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare" is waiting for "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount"
2023-04-28T10:47:18.552+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.blobDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:18.552+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:18.553+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:18.553+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.tableDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:18.554+0100 [TRACE] dag/walk: vertex "root" is waiting for "module.EUWE01PRDQIGMISLA01 (close)"
2023-04-28T10:47:18.557+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount" is waiting for "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01 (close)" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.queueDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)" is waiting for "module.EUWE01PRDDUMAC01.output.id (expand)"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01 (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.output.id (expand)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:21.170+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:23.556+0100 [TRACE] dag/walk: vertex "root" is waiting for "module.EUWE01PRDQIGMISLA01 (close)"
2023-04-28T10:47:23.556+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:23.556+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:23.557+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.blobDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:23.557+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare" is waiting for "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount"
2023-04-28T10:47:23.557+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.tableDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:23.557+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01 (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.output.id (expand)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.queueDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount" is waiting for "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)" is waiting for "module.EUWE01PRDDUMAC01.output.id (expand)"
2023-04-28T10:47:26.172+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01 (close)" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy"
2023-04-28T10:47:28.568+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.tableDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:28.568+0100 [TRACE] dag/walk: vertex "root" is waiting for "module.EUWE01PRDQIGMISLA01 (close)"
2023-04-28T10:47:28.568+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.blobDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:28.568+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare"
2023-04-28T10:47:28.569+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:28.569+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare" is waiting for "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount"
2023-04-28T10:47:28.569+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)" is waiting for "module.EUWE01PRDDUMAC01.output.id (expand)"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.output.id (expand)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount" is waiting for "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)"
2023-04-28T10:47:31.173+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01 (close)" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy"
2023-04-28T10:47:31.174+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.queueDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:31.174+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01 (close)" is waiting for "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.blobDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.tableDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare" is waiting for "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "root" is waiting for "module.EUWE01PRDQIGMISLA01 (close)"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings" is waiting for "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount"
2023-04-28T10:47:33.580+0100 [TRACE] dag/walk: vertex "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard" is waiting for "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare"
2023-04-28T10:47:34.168+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: AzureRM Request:
GET /subscriptions/<subscription>/providers/Microsoft.Storage/locations/westeurope/asyncoperations/ccdc960c-4004-428a-b7ef-fcdcf36ce612?monitor=true&api-version=2021-09-01 HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.19.3 (amd64-linux) go-autorest/v14.2.1 Azure-SDK-For-Go/v66.0.0 storage/2021-09-01 HashiCorp Terraform/1.4.5 (+https://www.terraform.io) Terraform Plugin SDK/2.10.1 terraform-provider-azurerm/dev pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 46b6cd19-4273-4bb3-ded1-99c920ee06fa
Accept-Encoding: gzip: timestamp=2023-04-28T10:47:34.168+0100
2023-04-28T10:47:34.359+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: AzureRM Response for https://management.azure.com/subscriptions/<subscription>/providers/Microsoft.Storage/locations/westeurope/asyncoperations/ccdc960c-4004-428a-b7ef-fcdcf36ce612?monitor=true&api-version=2021-09-01:
HTTP/2.0 200 OK
Cache-Control: no-cache
Content-Type: application/json
Date: Fri, 28 Apr 2023 09:47:33 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 46b6cd19-4273-4bb3-ded1-99c920ee06fa
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11988
X-Ms-Request-Id: a9dfb19f-bbd1-4fa7-8624-983e104ecf99
X-Ms-Routing-Request-Id: FRANCECENTRAL:20230428T094734Z:7bffb845-fb1c-48d9-8850-6994be67f39a
{"status":"Failed","error":{"code":"NetworkAclsValidationFailure","message":"Validation of network acls failure: ResourceBeingAcledHasWrongLocation:Microsoft.Storage resources in westeurope cannot be ACL-ed to virtual network /subscriptions/<subscription>/resourceGroups/CI-USEA01-NPAS-VNET-10.68.80.0_21/providers/Microsoft.Network/virtualNetworks/USEA01CINPAS01VNET01 in eastus. Only resources in eastus, westus, westus3 can be ACL-ed to virtual networks in eastus.."}}: timestamp=2023-04-28T10:47:34.359+0100
2023-04-28T10:47:34.359+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: AzureRM Request:
GET /subscriptions/<subscription>/resourceGroups/CI-EUWE01-NPAS-DUMMYPROJECT-01/providers/Microsoft.Storage/storageAccounts/euwe01prddumac01?api-version=2021-09-01 HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.19.3 (amd64-linux) go-autorest/v14.2.1 Azure-SDK-For-Go/v66.0.0 storage/2021-09-01 HashiCorp Terraform/1.4.5 (+https://www.terraform.io) Terraform Plugin SDK/2.10.1 terraform-provider-azurerm/dev pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 46b6cd19-4273-4bb3-ded1-99c920ee06fa
Accept-Encoding: gzip: timestamp=2023-04-28T10:47:34.359+0100
2023-04-28T10:47:34.564+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: AzureRM Response for https://management.azure.com/subscriptions/<subscription>/resourceGroups/CI-EUWE01-NPAS-DUMMYPROJECT-01/providers/Microsoft.Storage/storageAccounts/euwe01prddumac01?api-version=2021-09-01:
HTTP/2.0 404 Not Found
Content-Length: 107
Cache-Control: no-cache
Content-Type: application/json
Date: Fri, 28 Apr 2023 09:47:33 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 46b6cd19-4273-4bb3-ded1-99c920ee06fa
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11987
X-Ms-Request-Id: 79d0eab0-9eaa-40c8-84e3-eb0a62499486
X-Ms-Routing-Request-Id: FRANCECENTRAL:20230428T094734Z:eaf63767-81ac-4079-882b-f60a1cb7ec32
{"error":{"code":"StorageAccountNotFound","message":"The storage account euwe01prddumac01 was not found."}}: timestamp=2023-04-28T10:47:34.564+0100
2023-04-28T10:47:34.564+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: Unlocking "azurerm_storage_account.euwe01prddumac01": timestamp=2023-04-28T10:47:34.564+0100
2023-04-28T10:47:34.564+0100 [DEBUG] provider.terraform-provider-azurerm_v3.54.0_x5: Unlocked "azurerm_storage_account.euwe01prddumac01": timestamp=2023-04-28T10:47:34.564+0100
2023-04-28T10:47:34.564+0100 [TRACE] provider.terraform-provider-azurerm_v3.54.0_x5: Called downstream: tf_rpc=ApplyResourceChange @module=sdk.helper_schema tf_provider_addr=provider tf_resource_type=azurerm_storage_account @caller=github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:838 tf_req_id=a7fe1014-6719-2bba-4e86-269d91c73653 timestamp=2023-04-28T10:47:34.564+0100
2023-04-28T10:47:34.566+0100 [TRACE] provider.terraform-provider-azurerm_v3.54.0_x5: Received downstream response: diagnostic_error_count=1 diagnostic_warning_count=0 tf_req_duration_ms=20993 tf_req_id=a7fe1014-6719-2bba-4e86-269d91c73653 tf_resource_type=azurerm_storage_account @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/tf5serverlogging/downstream_request.go:37 @module=sdk.proto tf_proto_version=5.3 tf_provider_addr=provider tf_rpc=ApplyResourceChange timestamp=2023-04-28T10:47:34.565+0100
2023-04-28T10:47:34.566+0100 [ERROR] provider.terraform-provider-azurerm_v3.54.0_x5: Response contains error diagnostic: @module=sdk.proto diagnostic_severity=ERROR diagnostic_summary="retrieving Storage Account: (Name "euwe01prddumac01" / Resource Group "CI-EUWE01-NPAS-DUMMYPROJECT-01"): storage.AccountsClient#GetProperties: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="StorageAccountNotFound" Message="The storage account euwe01prddumac01 was not found."" tf_proto_version=5.3 tf_provider_addr=provider tf_rpc=ApplyResourceChange tf_req_id=a7fe1014-6719-2bba-4e86-269d91c73653 tf_resource_type=azurerm_storage_account @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:55 diagnostic_detail= timestamp=2023-04-28T10:47:34.566+0100
2023-04-28T10:47:34.566+0100 [TRACE] provider.terraform-provider-azurerm_v3.54.0_x5: Served request: tf_proto_version=5.3 tf_provider_addr=provider tf_req_id=a7fe1014-6719-2bba-4e86-269d91c73653 tf_resource_type=azurerm_storage_account tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:831 @module=sdk.proto timestamp=2023-04-28T10:47:34.566+0100
2023-04-28T10:47:34.568+0100 [TRACE] maybeTainted: module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount encountered an error during creation, so it is now marked as tainted
2023-04-28T10:47:34.568+0100 [TRACE] NodeAbstractResouceInstance.writeResourceInstanceState to workingState for module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount
2023-04-28T10:47:34.568+0100 [TRACE] NodeAbstractResouceInstance.writeResourceInstanceState: writing state object for module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount
2023-04-28T10:47:34.569+0100 [TRACE] evalApplyProvisioners: module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount is tainted, so skipping provisioning
2023-04-28T10:47:34.569+0100 [TRACE] maybeTainted: module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount was already tainted, so nothing to do
2023-04-28T10:47:34.569+0100 [TRACE] NodeAbstractResouceInstance.writeResourceInstanceState to workingState for module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount
2023-04-28T10:47:34.569+0100 [TRACE] NodeAbstractResouceInstance.writeResourceInstanceState: writing state object for module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount
2023-04-28T10:47:34.570+0100 [ERROR] vertex "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount" error: retrieving Storage Account: (Name "euwe01prddumac01" / Resource Group "CI-EUWE01-NPAS-DUMMYPROJECT-01"): storage.AccountsClient#GetProperties: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="StorageAccountNotFound" Message="The storage account euwe01prddumac01 was not found."
2023-04-28T10:47:34.570+0100 [TRACE] vertex "module.EUWE01PRDDUMAC01.azurerm_storage_account.storageAccount": visit complete, with errors
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.output.id (expand)" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.tableDiagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.var.storageAccountID (expand)" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.queueDiagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.data.azurerm_storage_account.storageAccount" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.blobDiagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.azurerm_storage_share.lakeShare" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.diagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.azurerm_logic_app_standard.logicAppStandard" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01.azurerm_monitor_diagnostic_setting.fileDiagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.azurerm_key_vault_access_policy.systemKeyVaultPolicy" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDDUMAC01 (close)" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01.azurerm_monitor_diagnostic_setting.diagnosticSettings" errored, so skipping
2023-04-28T10:47:34.570+0100 [TRACE] dag/walk: upstream of "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)" errored, so skipping
2023-04-28T10:47:34.571+0100 [TRACE] dag/walk: upstream of "module.EUWE01PRDQIGMISLA01 (close)" errored, so skipping
2023-04-28T10:47:34.571+0100 [TRACE] dag/walk: upstream of "root" errored, so skipping
Expected Behaviour
Microsoft has launched a new feature that allows add cross region subnets in storage account firewall, this is already in GA and describe bellow. The expected behavior is that azurerm validation won't block the add of different region subnet in storage account.
Actual Behaviour
apply fails with debug provided above
Steps to Reproduce
Create a storage account in west europe and add a subnet allowed to it's firewall coming from us east, that will fail on the ACL validation
Important Factoids
No response
References
Cross region service endpoints are now available: https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?toc=%2Fazure%2Fvirtual-network%2Ftoc.json&tabs=azure-portal#azure-storage-cross-region-service-endpoints
