terraform-provider-azurerm icon indicating copy to clipboard operation
terraform-provider-azurerm copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

azurerm_security_center_subscription_pricing extension block is invalid

Open zoxendine opened this issue 2 years ago • 3 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Community Note

  • Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

v1.5.6

AzureRM Provider Version

3.71

Affected Resource(s)/Data Source(s)

azurerm_security_center_subscription_pricing

Terraform Configuration Files

resource "azurerm_security_center_subscription_pricing" "tr" {
  tier          = var.tier
  resource_type = "Containers"
  extension {
    name = "Defender DaemonSet"
  }
}

Debug Output/Panic Output

[vagrant@fedora37 paas]$ terragrunt plan
╷
│ Error: Unsupported block type
│
│   on ../../modules/em5-defender/main.tf line 20, in resource "azurerm_security_center_subscription_pricing" "tr":
│   20:   extension {
│
│ Blocks of type "extension" are not expected here.
╵

Expected Behaviour

Extension block should be valid according to the documentation.

Actual Behaviour

No response

Steps to Reproduce

No response

Important Factoids

No response

References

No response

zoxendine avatar Sep 05 '23 13:09 zoxendine

Thanks for raising this issue. As it works fine on my local, could you double check whether you're using latest azurerm provider? Thanks.

neil-yechenwei avatar Sep 06 '23 05:09 neil-yechenwei

@neil-yechenwei Did it work using "Defender DaemonSet", I was able to get past the extension block issue, but it doesn't seem that "Defender DaemonSet" is a valid parameter. I need to enable the following for Defender, and would appreciate guidance on how to do so via terraform. image

zoxendine avatar Sep 06 '23 12:09 zoxendine

I mean that "extension" can be set successfully. The error message what you provided indicates that the extension block isn't correctly set in the tfconfig. It's not related with "Defender DaemonSet". In the meanwhile, Swagger indicates that service API doesn't support "Defender DaemonSet". See more details from the following references.

https://learn.microsoft.com/en-us/azure/templates/microsoft.security/pricings?pivots=deployment-language-terraform#extension-2 https://github.com/Azure/azure-rest-api-specs/blob/main/specification/security/resource-manager/Microsoft.Security/stable/2023-01-01/pricings.json#L274

neil-yechenwei avatar Jun 17 '25 03:06 neil-yechenwei