CAF Launchpad scenario 200 does not work with a bootstrap service principle. #498
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Unable to run plan with a service principle. I get the following error:
Error: No service principal found for application ID: "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
│
│ with module.launchpad.data.azuread_service_principal.logged_in_app[0],
│ on /home/vscode/.terraform.cache/ABC/modules/launchpad/main.tf line 51, in data "azuread_service_principal" "logged_in_app":
│ 51: data "azuread_service_principal" "logged_in_app" {
I think this may be related to permissions as "04b07795-8ddb-461a-bbee-02f9e1bf7b46" is the id for the Azure CLI. Any reference to this error usually implies permissions and 4.7.2 moved to the microsoft graph:
To Reproduce
Steps to reproduce the behavior:
rover -lz /tf/caf/caf_launchpad
-launchpad
-var-folder /tf/caf/caf_launchpad/scenario/200
-level level0
-a plan
Expected behavior
A clear and concise description of what you expected to happen.
Configuration (please complete the following information):
OS and version: [e.g. Windows 10 19045]
Version of the rover aztfmod/rover:1.5.4-2307.2804
Version of the landing zone 5.7.2
Additional context
permissions:
Application.ReadWrite.All
Application.ReadWrite.OwnedBy
AppRoleAssignment.ReadWrite.All
DelegatedPermissionGrant.ReadWrite.All
Directory.ReadWrite.All
Group.ReadWrite.All
RoleManagement.ReadWrite.Directory
@calling initialize_state
Checking required permissions
@Checking if current user (object_id: ***) is Owner of the subscription - only for launchpad
User is Owner of the subscription
Installing launchpad from /tf/caf/landingzones/caf_launchpad
`Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
Terraform planned the following actions, but then encountered a problem:
random_string.prefix[0] will be created
}
module.launchpad.random_string.prefix[0] will be created
}
module.launchpad.module.custom_roles["caf-launchpad"].azurecaf_name.custom_role will be created
}
module.launchpad.module.custom_roles["caf-launchpad-contributor"].azurecaf_name.custom_role will be created
}
module.launchpad.module.diagnostic_event_hub_namespaces["central_logs_region1"].azurecaf_name.evh will be created
}
module.launchpad.module.diagnostic_log_analytics["central_logs_region1"].azurecaf_name.law will be created
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.keyvaults["level0"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level1"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level2"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level3"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level4"].azurecaf_name.keyvault will be created
}
module.launchpad.module.managed_identities["level0"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level1"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level2"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level3"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level4"].azurecaf_name.msi will be created
}
module.launchpad.module.resource_groups["level0"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level0"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level1"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level1"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level2"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level2"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level3"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level3"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level4"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level4"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["ops"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["ops"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["security"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["security"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["siem"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["siem"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.storage_accounts["level0"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level1"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level2"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level3"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level4"].azurecaf_name.stg will be created
}
Plan: 43 to add, 0 to change, 0 to destroy.
Changes to Outputs:
The text was updated successfully, but these errors were encountered: