You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Unable to run plan with a service principle. I get the following error:
Error: No service principal found for application ID: "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
│
│ with module.launchpad.data.azuread_service_principal.logged_in_app[0],
│ on /home/vscode/.terraform.cache/ABC/modules/launchpad/main.tf line 51, in data "azuread_service_principal" "logged_in_app":
│ 51: data "azuread_service_principal" "logged_in_app" {
I think this may be related to permissions as "04b07795-8ddb-461a-bbee-02f9e1bf7b46" is the id for the Azure CLI. Any reference to this error usually implies permissions and 4.7.2 moved to the microsoft graph:
azuread_api_permissions = {
#
# To be removed part on 5.7.0 migration (new Microsoft Graph API)
#
# caf_launchpad_level0 = {
# active_directory_graph = {
# resource_app_id = "00000002-0000-0000-c000-000000000000"
# resource_access = {
# Application_ReadWrite_OwnedBy = {
# id = "824c81eb-e3f8-4ee6-8f6d-de7f50d565b7"
# type = "Role"
# }
# Directory_ReadWrite_All = {
# id = "78c8a3c8-a07e-4b9e-af1b-b5ccab50a175"
# type = "Role"
# }
# }
# }
# }
To Reproduce
Steps to reproduce the behavior:
az login --service-principal -u "" -p "" -t "***"
rover -lz /tf/caf/landingzones/caf_launchpad -launchpad -var-folder /tf/caf/platform/demo/level_0 -env FHL -level level0 -log-severity ERROR -p ${TF_DATA_DIR}/caf_launchpad.tfstate.tfplan -a plan
execute the following command:
rover -lz /tf/caf/caf_launchpad
-launchpad
-var-folder /tf/caf/caf_launchpad/scenario/200
-level level0
-a plan
Expected behavior
A clear and concise description of what you expected to happen.
Configuration (please complete the following information):
OS and version: [e.g. Windows 10 19045]
Version of the rover aztfmod/rover:1.5.4-2307.2804
Version of the landing zone 5.7.2
@calling initialize_state
Checking required permissions @Checking if current user (object_id: ***) is Owner of the subscription - only for launchpad
User is Owner of the subscription
Installing launchpad from /tf/caf/landingzones/caf_launchpad
`Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
create
Terraform planned the following actions, but then encountered a problem:
random_string.prefix[0] will be created
resource "random_string" "prefix" {
id = (known after apply)
length = 4
lower = true
min_lower = 0
min_numeric = 0
min_special = 0
min_upper = 0
number = (known after apply)
numeric = false
result = (known after apply)
special = false
upper = false
}
module.launchpad.random_string.prefix[0] will be created
resource "random_string" "prefix" {
id = (known after apply)
length = 4
lower = true
min_lower = 0
min_numeric = 0
min_special = 0
min_upper = 0
number = (known after apply)
numeric = false
result = (known after apply)
special = false
upper = false
}
module.launchpad.module.custom_roles["caf-launchpad"].azurecaf_name.custom_role will be created
resource "azurecaf_name" "custom_role" {
clean_input = true
id = (known after apply)
name = "caf-launchpad"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_resource_group"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.custom_roles["caf-launchpad-contributor"].azurecaf_name.custom_role will be created
resource "azurecaf_name" "custom_role" {
clean_input = true
id = (known after apply)
name = "caf-launchpad-contributor"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_resource_group"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_event_hub_namespaces["central_logs_region1"].azurecaf_name.evh will be created
resource "azurecaf_name" "evh" {
clean_input = true
id = (known after apply)
name = "logs"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_eventhub_namespace"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_log_analytics["central_logs_region1"].azurecaf_name.law will be created
resource "azurecaf_name" "law" {
clean_input = true
id = (known after apply)
name = "logs"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_log_analytics_workspace"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region1"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "bootrg1"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region2"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "bootrg2"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region1"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "diaglogsrg1"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region2"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "diaglogrg2"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region1"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "siemsg1"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region2"].azurecaf_name.stg will be created
resource "azurecaf_name" "stg" {
clean_input = true
id = (known after apply)
name = "siemrg2"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_storage_account"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.keyvaults["level0"].azurecaf_name.keyvault will be created
resource "azurecaf_name" "keyvault" {
clean_input = true
id = (known after apply)
name = "level0"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_key_vault"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.keyvaults["level1"].azurecaf_name.keyvault will be created
resource "azurecaf_name" "keyvault" {
clean_input = true
id = (known after apply)
name = "level1"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_key_vault"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.keyvaults["level2"].azurecaf_name.keyvault will be created
resource "azurecaf_name" "keyvault" {
clean_input = true
id = (known after apply)
name = "level2"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_key_vault"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.keyvaults["level3"].azurecaf_name.keyvault will be created
resource "azurecaf_name" "keyvault" {
clean_input = true
id = (known after apply)
name = "level3"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_key_vault"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.keyvaults["level4"].azurecaf_name.keyvault will be created
resource "azurecaf_name" "keyvault" {
clean_input = true
id = (known after apply)
name = "level4"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_key_vault"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.managed_identities["level0"].azurecaf_name.msi will be created
resource "azurecaf_name" "msi" {
clean_input = true
id = (known after apply)
name = "landingzone-level0-msi"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_user_assigned_identity"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.managed_identities["level1"].azurecaf_name.msi will be created
resource "azurecaf_name" "msi" {
clean_input = true
id = (known after apply)
name = "landingzone-level1-msi"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_user_assigned_identity"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.managed_identities["level2"].azurecaf_name.msi will be created
resource "azurecaf_name" "msi" {
clean_input = true
id = (known after apply)
name = "landingzone-level2-msi"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_user_assigned_identity"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.managed_identities["level3"].azurecaf_name.msi will be created
resource "azurecaf_name" "msi" {
clean_input = true
id = (known after apply)
name = "landingzone-level3-msi"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_user_assigned_identity"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.managed_identities["level4"].azurecaf_name.msi will be created
resource "azurecaf_name" "msi" {
clean_input = true
id = (known after apply)
name = "landingzone-level4-msi"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_user_assigned_identity"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.resource_groups["level0"].azurecaf_name.rg will be created
resource "azurecaf_name" "rg" {
clean_input = true
id = (known after apply)
name = "launchpad-level0"
passthrough = false
prefixes = (known after apply)
random_length = 0
resource_type = "azurerm_resource_group"
result = (known after apply)
results = (known after apply)
separator = "-"
use_slug = true
}
module.launchpad.module.resource_groups["level0"].azurerm_resource_group.rg will be created
Describe the bug
Unable to run plan with a service principle. I get the following error:
Error: No service principal found for application ID: "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
│
│ with module.launchpad.data.azuread_service_principal.logged_in_app[0],
│ on /home/vscode/.terraform.cache/ABC/modules/launchpad/main.tf line 51, in data "azuread_service_principal" "logged_in_app":
│ 51: data "azuread_service_principal" "logged_in_app" {
I think this may be related to permissions as "04b07795-8ddb-461a-bbee-02f9e1bf7b46" is the id for the Azure CLI. Any reference to this error usually implies permissions and 4.7.2 moved to the microsoft graph:
To Reproduce
Steps to reproduce the behavior:
rover -lz /tf/caf/caf_launchpad
-launchpad
-var-folder /tf/caf/caf_launchpad/scenario/200
-level level0
-a plan
Expected behavior
A clear and concise description of what you expected to happen.
Configuration (please complete the following information):
OS and version: [e.g. Windows 10 19045]
Version of the rover aztfmod/rover:1.5.4-2307.2804
Version of the landing zone 5.7.2
Additional context
permissions:
Application.ReadWrite.All
Application.ReadWrite.OwnedBy
AppRoleAssignment.ReadWrite.All
DelegatedPermissionGrant.ReadWrite.All
Directory.ReadWrite.All
Group.ReadWrite.All
RoleManagement.ReadWrite.Directory
@calling initialize_state
Checking required permissions
@Checking if current user (object_id: ***) is Owner of the subscription - only for launchpad
User is Owner of the subscription
Installing launchpad from /tf/caf/landingzones/caf_launchpad
`Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
Terraform planned the following actions, but then encountered a problem:
random_string.prefix[0] will be created
}
module.launchpad.random_string.prefix[0] will be created
}
module.launchpad.module.custom_roles["caf-launchpad"].azurecaf_name.custom_role will be created
}
module.launchpad.module.custom_roles["caf-launchpad-contributor"].azurecaf_name.custom_role will be created
}
module.launchpad.module.diagnostic_event_hub_namespaces["central_logs_region1"].azurecaf_name.evh will be created
}
module.launchpad.module.diagnostic_log_analytics["central_logs_region1"].azurecaf_name.law will be created
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["bootdiag_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diaglogs_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region1"].azurecaf_name.stg will be created
}
module.launchpad.module.diagnostic_storage_accounts["diagsiem_region2"].azurecaf_name.stg will be created
}
module.launchpad.module.keyvaults["level0"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level1"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level2"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level3"].azurecaf_name.keyvault will be created
}
module.launchpad.module.keyvaults["level4"].azurecaf_name.keyvault will be created
}
module.launchpad.module.managed_identities["level0"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level1"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level2"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level3"].azurecaf_name.msi will be created
}
module.launchpad.module.managed_identities["level4"].azurecaf_name.msi will be created
}
module.launchpad.module.resource_groups["level0"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level0"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level1"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level1"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level2"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level2"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level3"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level3"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["level4"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["level4"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["ops"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["ops"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["security"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["security"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.resource_groups["siem"].azurecaf_name.rg will be created
}
module.launchpad.module.resource_groups["siem"].azurerm_resource_group.rg will be created
}
}
module.launchpad.module.storage_accounts["level0"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level1"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level2"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level3"].azurecaf_name.stg will be created
}
module.launchpad.module.storage_accounts["level4"].azurecaf_name.stg will be created
}
Plan: 43 to add, 0 to change, 0 to destroy.
Changes to Outputs:
The text was updated successfully, but these errors were encountered: