Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Preview roles are not supported" for azurerm_role_assignment #1692

Closed
ams0 opened this issue Jul 31, 2018 · 6 comments · Fixed by #7205
Closed

"Preview roles are not supported" for azurerm_role_assignment #1692

ams0 opened this issue Jul 31, 2018 · 6 comments · Fixed by #7205
Labels
bug service/authentication
Milestone
v2.13.0

Comments

@ams0
Copy link

ams0 commented Jul 31, 2018

Issues on GitHub are intended to be related to bugs or feature requests with provider codebase,
so we recommend using our other community resources instead of asking here 👍.

If you have a support request or question please submit them to one of these resources:

Using:
Terraform v0.11.7

  • provider.azurerm v1.11.0

When trying to assign the role "Storage Blob Data Reader (Preview)" to a Managed User Identity I have the Preview roles are not supported error; however, it looks like it could be done in azure-sdk-for-go (Azure/azure-sdk-for-go#1895). What am I missing?
@ams0
Copy link
Author

ams0 commented Sep 7, 2018

Any update on this? It would greatly help to be able to assign this preview roles via Terraform!

@tombuildsstuff
Copy link
Contributor

hey @ams0

Thanks for opening this issue / apologies for the delayed response here!

This behaviour is currently intentional as we don't support Data Actions within Terraform at the current time (although that's being tracked in #1538) - however once #1538 has been fixed/merged, I believe we should be able to remove this check.

Thanks!

@cwiederspan
Copy link

cwiederspan commented Nov 23, 2018
edited
Loading

It looks like #1538 is closed out and available. Given that, any ETA on an update for this issue?

@ms1111
Copy link

ms1111 commented Dec 17, 2018

As a workaround, I was able to use az role definition list to find the full ID of the built-in preview role I wanted like to use in my subscription. For example:

resource "azurerm_role_assignment" "assignment" {
  scope = "${azurerm_storage_account.account.id}"
  # "Storage Blob Data Contributor (Preview)"
  role_definition_id = "/subscriptions/${local.subscription_id}/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe"
  principal_id = ...
}

@tombuildsstuff tombuildsstuff added this to the v2.13.0 milestone Jun 4, 2020
tombuildsstuff added a commit that referenced this issue Jun 4, 2020
@tombuildsstuff
r/role_assignment: support for assigning Preview roles
f16c93e 
Fixes #1692
@tombuildsstuff tombuildsstuff mentioned this issue Jun 4, 2020
Merged
@ghost
Copy link

ghost commented Jun 4, 2020

This has been released in version 2.13.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.13.0"
}
# ... other configuration ...

@ghost
Copy link

ghost commented Jul 4, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Jul 4, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug service/authentication
Projects
None yet
Milestone
v2.13.0
Development

Successfully merging a pull request may close this issue.

r/role_assignment: support for assigning Preview roles hashicorp/terraform-provider-azurerm
4 participants
@cwiederspan @tombuildsstuff @ams0 @ms1111