-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
azurerm_cdn_frontdoor_custom_domain import path incorrect #21950
Comments
I substituted generic commands for my subscription specific commands for privacy reasons. |
@caxejc, based on the attached configuration file it appears that you may be using the incorrect resources for a resource "azurerm_cdn_frontdoor_profile" "example" {
...
}
resource "azurerm_cdn_frontdoor_endpoint" "example" {
...
}
resource "azurerm_cdn_frontdoor_custom_domain" "example" {
...
} Instead of: resource "azurerm_cdn_profile" "example" {
...
}
resource "azurerm_cdn_endpoint" "example" {
...
}
resource "azurerm_cdn_endpoint_custom_domain" "example" {
...
} |
Apologies, when trying to get the generic code I pulled from the wrong location. Here's the actual code removing anything identifying:
It Terraform Inits and Plans just fine (identifying stuff removed again):
So, the config works just fine. The issue is with the Import.
So when I look in the actual Azure Blade for the new CDN Frontdoor domains it's not "customDomains" it's "domains" When trying to import using "domains" instead of "customDomains" this happens:
|
@caxejc, thank you for your reply. I will have to reach out to the service team to see if they have changed there resource ID schema. This also maybe an issue with the Azure Portal and Terraform using different version of the API, where in the newer version the service team has changed the |
Perfect thank you.
…________________________________
From: Wodans Son ***@***.***>
Sent: Wednesday, June 7, 2023 4:31:55 PM
To: hashicorp/terraform-provider-azurerm ***@***.***>
Cc: Jonathan Close ***@***.***>; Mention ***@***.***>
Subject: Re: [hashicorp/terraform-provider-azurerm] azurerm_cdn_frontdoor_custom_domain import path incorrect (Issue #21950)
You don't often get email from ***@***.*** Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
This message originated outside of CorpAxe. Use caution with links and attachments.
@caxejc<https://github.com/caxejc>, thank you for your reply. I will have to reach out to the service team to see if they have changed there resource ID schema. This also maybe an issue with the Azure Portal and Terraform using different version of the API, where in the newer version the service team has changed the customDomains element to just domains.
—
Reply to this email directly, view it on GitHub<#21950 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BAD4P777MH36AXTMMXBYRVDXKDXMXANCNFSM6AAAAAAYQQEVWU>.
You are receiving this because you were mentioned.Message ID: ***@***.***>
|
@caxejc, I have spoken with the service team and they have stated that they did not change the elements in the Resource ID (e.g., terraform import azurerm_cdn_frontdoor_custom_domain.contoso /subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customDomains/contoso-custom-domain
azurerm_cdn_frontdoor_custom_domain.contoso: Importing from ID "/subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customDomains/contoso-custom-domain"...
azurerm_cdn_frontdoor_custom_domain.contoso: Import prepared!
Prepared azurerm_cdn_frontdoor_custom_domain for import
azurerm_cdn_frontdoor_custom_domain.contoso: Refreshing state... [id=/subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customDomains/contoso-custom-domain]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform. How did you create the custom domain that you want to import into the state file which is showing the |
I manually created the domain in the DNS zone associated our domain. Then manually added the domain in the Front Door and CDN profile - domain blade. When manually adding, it allowed me to select the DNS zone and custom domain that I had manually created. |
So I used powershell to see if I was doing something wrong with the ID. Using the Get-AzFrontDoorCdnCustomDomain cmdlet I received this for the ID: I plugged that into the import command and received this error again:
I then capitalized the "D" in customDomains and tried again, then got this again:
It exists, using powershell I can see that the ID matches what's expected for the import other than the capitalized "D" in "customDomains". The cdn frontdoor profile was created via Terraform in the same config file. So it's not an access or location issue. |
@rcskosir this is a well known issue with the portal, and other tool sets. I think the easiest way to fix this is if I write an import stub for the |
@rcskosir, with my referenced PR you may now import custom domains no matter the casing of the resource ID.
Notice that casing of the |
hey @caxejc As you've mentioned, the Resource ID casing that Terraform's expecting and that being returned by the Azure API differ here, notably the casing on the Whilst newer versions of the Resource ID Parsers output more information as to the value for each segment that we're expecting (see here for an example) - unfortunately the older Resource ID parsers used by this Resource don't, which is why you're seeing this error message at this time. The Resource IDs used by Terraform do not necessarily map 1:1 with the Resource IDs defined within the Azure API - indeed, there's many cases where these don't, as such the documentation for each Resource defines the Resource ID used at Import time in the Since each Provider instance is related to a Subscription, my guess here would be that the Subscription being used in Terraform (that is, defined in the Provider block or sourced from the Azure CLI) differs from the one defined in the Resource ID string - as such it'd be worth confirming both the Subscription ID and the Resource ID being used to ensure these match - would you be able to confirm those values match? Thanks! |
I backed out all of my changes to make the provider "azurerm" {
features {}
}
locals {
loc = "westeurope"
}
resource "azurerm_resource_group" "test" {
name = "repro-afdx-21950"
location = local.loc
}
resource "azurerm_dns_zone" "test" {
name = "{hostName}.com"
resource_group_name = azurerm_resource_group.test.name
}
resource "azurerm_cdn_frontdoor_profile" "test" {
name = "repro-profile"
resource_group_name = azurerm_resource_group.test.name
sku_name = "Premium_AzureFrontDoor"
response_timeout_seconds = 120
}
resource "azurerm_cdn_frontdoor_endpoint" "contoso" {
name = "repro-endpoint-contosos"
cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.test.id
enabled = true
}
resource "azurerm_dns_cname_record" "test" {
name = "contoso"
zone_name = azurerm_dns_zone.test.name
resource_group_name = azurerm_resource_group.test.name
ttl = 3600
record = azurerm_cdn_frontdoor_endpoint.contoso.host_name
} Once the above configuration was applied I then used the Azure Portal to create my DNS auth txt record and my Front Door Custom Domain. I then validated the casing of the Azure Payload from {"id":"/subscriptions/{subscription}/resourcegroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customdomains/contoso-{hostName}-com","type":"Microsoft.Cdn/profiles/customdomains","name":"contoso-{hostName}-com","properties":{"hostName":"contoso.{hostName}.com","tlsSettings":{"certificateType":"ManagedCertificate","minimumTlsVersion":"TLS12","secret":{"id":"/subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/Profiles/repro-profile/secrets/28679753-ef1c-4598-a73c-d9cbfa7e0cf8-contoso-{hostName}-com"}},"validationProperties":{"validationToken":"lt8mrsf0znj7rvh3q6lm8nx54480kvp1","expirationDate":"2023-07-03T22:38:04.2850497+00:00"},"azureDnsZone":{"id":"/subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Network/dnszones/{hostName}.com"},"domainValidationState":"Approved","preValidatedCustomDomainResourceId":null,"provisioningState":"Succeeded","deploymentStatus":"Succeeded"}} NOTE: The Once the above manual steps were completed and I validated the Custom Domain's provider "azurerm" {
features {}
}
locals {
loc = "westeurope"
}
resource "azurerm_resource_group" "test" {
name = "repro-afdx-21950"
location = local.loc
}
resource "azurerm_dns_zone" "test" {
name = "{hostName}.com"
resource_group_name = azurerm_resource_group.test.name
}
resource "azurerm_cdn_frontdoor_profile" "test" {
name = "repro-profile"
resource_group_name = azurerm_resource_group.test.name
sku_name = "Premium_AzureFrontDoor"
response_timeout_seconds = 120
}
resource "azurerm_cdn_frontdoor_endpoint" "contoso" {
name = "repro-endpoint-contosos"
cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.test.id
enabled = true
}
resource "azurerm_cdn_frontdoor_custom_domain" "contoso" {
}
resource "azurerm_dns_cname_record" "test" {
name = "contoso"
zone_name = azurerm_dns_zone.test.name
resource_group_name = azurerm_resource_group.test.name
ttl = 3600
record = azurerm_cdn_frontdoor_endpoint.contoso.host_name
} I then ran the following Terraform Command: terraform import azurerm_cdn_frontdoor_custom_domain.contoso /subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customDomains/contoso-wodans-son-com NOTE: The The Result of the Terraform Import Command: azurerm_cdn_frontdoor_custom_domain.contoso: Import prepared!
Prepared azurerm_cdn_frontdoor_custom_domain for import
azurerm_cdn_frontdoor_custom_domain.contoso: Refreshing state... [id=/subscriptions/{subscription}/resourceGroups/repro-afdx-21950/providers/Microsoft.Cdn/profiles/repro-profile/customDomains/contoso-{hostName}-com]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform. So, from this test, it appears that the issue is not that the |
Thank you for all your help. I figured out the issue and it was my fault. My az account set was on the wrong subscription. It had been a month or so since the last time I imported and when I went to check what subscription I was hooked to I mistakenly used the powershell cmdlet "get-azcontext", which showed the subscription that I expected. What I should have done, and did to fix the issue, was use az account show. That showed me as being connected to the wrong sub. I then az account set to the correct sub and it worked first time. Appreciate the work and patience guys, sorry for the run around. You can mark this as closed, thank you. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Is there an existing issue for this?
Community Note
Terraform Version
1.3.6
AzureRM Provider Version
3.37.0
Affected Resource(s)/Data Source(s)
azurerm_cdn_frontdoor_custom_domain
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Successful importing of Azure cdn custom domain into the state file.
Actual Behaviour
TF unable to find the object/resource.
Steps to Reproduce
Important Factoids
No response
References
When looking at the actual blade for cdn domains it's called "domains" not "customDomains".
When trying to navigate to anything labeled "customDomains" on the Azure portal, Azure can't find it.
The text was updated successfully, but these errors were encountered: