-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
azurerm_api_management_subscription
creates invalid key when api_id
is set using azurerm_api_management_api
data source
#23399
Comments
With the new version v3.89.0 of the terraform-provider-azurerm this seems to be a general issue. According to #23031 which changes the id format to a specific revision and append for example the ";rev=1", the terraform resource The resource A workaround we used is to add a locals {
revision = 1
revision_suffix = format(";rev=%s", local.revision)
}
resource "azurerm_api_management_api" "example" {
...
revision = local.revision
...
}
resource "azurerm_api_management_subscription" "example_working" {
...
api_id = trimsuffix(azurerm_api_management_api.example.id, local.revision_suffix)
...
} |
We faced the same issue with upgrading to the new version 3.89.0
|
Also hitting this issue since v3.89.0, the new app_id format is forcing all our We had to use the same |
It's a good workaround solution. Thanks @yalmaty. :) |
The app_id was invalid with the |
I use
|
Is there an existing issue for this?
Community Note
Terraform Version
1.5.7
AzureRM Provider Version
3.74.0
Affected Resource(s)/Data Source(s)
azurerm_api_management_subscription
,azurerm_api_management_api
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Resource
azurerm_api_management_subscription.example_not_working
should create an APIM subscription.When either the primary or secondary subscription key value is passed as an
Ocp-Apim-Subscription-Key
header to the APIM api endpoint a 500 error should be returned (this is fine, there's no backend setup in the example)Actual Behaviour
Resource
azurerm_api_management_subscription.example_not_working
creates an APIM subscription.When either the primary or secondary subscription key value is passed as an
Ocp-Apim-Subscription-Key
header to the APIM api endpoint a 401 error is returned with the message "Access denied due to invalid subscription key. Make sure to provide a valid key for an active subscription."Only affects subscriptions when
api_id
is set using value from aazurerm_api_management_api
data sourceIn the example the
azurerm_api_management_subscription.example
resource creates a valid subscription with working keys since theapi_id
is set from a resource value instead of a data source value.Note
If the invalid subscription key is saved through the Azure Portal then the key begins to work. A subsequent
terraform plan
reveals that the provider attempts to postfix;rev=1
to the value forapi_id
which, after applying then breaks the subscription again.Steps to Reproduce
terraform apply
Send GET request to /example/sessions with
Ocp-Apim-Subscription-Key
headerImportant Factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: