This message was deleted.
# generals
sparse-intern-71089
10/27/2018, 12:47 AMThis message was deleted.
m
microscopic-florist-22719
10/27/2018, 12:48 AM
We had a separate report of something similar here but involving service principals earlier today.
microscopic-florist-22719
10/27/2018, 12:49 AM
We believe that there may be a bug in the TF provider (see e.g. https://github.com/terraform-providers/terraform-provider-azurerm/issues/2113), but we are actively investigating.
b
brave-angle-33257
10/27/2018, 12:49 AMawesome ty
brave-angle-33257
10/27/2018, 12:49 AMhere's some debug if it helps
brave-angle-33257
10/27/2018, 12:50 AM Copy code
let uai_name = Utils.get_uai_name(container.id, env_id, region)
let uai = new azure.msi.UserAssignedIdentity(uai_name, {
name: uai_name,
resourceGroupName: uai_resource_group_name,
location: definition_map.region_map[region]['name'],
tags: {
'manifiest_id': container.id,
'env_id': env_id,
'resource_type': 'storage',
'region': definition_map.region_map[region]['name'],
'location': definition_map.region_map[region]['name'],
'resource_region': storage.region,
'resource_account': storage_account_name_parsed,
'resource_container': container.name
}
}
);
let assignment_scope = Utils.get_resource_scope('st', String(azure_config.subscriptionId), storage_resource_group_name, storage_account_name_parsed, container.name);
let assignment_id = Utils.get_uai_assignment_id(container.id, env_id, definition_map.region_map[region]['number'])
let storage_container_assignment = new azure.role.Assignment(assignment_id, {
name: assignment_id,
principalId: uai.principalId,
roleDefinitionId: blob_reader_role_definition.id,
scope: assignment_scope
},
{ dependsOn: uai }
);brave-angle-33257
10/27/2018, 12:51 AMadded a 👍 on this issue and my previous on github