Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

importing azure cloudflare access groups failing (empty azure id) #1322

Closed
2 tasks done
mvcaaa opened this issue Nov 29, 2021 · 1 comment · Fixed by #1341
Closed
2 tasks done

importing azure cloudflare access groups failing (empty azure id) #1322

mvcaaa opened this issue Nov 29, 2021 · 1 comment · Fixed by #1341
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@mvcaaa
Copy link
Contributor

mvcaaa commented Nov 29, 2021

Confirmation

  • My issue isn't already found on the issue tracker.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform 1.0.11
Cloudflare Provider: 3.4

Affected resource(s)

cloudflare_access_group

Terraform configuration files

resource "cloudflare_access_group" "test_azure_group" {
  account_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  name       = "test_azure"

  include {
    azure {
      id = ["yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"]
    }
  }

}

Debug output

mvc@mvc-ubuntu:~/work/politico/terraform-cloud/cfa/qa$ TF_LOG="DEBUG" terraform import cloudflare_access_group.test_azure_group "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
2021-11-29T19:54:18.304+0200 [DEBUG] Adding temp file log sink: /tmp/terraform-log894684242
2021-11-29T19:54:18.305+0200 [INFO]  Terraform version: 1.0.11
2021-11-29T19:54:18.305+0200 [INFO]  Go runtime version: go1.16.4
2021-11-29T19:54:18.305+0200 [INFO]  CLI args: []string{"/home/mvc/.tfenv/versions/1.0.11/terraform", "import", "cloudflare_access_group.test_azure_group", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"}
2021-11-29T19:54:18.306+0200 [DEBUG] Attempting to open CLI config file: /home/mvc/.terraformrc
2021-11-29T19:54:18.306+0200 [INFO]  Loading CLI configuration from /home/mvc/.terraformrc
2021-11-29T19:54:18.307+0200 [INFO]  Loading CLI configuration from /home/mvc/.terraform.d/credentials.tfrc.json
2021-11-29T19:54:18.308+0200 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2021-11-29T19:54:18.308+0200 [DEBUG] ignoring non-existing provider search directory /home/mvc/.terraform.d/plugins
2021-11-29T19:54:18.309+0200 [DEBUG] ignoring non-existing provider search directory /home/mvc/.local/share/terraform/plugins
2021-11-29T19:54:18.309+0200 [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2021-11-29T19:54:18.310+0200 [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins
2021-11-29T19:54:18.310+0200 [DEBUG] ignoring non-existing provider search directory /var/lib/snapd/desktop/terraform/plugins
2021-11-29T19:54:18.311+0200 [INFO]  CLI command args: []string{"import", "cloudflare_access_group.test_azure_group", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"}
2021-11-29T19:54:18.373+0200 [DEBUG] checking for provisioner in "."
2021-11-29T19:54:18.374+0200 [DEBUG] checking for provisioner in "/home/mvc/.tfenv/versions/1.0.11"
2021-11-29T19:54:18.375+0200 [DEBUG] checking for provisioner in ".terraform/plugins/linux_amd64"
2021-11-29T19:54:18.379+0200 [DEBUG] backend/local: skipping refresh of managed resources
2021-11-29T19:54:18.381+0200 [DEBUG] created provider logger: level=debug
2021-11-29T19:54:18.382+0200 [INFO]  provider: configuring client automatic mTLS
2021-11-29T19:54:18.422+0200 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0]
2021-11-29T19:54:18.423+0200 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 pid=50280
2021-11-29T19:54:18.423+0200 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0
2021-11-29T19:54:18.435+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: configuring server automatic mTLS: timestamp=2021-11-29T19:54:18.435+0200
2021-11-29T19:54:18.445+0200 [DEBUG] provider.terraform-provider-cloudflare_v3.4.0: plugin address: address=/tmp/plugin2212254243 network=unix timestamp=2021-11-29T19:54:18.445+0200
2021-11-29T19:54:18.446+0200 [DEBUG] provider: using plugin: version=5
2021-11-29T19:54:18.477+0200 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 pid=50280
2021-11-29T19:54:18.479+0200 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-11-29T19:54:18.479+0200 [DEBUG] provider: plugin exited
2021-11-29T19:54:18.480+0200 [DEBUG] ProviderTransformer: "cloudflare_access_group.test_azure_group" (*terraform.NodeAbstractResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-29T19:54:18.480+0200 [DEBUG] ProviderTransformer: "data.cloudflare_zone.politico_com" (*terraform.NodeAbstractResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-29T19:54:18.480+0200 [DEBUG] ProviderTransformer: "cloudflare_access_group.test_azure_group (import id \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy\")" (*terraform.graphNodeImportState) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-29T19:54:18.481+0200 [DEBUG] ProviderTransformer: "cloudflare_access_group.vpn_non_identity" (*terraform.NodeAbstractResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-29T19:54:18.482+0200 [DEBUG] ReferenceTransformer: "cloudflare_access_group.vpn_non_identity" references: []
2021-11-29T19:54:18.482+0200 [DEBUG] ReferenceTransformer: "cloudflare_access_group.test_azure_group" references: []
2021-11-29T19:54:18.483+0200 [DEBUG] ReferenceTransformer: "data.cloudflare_zone.politico_com" references: []
2021-11-29T19:54:18.483+0200 [DEBUG] ReferenceTransformer: "cloudflare_access_group.test_azure_group (import id \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy\")" references: []
2021-11-29T19:54:18.483+0200 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: []
2021-11-29T19:54:18.484+0200 [DEBUG] Starting graph walk: walkImport
2021-11-29T19:54:18.486+0200 [DEBUG] created provider logger: level=debug
2021-11-29T19:54:18.487+0200 [INFO]  provider: configuring client automatic mTLS
2021-11-29T19:54:18.533+0200 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0]
2021-11-29T19:54:18.535+0200 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 pid=50285
2021-11-29T19:54:18.535+0200 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0
2021-11-29T19:54:18.547+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: configuring server automatic mTLS: timestamp=2021-11-29T19:54:18.547+0200
2021-11-29T19:54:18.557+0200 [DEBUG] provider.terraform-provider-cloudflare_v3.4.0: plugin address: address=/tmp/plugin3542687097 network=unix timestamp=2021-11-29T19:54:18.557+0200
2021-11-29T19:54:18.559+0200 [DEBUG] provider: using plugin: version=5
2021-11-29T19:54:18.599+0200 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" changed the config value, but that value is unused
2021-11-29T19:54:18.601+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:18 [INFO] Cloudflare Client configured for user:: timestamp=2021-11-29T19:54:18.601+0200
cloudflare_access_group.test_azure_group: Importing from ID "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"...
2021-11-29T19:54:18.603+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:18 [DEBUG] Importing Cloudflare Access Group: accountID "xxxxxxxxxxxxxxxxxxxxxxxxx", accessGroupID "yyyyyyyyyyyyyyyyyyyyyyyyyyy": timestamp=2021-11-29T19:54:18.603+0200
2021-11-29T19:54:18.604+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:18 [DEBUG] Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
GET /client/v4/accounts/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/access/groups/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.11 terraform-plugin-sdk/2.8.0 terraform-provider-cloudflare/3.4.0
Authorization: Bearer zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
Content-Type: application/json
Accept-Encoding: gzip


-----------------------------------------------------: timestamp=2021-11-29T19:54:18.604+0200
cloudflare_access_group.test_azure_group: Import prepared!
2021-11-29T19:54:19.937+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:19 [DEBUG] Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 200 OK
Cf-Cache-Status: DYNAMIC
Cf-Ray: 6b5db3529ec5376a-HEL
Content-Security-Policy: frame-ancestors 'none'; default-src https: 'unsafe-inline'
Content-Type: application/json; charset=UTF-8
Date: Mon, 29 Nov 2021 17:54:19 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Set-Cookie: __cflb=0H28vgHxwvgAQtjUGU56Rb8iNWZVUvXhteXGZSARKQR; SameSite=Lax; path=/; expires=Mon, 29-Nov-21 20:24:20 GMT; HttpOnly
Set-Cookie: __cfruid=9c1699b9ea6f7afb1f2c081dee5ca4a6991ef4fe-1638208459; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 4
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

{
  "result": {
    "id": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy",
    "name": "test_azure",
    "uid": "yyyyyyyyyyyyyyyyyyyyyyyyyy",
    "include": [
      {
        "azureAD": {
          "id": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy",
          "name": "",
          "identity_provider_id": "yyyyyyyyyyyyyyyyyyyy"
        }
      }
    ],
    "require": [],
    "exclude": [],
    "created_at": "2021-11-23T15:21:31Z",
    "updated_at": "2021-11-23T15:21:31Z"
  },
  "success": true,
  "errors": [],
  "messages": []
}

-----------------------------------------------------: timestamp=2021-11-29T19:54:19.937+0200
2021-11-29T19:54:19.937+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:19 [DEBUG] Access Group key "azureAD" not transformed: timestamp=2021-11-29T19:54:19.937+0200
  Prepared cloudflare_access_group for import
cloudflare_access_group.test_azure_group: Refreshing state... [id=yyyyyyyyyyyyyyyyyyyyyyyyyy]
2021-11-29T19:54:19.942+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:19 [DEBUG] Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
GET /client/v4/accounts/xxxxxxxxxxxxxxxxxxxxxxxxxxx/access/groups/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.11 terraform-plugin-sdk/2.8.0 terraform-provider-cloudflare/3.4.0
Authorization: Bearer zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
Content-Type: application/json
Accept-Encoding: gzip


-----------------------------------------------------: timestamp=2021-11-29T19:54:19.942+0200
2021-11-29T19:54:21.171+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:21 [DEBUG] Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 200 OK
Cf-Cache-Status: DYNAMIC
Cf-Ray: 6b5db35acc1f3768-HEL
Content-Security-Policy: frame-ancestors 'none'; default-src https: 'unsafe-inline'
Content-Type: application/json; charset=UTF-8
Date: Mon, 29 Nov 2021 17:54:21 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Set-Cookie: __cflb=0H28vgHxwvgAQtjUGU56Rb8iNWZVUvXhtpDwaEyuvfw; SameSite=Lax; path=/; expires=Mon, 29-Nov-21 20:24:22 GMT; HttpOnly
Set-Cookie: __cfruid=bde51e975631855fa017ffe1823a85388ee7074e-1638208461; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Envoy-Upstream-Service-Time: 4
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

{
  "result": {
    "id": "zzzzzzzzzzzzzzzzzzzzzzzzzzzzz",
    "name": "test_azure",
    "uid": "zzzzzzzzzzzzzzzzzzzz",
    "include": [
      {
        "azureAD": {
          "id": "zzzzzzzzzzzzzzzzzzzzzzzz",
          "name": "",
          "identity_provider_id": "zzzzzzzzzzzzzzzzzzzzzzzzzzzzz"
        }
      }
    ],
    "require": [],
    "exclude": [],
    "created_at": "2021-11-23T15:21:31Z",
    "updated_at": "2021-11-23T15:21:31Z"
  },
  "success": true,
  "errors": [],
  "messages": []
}

-----------------------------------------------------: timestamp=2021-11-29T19:54:21.171+0200
2021-11-29T19:54:21.171+0200 [INFO]  provider.terraform-provider-cloudflare_v3.4.0: 2021/11/29 19:54:21 [DEBUG] Access Group key "azureAD" not transformed: timestamp=2021-11-29T19:54:21.171+0200
2021-11-29T19:54:21.173+0200 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/linux_amd64/terraform-provider-cloudflare_v3.4.0 pid=50285
2021-11-29T19:54:21.173+0200 [DEBUG] provider: plugin exited
2021-11-29T19:54:21.173+0200 [INFO]  Writing state output to:
2021-11-29T19:54:21.174+0200 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

Panic output

no panic

Expected output

import successful as expected, but import result is incorrect

Actual output

imported resource does not contain azure data:

    {
      "mode": "managed",
      "type": "cloudflare_access_group",
      "name": "test_azure_group",
      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
      "instances": [
        {
          "schema_version": 0,
          "attributes": {
            "account_id": "xxxxxxxxxxxxxxxxxxxxxx",
            "exclude": [],
            "id": "yyyyyyyyyyyyyyyyyyy",
            "include": [],
            "name": "test_azure",
            "require": [],
            "zone_id": null
          },
          "sensitive_attributes": [],
          "private": "zzzzzzzzzzzzzzzzzzzzzzzz"
        }
      ]
    },

Steps to reproduce

  1. define resource
  2. run terraform import with existing resource with azure attached
  3. check terraform state - no includes for azure

Additional factoids

    {
      "mode": "managed",
      "type": "cloudflare_access_group",
      "name": "test_azure_group",
      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
      "instances": [
        {
          "schema_version": 0,
          "attributes": {
            "account_id": "xxxxxxxxxxxxxxxxxxxx",
            "exclude": [],
            "id": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy",
            "include": [],
            "name": "test_azure",
            "require": [],
            "zone_id": null
          },
          "sensitive_attributes": [],
          "private": "zzzzzzzzzzzzzzzzzzzzzz
        }
      ]
    },

References

No response
@mvcaaa mvcaaa added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Nov 29, 2021
mvcaaa added a commit to mvcaaa/terraform-provider-cloudflare that referenced this issue Dec 14, 2021
@mvcaaa
This should fix mapping error for AzureAD
08ed5f7 
Closes cloudflare#1322
@mvcaaa mvcaaa mentioned this issue Dec 14, 2021
Merged
patryk added a commit that referenced this issue Dec 14, 2021
@mvcaaa @patryk
This should fix mapping error for AzureAD (#1341)
2240f0e 
* This should fix mapping error for AzureAD

Closes #1322

* add changelog entry

Co-authored-by: Patryk Szczygłowski <patryk@cloudflare.com>
@patryk
Copy link
Contributor

patryk commented Dec 14, 2021

Thanks for report and the fix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

This should fix mapping error for AzureAD mvcaaa/terraform-provider-cloudflare
2 participants
@patryk @mvcaaa