Terraform-provider-azurerm: Error 400 creating Azure Premium CDN endpoint
Terraform Version
Terraform v0.11.6
- provider.azurerm v1.3.2
Affected Resource(s)
Please list the resources as a list, for example:
- azurerm_cdn_endpoint
Terraform Configuration Files
variable subscription_id {}
variable cdn_name {}
variable cdn_location {}
variable cdn_storage_account_name {}
variable cdn_storage_account_tier {}
variable cdn_storage_account_replication_type {}
provider "azurerm" {
subscription_id = "${var.subscription_id}"
}
resource "azurerm_resource_group" "cdn" {
name = "${var.cdn_name}-rg"
location = "${var.cdn_location}"
}
resource "azurerm_storage_account" "cdn" {
name = "${var.cdn_storage_account_name}"
location = "${var.cdn_location}"
resource_group_name = "${azurerm_resource_group.cdn.name}"
account_tier = "${var.cdn_storage_account_tier}"
account_replication_type = "${var.cdn_storage_account_replication_type}"
enable_blob_encryption = true
enable_file_encryption = true
enable_https_traffic_only = true
}
resource "azurerm_cdn_profile" "cdn" {
name = "${var.cdn_name}-profile"
location = "${var.cdn_location}"
resource_group_name = "${azurerm_resource_group.cdn.name}"
sku = "Premium_Verizon"
}
resource "azurerm_cdn_endpoint" "cdn" {
name = "${var.cdn_name}-endpoint"
profile_name = "${azurerm_cdn_profile.cdn.name}"
location = "${var.cdn_location}"
resource_group_name = "${azurerm_resource_group.cdn.name}"
origin {
name = "${var.cdn_name}-origin"
host_name = "${azurerm_storage_account.cdn.name}.blob.core.windows.net"
https_port = "443"
}
}
Debug Output
https://gist.github.com/miat-asowers/ca7e2174733325aa1e0d884e945406a7
Panic Output
none
Expected Behavior
Terraform creates a new CDN endpoint
Actual Behavior
Error creating CDN Endpoint "qa-oasys-cdn-endpoint" (Profile "qa-oasys-cdn-profile" / Resource Group "qa-oasys-cdn-rg"): cdn.EndpointsClient#Create: Failure sending request: StatusCode=400 -- Original Error: autorest/azure: Service
returned an error. Status=400 Code="BadRequest" Message="We couldn’t configure QueryStringCachingBehavior, IsCompressionEnabled, ContentTypesToCompress, GeoFilters and DeliveryPolicy for premium profile endpoints. You’ll need to manage these endpoints in the supplemental portal."
I'm not specifying any of those variables, but it appears that terraform is computing them for me:
azurerm_cdn_endpoint.cdn: Creating...
content_types_to_compress.#: "" => "<computed>"
host_name: "" => "<computed>"
is_compression_enabled: "" => "false"
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
az loginterraform apply-var-file="my.tfvars"
miat-asowers
All 16 comments
As a workaround yo can set the param "querystring_caching_behavior" explicitly to "NotSet".
This should be used as default value....
jwueste
on 13 Jun 2018
hi @miat-asowers
Taking a look into this it appears we may be able to work around this by not submitting these fields to Azure (and documenting that that's the case) / potentially erroring if these aren't set. Whilst that's not ideal I believe it's the best we can do in this situation since there's no way to set these fields via the API since they need to be set in the supplementary portal.
Thanks!
tombuildsstuff
on 25 Oct 2018
any solution on this matter by now?
update:
querystring_caching_behaviour = "NotSet"
seems to have fixed it for me
pniederlag
on 31 May 2019
any solution on this matter by now?
update:querystring_caching_behaviour = "NotSet"seems to have fixed it for me
Ping? This workaround seems to also work for me. Can it at least be added to the docs that it's a required param for Verizon_Premium?
shauber
on 19 Jul 2019
Is there any possibility that this could be added in terraform to set the rules engine via GeoFilters and DeliveryPolicy?
naikajah
on 2 Dec 2019
This fix actually allows you at least to deploy premium, which is a good start. I would love to have the geo_filter working as well. Unfortunately it is not working even with this fix.
ds521
on 12 Dec 2019
The above fix no longer works. I had this issue on April 8th, and using the workaround did work. But now (Apr 22), I am creating a new endpoint with the exact same settings and it only throws an error.
resource "azurerm_cdn_endpoint" "endpoint" {
name = "cdnep"
resource_group_name = "rg"
location = "westeurope"
profile_name = "cdnprofile"
is_http_allowed = false
optimization_type = "GeneralWebDelivery"
origin_host_header = module.query_url.stdout
querystring_caching_behaviour = "NotSet"
}
results in
Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest" Message="We couldn’t configure QueryStringCachingBehavior, IsCompressionEnabled, ContentTypesToCompress, GeoFilters and DeliveryPolicy for premium profile endpoints. You’ll need to manage these endpoints in the supplemental portal."
Any ideas? This is on a premium Verizon CDN profile. Tested on azurerm versions 2.0 and 2.6.
eugeneromero
on 22 Apr 2020
My current workaround (since this was breaking deploys in our pipeline) was to create the resource manually, export the ARM template to change a few values which are not exposed in the portal, apply the template, import the resource to the Terraform state, and apply. As long as Terraform doesn't need to touch the resource, it does not complain. Thankfully this resource is a create-and-forget type... but this is definitely a dirty workaround. Here's hoping for a proper fix soon!
eugeneromero
on 22 Apr 2020
Was able to create via terraform with:
provider "azurerm" {
version = "~> 2.4.0"
}
romatr
on 7 May 2020
This fix appears to work for azurerm < 2.6 but not above or inclusive
JoeHitchenXtract
on 27 May 2020
This fix appears to work for
azurerm < 2.6but not above or inclusive
I face the same problem with "2.11.0"
I have to use at least 2.9 since I need the "azurerm_function_app_slot" resource from it.
I keep digging what broke the resource. As I see there were 2 PR-s released in 2.6.
One of them will have the answer :)
botondev
on 28 May 2020
I tried 2.22.0 with the following configuration:
resource "azurerm_cdn_endpoint" "cdn_endpoint" {
name = "endpoint"
profile_name = azurerm_cdn_profile.example.name
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
is_http_allowed = true
is_https_allowed = true
querystring_caching_behaviour = "NotSet"
origin_host_header = azurerm_storage_account.example.primary_web_host
origin {
name = "origin"
host_name = azurerm_storage_account.example.primary_web_host
}
}
Seems like terraform is adding the is_compression_enabled property by default, "NotSet" solution is not working on that property. It's only accepting True or False. Any idea how this property can be removed from deploy on a Premium CDN?
+ resource "azurerm_cdn_endpoint" "cdn_endpoint" {
+ content_types_to_compress = (known after apply)
+ host_name = (known after apply)
+ id = (known after apply)
--> + is_compression_enabled = false
+ is_http_allowed = true
+ is_https_allowed = true
+ location = "westeurope"
+ name = "app-cdn"
+ origin_host_header = "app.web.core.windows.net"
+ origin_path = (known after apply)
+ probe_path = (known after apply)
+ profile_name = "azdatreuw-cdn-roots"
+ querystring_caching_behaviour = "NotSet"
+ resource_group_name = "app-rg"
+ origin {
+ host_name = "app.web.core.windows.net"
+ http_port = 80
+ https_port = 443
+ name = "cdn-origin"
}
}
mregni
on 10 Aug 2020
Is it possible to fix this issue? It's really problematic.
zekth
on 24 Sep 2020
This has been released in version 2.34.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:
provider "azurerm" {
version = "~> 2.34.0"
}
# ... other configuration ...
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 29 Oct 2020
Sorry to bring the bad news but it seems there is another issue:
cdn.EndpointsClient#Create: Failure sending request:
StatusCode=400 -- Original Error: Code="BadRequest"
Message="We couldn’t configure QueryStringCachingBehavior, IsCompressionEnabled, ContentTypesToCompress, GeoFilters and DeliveryPolicy for premium profile endpoints.
You’ll need to manage these endpoints in the supplemental portal."
The terraform provider seems to add the QueryStringCachingBehavior and ContentTypesToCompress by default like IsCompressionEnabled was before the PR.
eg:
resource "azurerm_cdn_endpoint" "cdn_endpoint" {
name = "cdne${local.formatted_name}"
profile_name = var.cdn_profile_name
location = "global"
resource_group_name = var.resource_group_name
origin_path = "/foo"
origin_host_header = var.originHostname
is_https_allowed = true
is_http_allowed = false
origin {
name = "name"
host_name = var.originHostname
}
}
Seems like the tests of the provider are not really in Sync with API. Especially with the verizon API.
zekth
on 13 Nov 2020
I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!
hashibot[bot]
on 24 Nov 2020
Related issues
Kanikamiglani31
·
3Comments
jansepke
·
3Comments
sam-cogan
·
3Comments
tomasaschan
·
3Comments
Faaux
·
3Comments
Most helpful comment
I tried 2.22.0 with the following configuration:
Seems like terraform is adding the
is_compression_enabledproperty by default, "NotSet" solution is not working on that property. It's only accepting True or False. Any idea how this property can be removed from deploy on a Premium CDN?