Terraform-provider-azurerm: storage account - Advanced Threat Protection not available in all regions or Azure Gov

Created on 25 Jul 2019 · 6Comments · Source: terraform-providers/terraform-provider-azurerm

After updating to azurerm v1.32.0 we can no longer add/update/import storage accounts there is a conflict with Advanced Threat Protection Client data query. That functionality is not in azure gov yet which is probably the cause of the error.

azurerm_storage_account.vant4geasestage: Refreshing state... [id=/subscriptions//resourceGroups/Stage/providers/Microsoft.Storage/storageAccounts/teststorageaccount]

Error: Error reading the advanced threat protection settings of AzureRM Storage Account "teststorageaccount": security.AdvancedThreatProtectionClient#Get: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="NoRegisteredProviderFound" Message="No registered resource provider found for location 'usgovvirginia' and API version '2017-08-01-preview' for type 'storageAccounts'. The supported api-versions are '2019-04-01, 2018-11-01, 2018-07-01, 2018-03-01-preview, 2018-02-01, 2017-10-01, 2017-06-01, 2016-12-01, 2016-07-01, 2016-05-01, 2016-01-01, 2015-06-15, 2015-05-01-preview'. The supported locations are 'usgoviowa, usgovvirginia, usgovtexas, usgovarizona, usdodeast, usdodcentral'."

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Terraform version 0.12.5
AzureRM version 1.32.0

Affected Resource(s)

azurerm_storage_account

Terraform Configuration Files

`
resource "azurerm_storage_account" "teststorageaccount" {
name = "teststorageaccount"
location = "${azurerm_resource_group.Stage.location}"
resource_group_name = "${azurerm_resource_group.Stage.name}"
account_tier = "Standard"
account_kind = "StorageV2"
account_replication_type = "GRS"
access_tier = "Hot"
enable_blob_encryption = true
enable_file_encryption = true
enable_https_traffic_only = true

network_rules {
bypass = ["AzureServices"]
virtual_network_subnet_ids = ["${azurerm_subnet.Stage-ASE.id}", "${azurerm_subnet.Stage-DMZVMs.id}", "${azurerm_subnet.Stage-InternalVMs.id}"]
}
}
`

Expected Behavior

Should be able to create/update/import storage accounts

Actual Behavior

Steps to Reproduce

terraform apply or terraform import -var-file="secrets.tfvars" azurerm_storage_account.teststorageaccount "/subscriptions/<subscripton id removed>/resourceGroups/Stage/providers/Microsoft.Storage/storageAccounts/teststorageaccount"

Important Factoids

This bug is probably specific to azure gov. We are currently in the usgovvirginia data center

azurgovernment bug regression servicstorage

Source

monster-cookie

👍26

Most helpful comment

Seeing the same issue in South Africa.

clarkcode on 29 Jul 2019

👍2

All 6 comments

Threat protection is not available in every regions even for standard public cloud.
I have a storage account in france central and I have a similar issue

Actual Behavior

Error: Error reading the advanced threat protection settings of AzureRM Storage Account "teststoragefrance": security.AdvancedThreatProtectionClient#Get: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="NoRegisteredProviderFound" Message="No registered resource provider found for location 'francecentral' and API version '2017-08-01-preview' for type 'advancedThreatProtectionSettings'. The supported api-versions are '2017-08-01-preview'. The supported locations are 'australiacentral, australiacentral2, australiaeast, australiasoutheast, brazilsouth, canadacentral, canadaeast, centralindia, centralus, eastasia, eastus2, eastus, japaneast, japanwest, koreacentral, koreasouth, northcentralus, northeurope, southcentralus, southindia, southeastasia, uksouth, ukwest, westcentralus, westeurope, westindia, westus2, westus'."

sgissinger on 26 Jul 2019

Seeing the same issue in South Africa.

clarkcode on 29 Jul 2019

👍2

If this was included in last night's 1.32.0 release it is still occurring. The fix looks to only prevent you from setting that flag in an apply/plan mode operation the errors above occur in the state refresh.

monster-cookie on 30 Jul 2019

@idbrain it has not been included in yesterday's release.
You can compile yourself this repo's HEAD and manually replace the provider's version in your .terraform folder, which I did and don't have the error anymore.

bathizte on 31 Jul 2019

This has been released in version 1.32.1 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.32.1"
}
# ... other configuration ...

hashibot[bot] on 1 Aug 2019

👍1

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] on 29 Aug 2019

Was this page helpful?

0 / 5 - 0 ratings