terraform-provider-azurerm: Error parsing segment "staticResourceGroups": expected the segment "resourcegroups" to be "resourceGroups"

Community Note

  • Please vote on this issue by adding a đź‘Ť reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Terraform version 1.0.5, AzureRM version 2.0

Affected Resource(s)

  • azurerm_user_assigned_identity

Terraform Configuration Files

resource "azurerm_user_assigned_identity" "agw_id" {
  location            = var.location
  resource_group_name = azurerm_resource_group.core_rg.name
  name = "agw-dcmp-${var.env}-${var.region_code}"
}


resource "azurerm_public_ip" "pip_agw" {
  name                = "pip-agw-dcmp-${var.env}-${var.region_code}"
  location            = var.location
  resource_group_name = azurerm_resource_group.core_rg.name
  allocation_method   = "Static"
  sku                 = "Standard"
}

locals {
  frontend_port_name             = "feport-https"
  frontend_port_name_http        = "feport-http"
  frontend_ip_configuration_name = "feip-agw-dcmp-${var.env}-${var.region_code}"
}


resource "azurerm_application_gateway" "core_agw" {
  name                = "agw-dcmp-${var.env}-${var.region_code}"
  location            = var.location
  resource_group_name = azurerm_resource_group.core_rg.name

  sku {
    name     = "Standard_v2"
    tier     = "Standard_v2"
    capacity = 1
  }

  identity {
    type         = "UserAssigned"
    identity_ids = [azurerm_user_assigned_identity.agw_id.id]
  }

  gateway_ip_configuration {
    name      = "gateway-ip-config"
    subnet_id = azurerm_subnet.agw.id
  }
  ....

  depends_on = [
    azurerm_key_vault_access_policy.agw_cert_access
  ]
}

AKS with managed identity

resource "azurerm_kubernetes_cluster" "core_aks" {
  name                    = "aks-private-dcmp-${var.env}-${var.region_code}"
  resource_group_name     = azurerm_resource_group.core_rg.name
  location                = var.location
  kubernetes_version      = "1.20.7"
  dns_prefix              = "dns-private-dcmp-${var.env}-${var.region_code}"
  private_cluster_enabled = true
  private_dns_zone_id     = "System"

  default_node_pool {
    name                = "pool1"
    vm_size             = "Standard_B2ms"
    enable_auto_scaling = false
    node_count          = 1
    type                = "VirtualMachineScaleSets"
    vnet_subnet_id      = "${azurerm_virtual_network.core_vnet.id}/subnets/snet-aks-dcmp-${var.env}-${var.region_code}"
  }

  network_profile {
    network_plugin     = "azure"
    network_policy     = "calico"
    docker_bridge_cidr = "172.17.0.1/16"
    service_cidr       = "10.28.0.0/16"
    dns_service_ip     = "10.28.0.10" 
  }

  identity {
    type = "SystemAssigned"
  }

  role_based_access_control {
    enabled = true
    azure_active_directory {
      managed            = true
      azure_rbac_enabled = true
    }
  }
  depends_on = [
    azurerm_subnet.aks
  ]
}

Debug Output

Error: parsing “/subscriptions/REMOVED/resourcegroups/REMOVED/providers/Microsoft.ManagedIdentity/userAssignedIdentities/agw-dcmp-dev-sa”: parsing segment “staticResourceGroups”: expected the segment “resourcegroups” to be “resourceGroups”

Error: parsing “/subscriptions/REMOVED/resourcegroups/MC_REMOVED/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aks-private-dcmp-dev-sa-agentpool”: parsing segment “staticResourceGroups”: expected the segment “resourcegroups” to be “resourceGroups”

Panic Output

Expected Behaviour

This was running with no error messages earlier today, no changes to these sections of terraform were made before the error started occurring.

Steps to Reproduce

try to deploy a user assigned identity with app gateway. (This is also failing with my AKS cluster system assigned identity which is in terraform. The error message is the same with a different Microsoft.ManagedIdentity path.)

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Reactions: 53
  • Comments: 15

Most upvoted comments

Downgrading temporarily to 2.87.0 seems to work.

+7
jpmadureira on Dec 3, 2021

I am still getting the issue after 2.88.1 on azurerm_user_assigned_identity resources.

+4
robin-wayve on Dec 10, 2021

This functionality has been released in v2.88.1 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

+1
github-actions[bot] on Dec 3, 2021
Read more comments on GitHub
← terraform-provider-azurerm: Error obtaining Authorization Token from the Azure CLI
terraform-provider-azurerm: Error parsing segment "staticResourceGroups": expected the segment "resourcegroups" to be "resourceGroups" →