terraform-provider-azurerm: known-issue: `ExpiredAuthenticationToken` when running a long-running operation
Is there an existing issue for this?
- I have searched the existing issues
Community Note
- Please vote on this issue by adding a đź‘Ť reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform Version
1.3.9
AzureRM Provider Version
3.46.0
Affected Resource(s)/Data Source(s)
azurerm_active_directory_domain_service
Terraform Configuration Files
[...]
resource "azurerm_active_directory_domain_service" "test" {
name = "ad"
location = azurerm_resource_group.aadds.location
resource_group_name = azurerm_resource_group.aadds.name
filtered_sync_enabled = false
domain_name = "test.test.com"
sku = "Standard"
initial_replica_set {
subnet_id = azurerm_subnet.aadds.id
}
notifications {
notify_dc_admins = true
notify_global_admins = true
}
security {
sync_kerberos_passwords = true
sync_ntlm_passwords = true
sync_on_prem_passwords = true
}
timeouts {
create = "12h"
update = "12h"
read = "120m"
delete = "12h"
}
tags = {
environment = "prod"
}
}
[...]
### Debug Output/Panic Output
```shell
Error: creating/updating Domain Service (Name: "ad", Resource Group: "test"): polling after CreateOrUpdate: Future#WaitForCompletion: the number of retries has been exceeded: StatusCode=401 -- Original Error: Code="ExpiredAuthenticationToken" Message="The access token expiry UTC time '3/9/2023 11:01:31 AM' is earlier than current UTC time '3/9/2023 11:05:09 AM'.
### Expected Behaviour
Build process should finish successfully despite long build time.
### Actual Behaviour
The build process for the azurerm_active_directory_domain_service resource takes over 1.5h which means that, before build is completed, the authentication token expires. As the polling for completion is done every 10 seconds, eventually the authentication token will expire mid-way through build process and whole resource creation will fail resulting in the above error.
### Steps to Reproduce
terraform apply
### Important Factoids
No
### References
NoneAbout this issue
- Original URL
- State: closed
- Created a year ago
- Reactions: 6
- Comments: 50 (20 by maintainers)
Thanks @op7ic, @verius-code, @garbology for the additional context and log data, I’ll keep digging into this.
I can confirm it is now working with the version 3.55.0. Thanks all for the fix.
@manicminer - It seems issue resolved for me after latest release. However other testers should also test this to be confirmed.
I am pretty much experiencing the same as @op7ic , still failing on 3.49.0 now sometimes even earlier it seems, had to revert back to 3.43.0 to get SQLMI provisioned.
Success with v3.49.0
Thanks @manicminer & @tombuildsstuff
👍 thanks for the confirmation @LaurentLesle - since this appears to be resolved I’m going to close this issue for the moment, if you’re still seeing this issue with the latest version of the Provider then please feel free to open a new issue and we can take another look.
Thanks!
@manicminer what’s the status of the changes to the SDK and this issue?
@magodo That’s true, however both client types are using the go-azure-sdk/sdk/auth package for authentication.
Since it sounds like this issue’s been resolved, I’m going to close this issue for the moment - but if you’re still seeing this issue on the latest version of the Provider then let us know and we’ll take another look.
Can confirm still happening for me when creating sqlmi around the hour mark also with 3.48 , using 3.43 it has no issues
@manicminer mind taking a look into this one?
@tombuildsstuff This is still an issue with v3.48.0, experienced when building the SQL Managed Instance using azurerm_mssql_managed_instance.
At the 60 min mark: