Getting "Error waiting for Virtual Network Rule "" (server, rg) to be created or updated..." for azurerm_mariadb_virtual_network_rule

Question

I'm building a Terraform config for my infrastructure deployment, and trying to connect an azurerm_mariadb_server resource to an azurerm_subnet, using an azurerm_mariadb_virtual_network_rule, as per documentation.

The vnet, subnet, mariadb-server etc are all created, but I get the following when trying to create the vnet_rule.

Error: Error waiting for MariaDb Virtual Network Rule "vnet-rule" (MariaDb Server: "server", Resource Group: "rg") 
to be created or updated: couldn't find resource (21 retries)

  on main.tf line 86, in resource "azurerm_mariadb_virtual_network_rule" "vnet_rule":
  86: resource "azurerm_mariadb_virtual_network_rule" "mariadb_vnet_rule" {

I can't determine which resource can't be found - all resources except the azurerm_mariadb_virtual_network_rule are created, according to both the bash shell output and Azure portal.

My config is below - details of some resources are omitted for brevity.

provider "azurerm" {
  version = "~> 2.27.0"
  features {}
}

resource "azurerm_resource_group" "rg" {
  name = "${var.resource_group_name}-rg"
  location = var.location
}

resource "azurerm_virtual_network" "vnet" {
  resource_group_name = azurerm_resource_group.rg.name
  name = "${var.prefix}Vnet"
  address_space = ["10.0.0.0/16"]
  location = var.location
}

resource "azurerm_subnet" "backend" {
  resource_group_name = azurerm_resource_group.rg.name
  name = "${var.prefix}backendSubnet"
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes = ["10.0.1.0/24"]
  service_endpoints = ["Microsoft.Sql"]
}

resource "azurerm_mariadb_server" "server" {
  # DB server name can contain lower-case letters, numbers and dashes, NOTHING ELSE
  resource_group_name = azurerm_resource_group.rg.name
  name = "${var.prefix}-mariadb-server"
  location = var.location
  sku_name = "B_Gen5_2"
  version = "10.3"
  ssl_enforcement_enabled = true
}

resource "azurerm_mariadb_database" "mariadb_database" {
  resource_group_name = azurerm_resource_group.rg.name
  name = "${var.prefix}_mariadb_database"
  server_name = azurerm_mariadb_server.server.name
  charset = "utf8"
  collation = "utf8_general_ci"
}

##  Network Service Endpoint (add DB to subnet)  

resource "azurerm_mariadb_virtual_network_rule" "vnet_rule" {
  resource_group_name = azurerm_resource_group.rg.name
  name = "${var.prefix}-mariadb-vnet-rule"
  server_name = azurerm_mariadb_server.server.name
  subnet_id = azurerm_subnet.backend.id
}

The issue looks to arise within 'func resourceArmMariaDbVirtualNetworkRuleCreateUpdate', but I don't know Go, so can't follow exactly what's causing it. If anyone can see an issue, or knows how to get around this, please let me know!

Also, I'm not able to do it via the portal - step 3 here shows a section for configuring VNET rules, which is not present on my page for 'Azure database for mariaDB server'. I have the Global administrator role, so I don't think it's permissions-related.

Answer 1

From creating and manage Azure Database for MariaDB VNet service endpoints and VNet rules by using the Azure portal

The key point is that

Support for VNet service endpoints is only for General Purpose and Memory Optimized servers.

So change the code sku_name = "B_Gen5_2" to sku_name = "GP_Gen5_2" or other eligible sku_name.

sku_name - (Required) Specifies the SKU Name for this MariaDB Server. The name of the SKU, follows the tier + family + cores pattern (e.g. B_Gen4_1, GP_Gen5_8). For more information see the product documentation.

It takes a few minutes to deploy.