Terraform Azure Configure VM Backup Policy Fails

Question

I am trying to create a backup policy and enable backup while provision the Azure VM using terraform (Terraform Version - 1.1.13, Azure Provider - 2.90.0). Terraform fails to enable backup with the below error.

 Error: waiting for the Azure Backup Protected VM "VM;iaasvmcontainerv2;Test-product-cloud-infra;arulazurebkup-vm" to be true (Resource Group "Test-Product-Cloud-Infra") to provision: context deadline exceeded
│
│   with azurerm_backup_protected_vm.backup,
│   on main.tf line 176, in resource "azurerm_backup_protected_vm" "backup":
│  176: resource "azurerm_backup_protected_vm" "backup" {
│

Terraform Scripts

resource "azurerm_backup_policy_vm" "example" {
  name                = "Test-backup-policy"
  resource_group_name = "Test-Product-Cloud-Infra"
  recovery_vault_name = "backuptest"

  backup {
    frequency = "Daily"
    time      = "23:00"
  }

  retention_daily {
    count = 7
  }
}

resource "azurerm_backup_protected_vm" "backup" {
  resource_group_name = "Test-Product-Cloud-Infra"
  recovery_vault_name = "backuptest"
  source_vm_id        = azurerm_virtual_machine.example.id
  backup_policy_id    = azurerm_backup_policy_vm.example.id

  depends_on = [azurerm_virtual_machine.example,
                azurerm_virtual_machine_extension.example,
                azurerm_backup_policy_vm.example]

}

When i check the error in Azure portal for the backup job, i find the below entry

On further troubleshooting getting the below when enabling backup in CLI.

Answer 1

You are getting the error as you are using a recovery vault which is not present in the same location as the VM .

I tested the same as below :

I created the VM in West US and the existing Recovery Services Vault was in East US. So ,I got the below error :

To solve the issue ,You have to use the same location for all the resources as the Recovery Services Vault i.e. in my case same as the resource group (East US):

resource "azurerm_virtual_machine" "main" {
  name                  = "ansuman-vm"
  location              = data.azurerm_resource_group.example.location
  resource_group_name   = data.azurerm_resource_group.example.name
  network_interface_ids = [azurerm_network_interface.example.id]
  vm_size               = "Standard_DS1_v2"

  # Uncomment this line to delete the OS disk automatically when deleting the VM
  # delete_os_disk_on_termination = true

  # Uncomment this line to delete the data disks automatically when deleting the VM
  # delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  }
  storage_os_disk {
    name              = "myosdisk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }
  os_profile {
    computer_name  = "hostname"
    admin_username = "testadmin"
    admin_password = "Password1234!"
  }
  os_profile_linux_config {
    disable_password_authentication = false
  }
}
data "azurerm_recovery_services_vault" "example" {
  name                = "recoveryvaultansuman"
  resource_group_name = data.azurerm_resource_group.example.name
}
resource "azurerm_backup_policy_vm" "example" {
  name                = "ansuman-recovery-vault-policy"
  resource_group_name = data.azurerm_resource_group.example.name
  recovery_vault_name = data.azurerm_recovery_services_vault.example.name

  backup {
    frequency = "Daily"
    time      = "23:00"
  }
  retention_daily {
    count = 7
  }
}

resource "azurerm_backup_protected_vm" "vm1" {
  resource_group_name = data.azurerm_resource_group.example.name
  recovery_vault_name = data.azurerm_recovery_services_vault.example.name
  source_vm_id        = azurerm_virtual_machine.main.id
  backup_policy_id    = azurerm_backup_policy_vm.example.id
}

Output: