Search code examples
azureterraformterraform-provider-azure

Unable to create Storage Sync Cloud Endpoint

When i am trying to create cloud endpoint from terraform script in azure i am getting following error,

Error: waiting for creation of Storage Sync Cloud Endpoint: (Cloud Endpoint Name “azbackup001zscallerc-file-sync-grp-CE” / Sync Group Name “azbackup001zscallerc-file-sync-grp” / Storage Sync Service Name “azbackup001zscallerc-file-sync” / Resource Group “RG”): Code=“-2134364065” Message=“Unable to read specified storage account. Please check the permissions and try again after some time.”

however when i am creating the same from azure portal i am able to create without any issues. I have checked all my permissions and even from global admin account as well, i am unable to do so. Please assist the possible solution

Please assist on checking permission issue as i can do same thing from az cli as well as powershell.

Solution

  • As it is even having issues with global admin account,Check When creation of Cloud Endpoint setup permission to that storage sync service that cloud sync is dependent on.

    enter image description here

    resource "azurerm_storage_sync" "example" {
  name                = "kaexample-ss"
  resource_group_name = data.azurerm_resource_group.example.name
  location            = data.azurerm_resource_group.example.location
}

resource "azurerm_storage_sync_group" "example" {
  name            = "kaexample-ss-group"
  storage_sync_id = azurerm_storage_sync.example.id
}

resource "azurerm_storage_account" "example" {
  name                     = "kaaexample"
  resource_group_name      = data.azurerm_resource_group.example.name
  location                 = data.azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

resource "azurerm_storage_share" "example" {
  name                 = "kaexample-share"
  storage_account_name = azurerm_storage_account.example.name
  quota                = 50
  acl {
    id = "GhostedRecall"
    access_policy {
      permissions = "r"
    }
  }
}

resource "azurerm_storage_sync_cloud_endpoint" "example" {
  name                  = "example-ss-ce"
  storage_sync_group_id = azurerm_storage_sync_group.example.id
  file_share_name       = azurerm_storage_share.example.name
  storage_account_id    = azurerm_storage_account.example.id
}

    enter image description here

    Please check this Az.StorageSync: Cloud endpoint creation access rigths failure issue · GitHub