Search code examples
terraformterraform-provider-azure

Subscription could not be found - Terraform

I'm getting the following error when trying to run terraform init using Az CLI in Azure GCC High. I am trying to store my tfstate in another subscription and deploy resource into another - both subs are in the same tenant. I've had success with the below terraform{} provider{} in commercial so I'm stumped!

Initializing the backend... ╷ │ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "storageaccount": storage.AccountsClient#ListKeys: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="SubscriptionNotFound" Message="The subscription '' could not be found."

I've cleared the .azure folder and switched to USGovernment using az cloud set --name AzureUSGovernment then az login. When az login completes, I see all the subscriptions I have oadmin to and & are visible and enabled in the output.

  terraform {
      required_providers {
        azurerm = {
          source  = "hashicorp/azurerm"
          version = "~> 3.27.0"
        }
      }
      backend "azurerm" {
        subscription_id      = "<Subscription A GUID>"                
        tenant_id            = "<Tenant GUID>"                
        resource_group_name  = "rg-demo"
        storage_account_name = "storagename"                                    
        container_name       = "tfstate"                                             
        key                  = "env/state.tfstate"
      }
    
    }
    
    provider "azurerm" {
      features {}
      
      subscription_id = <Subscription B GUID>
      tenant_id       = <Tenant GUID>
    }

Thanks in advance,

Brad.

Solution

  • Check the following.

    I tried to run the following without setting the current subscription:

    main.tf:

    provider "azurerm" {
  subscription_id = "sub2"
  tenant_id              = "tenant1"
  features {
    resource_group {
      prevent_deletion_if_contains_resources = false
    }

  }
terraform {
  backend "azurerm" {
     subscription_id      = "sub2"                
        tenant_id            = "tenant1" 
     resource_group_name  = "myrg"
     storage_account_name = "remotestatekavstr233"
     container_name       = "terraform"
     key                  = "terraform.tfstate"
  }
}

    With configuring above ,got the error:

    Error retrieving keys for Storage Account "remotestatekavstr233": storage.AccountsClient#ListKeys: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error

    enter image description here

    Whatever subscription is kept for backend or you are currently trying to work with, execute the following command , to set the current subscription out of all the available ones.And make sure the subscription is enabled and not in disabled state.

    run the following to set current subscription:

    az account set --subscription "sub1 subscription Id"

    enter image description here

    main.tf:

    data "azurerm_client_config" "current" {
}

data azurerm_subscription "current"{ 
}
provider "azurerm" {
  subscription_id = "sub2"
  tenant_id              = "tenant1"
  features {
    resource_group {
      prevent_deletion_if_contains_resources = false
    }

  }


terraform {
  backend "azurerm" {
     subscription_id      = "sub1"                
        tenant_id            = "tenant1" 
        resource_group_name  = "rg"
      storage_account_name = "remotestatekavstr233"
     container_name       = "terraform"
      key                  = "terraform.tfstate"
  }
}

    Then the terraform can be initialized successfully:

    enter image description here