I'm creating a new storage account, storage container, storage blob, service plan, and finally - function. Everything but the last one is created successfully, and the last step fails with a message:
creating Linux App Service (Subscription: "6bbf2436-dd82-400e-8476-a022f1f9eacc"
│ Resource Group Name: "mtr-resources"
│ Site Name: "mtr-hello-function11"): performing CreateOrUpdate: unexpected status 400 (400 Bad Request) with response: {"Code":"BadRequest","Message":"There was a conflict. The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'","Target":null,"Details":[{"Message":"There was a conflict. The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'"},{"Code":"BadRequest"},{"ErrorEntity":{"ExtendedCode":"01020","MessageTemplate":"There was a conflict. {0}","Parameters":["The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'"],"Code":"BadRequest","Message":"There was a conflict. The remote name could not be resolved: 'mtrstorageyqo20pyfgz.file.core.windows.net'"}}],"Innererror":null}
If you look closely, you'll see this string: mtrstorageyqo20pyfgz.file.core.windows.net - which is obviously wrong, because it should contain the word "blob", not "file". Even more so, because I can inspect the created storage account in Azure, and see its type is Account Kind is BlobStorage. Here are the relevant terraform definitions:
resource "random_string" "random_storage_account_suffix" {
length = 10
special = false
upper = false
numeric = true
lower = true
}
resource "azurerm_storage_account" "mtr_storage" {
name = "mtrstorage${random_string.random_storage_account_suffix.result}"
resource_group_name = azurerm_resource_group.mtr_rg.name
location = azurerm_resource_group.mtr_rg.location
account_kind = "BlobStorage"
account_tier = "Standard"
account_replication_type = "LRS"
tags = {
environment = "${var.environment_name}"
}
}
resource "azurerm_storage_container" "mtr_hello_function_container" {
name = "hello-function-releases"
storage_account_name = var.storage_account_name
container_access_type = "private"
}
resource "azurerm_storage_blob" "mtr_hello_function_blob" {
name = "MTR.ListBlobsFunction.publish.zip"
storage_account_name = var.storage_account_name
storage_container_name = azurerm_storage_container.mtr_hello_function_container.name
type = "Block"
source = "./example_code/MTR.ListBlobsFunction/MTR.ListBlobsFunction.publish.zip"
depends_on = [ null_resource.run_pre_hello_powershell_script ]
}
resource "azurerm_service_plan" "mtr_hello_function_svc_plan" {
name = "mtr-hello-function-svc-plan"
location = var.resource_group_location
resource_group_name = var.resource_group_name
os_type = "Linux"
sku_name = "Y1"
# sku_name = "B1" # this doesn't work with zip package download for some reason - consumption tier needs to be used
tags = {
environment = "${var.environment_name}"
}
}
data "azurerm_storage_account_blob_container_sas" "storage_account_blob_container_sas_for_hello" {
connection_string = var.storage_account_primary_connection_string
container_name = azurerm_storage_container.mtr_hello_function_container.name
start = timeadd(timestamp(), "-10m")
expiry = timeadd(timestamp(), "10m")
permissions {
read = true
add = false
create = false
write = false
delete = false
list = true
}
}
resource "azurerm_linux_function_app" "mtr_hello_function" {
name = "mtr-hello-function11"
location = var.resource_group_location
resource_group_name = var.resource_group_name
service_plan_id = azurerm_service_plan.mtr_hello_function_svc_plan.id
storage_account_name = var.storage_account_name
storage_account_access_key = var.storage_account_primary_access_key
app_settings = {
"FUNCTIONS_WORKER_RUNTIME" = "dotnet"
"WEBSITE_RUN_FROM_PACKAGE" = "https://${var.storage_account_name}.blob.core.windows.net/${azurerm_storage_container.mtr_hello_function_container.name}/${azurerm_storage_blob.mtr_hello_function_blob.name}${data.azurerm_storage_account_blob_container_sas.storage_account_blob_container_sas_for_hello.sas}"
"AzureWebJobsStorage" = var.storage_account_primary_connection_string
"AzureWebJobsDisableHomepage" = "true"
}
site_config {
application_stack {
dotnet_version = "8.0"
use_dotnet_isolated_runtime = true
}
cors {
allowed_origins = ["*"]
}
}
tags = {
environment = "${var.environment_name}"
}
}
At this point I'm not even sure if that's a Terraform issue, or Azure issue, but I know that storage account address is wrong, because if I substitute the file word with blob, use the correct container and blob names + SAS key, I can download the file.
The problem is with the account kind here:
resource "azurerm_storage_account" "mtr_storage" {
name = "mtrstorage${random_string.random_storage_account_suffix.result}"
resource_group_name = azurerm_resource_group.mtr_rg.name
location = azurerm_resource_group.mtr_rg.location
account_kind = "BlobStorage"
account_tier = "Standard"
account_replication_type = "LRS"
tags = {
environment = "${var.environment_name}"
}
}
Please note that BlobStorage account kind does not support File service. If you need to use File service, please choose another account kind (Standard general-purpose v2 or Standard general-purpose v1).
UPDATE
Based on the information provided here, when Function App is running under Consumption or Premium plan, the code and configuration is stored in Azure File Storage. Since the storage account kind is BlobStorage which does not support File Service, deployment of Function App is failing.