Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delegation service Informatica.DataManagement/organizations not available when deploying an Informatica azurerm_subnet #27946

Closed
1 task done
alexivanov-danone opened this issue Nov 8, 2024 · 1 comment · Fixed by #27993
Closed
1 task done

Delegation service Informatica.DataManagement/organizations not available when deploying an Informatica azurerm_subnet #27946

alexivanov-danone opened this issue Nov 8, 2024 · 1 comment · Fixed by #27993
Labels
enhancement service/network v/4.x
Milestone
v4.11.0

Comments

@alexivanov-danone
Copy link

alexivanov-danone commented Nov 8, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.9.8

AzureRM Provider Version

4.9.0

Affected Resource(s)/Data Source(s)

azurerm_subnet

Terraform Configuration Files

resource "azurerm_subnet" "this" {
  #checkov:skip=CKV2_AZURE_31:already implemented via another template
  for_each = var.subnets

  name                                          = "${each.value.global_parameters.prefix}-${upper(each.value.global_parameters.region)}-${upper(each.value.global_parameters.environment_short)}-${each.value.suffix}-${each.value.description}"
  resource_group_name                           = each.value.resource_group_name
  virtual_network_name                          = each.value.virtual_network_name
  address_prefixes                              = each.value.address_prefixes
  private_endpoint_network_policies             = each.value.private_endpoint_network_policies
  private_link_service_network_policies_enabled = each.value.private_link_service_network_policies_enabled
  service_endpoints                             = each.value.service_endpoints

  dynamic "delegation" {
    for_each = each.value.delegation
    iterator = item

    content {
      name = item.value.name

      service_delegation {
        name    = item.value.service
        actions = var.subnet_delegations_actions[item.value.service]
      }
    }
  }
}


variables.tf

# Required input variables
variable "subnets" {
  description = "Subnets settings"
  type = map(object({
    suffix                                        = string
    description                                   = string
    resource_group_name                           = string
    virtual_network_name                          = string
    address_prefixes                              = list(string)
    private_endpoint_network_policies             = string
    private_link_service_network_policies_enabled = bool
    service_endpoints                             = list(string)
    global_parameters                             = map(string)
    delegation = list(object({
      name    = string
      service = string
    }))
  }))
}

variable "subnet_delegations_actions" {
  type        = map(list(string))
  description = "List of subnet delegation actions"
  default = {
    "Microsoft.App/environments"                      = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.Web/serverFarms"                       = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.ContainerInstance/containerGroups"     = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.Netapp/volumes"                        = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.HardwareSecurityModules/dedicatedHSMs" = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.ServiceFabricMesh/networks"            = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.Logic/integrationServiceEnvironments"  = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.Batch/batchAccounts"                   = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.Sql/managedInstances"                  = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action", "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action"]
    "Microsoft.Web/hostingEnvironments"               = ["Microsoft.Network/virtualNetworks/subnets/action"]
    "Microsoft.BareMetal/CrayServers"                 = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.Databricks/workspaces"                 = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action", "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action"]
    "Microsoft.BareMetal/AzureVMware"                 = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.StreamAnalytics/streamingJobs"         = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.DBforPostgreSQL/serversv2"             = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.AzureCosmosDB/clusters"                = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.MachineLearningServices/workspaces"    = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.DBforPostgreSQL/singleServers"         = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.DBforPostgreSQL/flexibleServers"       = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.DBforMySQL/serversv2"                  = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.DBforMySQL/flexibleServers"            = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.ApiManagement/service"                 = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
    "Microsoft.Synapse/workspaces"                    = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.PowerPlatform/vnetaccesslinks"         = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.Network/dnsResolvers"                  = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.Kusto/clusters"                        = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action", "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action"]
    "Microsoft.DelegatedNetwork/controller"           = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.ContainerService/managedClusters"      = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.PowerPlatform/enterprisePolicies"      = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.StoragePool/diskPools"                 = ["Microsoft.Network/virtualNetworks/read"]
    "Microsoft.DocumentDB/cassandraClusters"          = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.Apollo/npu"                            = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    "Microsoft.AVS/PrivateClouds"                     = ["Microsoft.Network/networkinterfaces/*"]
    "Informatica.DataManagement/organizations"        = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
  }
}

tfvars file entry:
subnets = {
  "informatica_subnet" = {
    suffix                                        = "XXX110"
    description                                   = "informatica"
    resource_group_name                           = "network_rg"
    virtual_network_name                          = "vnet"
    address_prefixes                              = ["xx.xx.xx.xx/26"]
    service_endpoints                             = []
    private_endpoint_network_policies             = "Disabled"
    private_link_service_network_policies_enabled = false
    delegation                                    = [
      {
        name    = "informatica"
        service = "Informatica.DataManagement/organizations"
      }
    ]
  }
}

Debug Output/Panic Output

I get error when doing terraform plan:

╵
│ Error: expected delegation.0.service_delegation.0.name to be one of ["GitHub.Network/networkSettings" "Microsoft.ApiManagement/service" "Microsoft.Apollo/npu" "Microsoft.App/environments" "Microsoft.App/testClients" "Microsoft.AVS/PrivateClouds" "Microsoft.AzureCosmosDB/clusters" "Microsoft.BareMetal/AzureHostedService" "Microsoft.BareMetal/AzureHPC" "Microsoft.BareMetal/AzurePaymentHSM" "Microsoft.BareMetal/AzureVMware" "Microsoft.BareMetal/CrayServers" "Microsoft.BareMetal/MonitoringServers" "Microsoft.Batch/batchAccounts" "Microsoft.CloudTest/hostedpools" "Microsoft.CloudTest/images" "Microsoft.CloudTest/pools" "Microsoft.Codespaces/plans" "Microsoft.ContainerInstance/containerGroups" "Microsoft.ContainerService/managedClusters" "Microsoft.ContainerService/TestClients" "Microsoft.Databricks/workspaces" "Microsoft.DBforMySQL/flexibleServers" "Microsoft.DBforMySQL/servers" "Microsoft.DBforMySQL/serversv2" "Microsoft.DBforPostgreSQL/flexibleServers" "Microsoft.DBforPostgreSQL/serversv2" "Microsoft.DBforPostgreSQL/singleServers" "Microsoft.DelegatedNetwork/controller" "Microsoft.DevCenter/networkConnection" "Microsoft.DevOpsInfrastructure/pools" "Microsoft.DocumentDB/cassandraClusters" "Microsoft.Fidalgo/networkSettings" "Microsoft.HardwareSecurityModules/dedicatedHSMs" "Microsoft.Kusto/clusters" "Microsoft.LabServices/labplans" "Microsoft.Logic/integrationServiceEnvironments" "Microsoft.MachineLearningServices/workspaces" "Microsoft.Netapp/volumes" "Microsoft.Network/dnsResolvers" "Microsoft.Network/managedResolvers" "Microsoft.Network/fpgaNetworkInterfaces" "Microsoft.Network/networkWatchers." "Microsoft.Network/virtualNetworkGateways" "Microsoft.Orbital/orbitalGateways" "Microsoft.PowerPlatform/enterprisePolicies" "Microsoft.PowerPlatform/vnetaccesslinks" "Microsoft.ServiceFabricMesh/networks" "Microsoft.ServiceNetworking/trafficControllers" "Microsoft.Singularity/accounts/networks" "Microsoft.Singularity/accounts/npu" "Microsoft.Sql/managedInstances" "Microsoft.Sql/managedInstancesOnebox" "Microsoft.Sql/managedInstancesStage" "Microsoft.Sql/managedInstancesTest" "Microsoft.Sql/servers" "Microsoft.StoragePool/diskPools" "Microsoft.StreamAnalytics/streamingJobs" "Microsoft.Synapse/workspaces" "Microsoft.Web/hostingEnvironments" "Microsoft.Web/serverFarms" "NGINX.NGINXPLUS/nginxDeployments" "PaloAltoNetworks.Cloudngfw/firewalls" "Qumulo.Storage/fileSystems" "Oracle.Database/networkAttachments"], got Informatica.DataManagement/organizations
│ 
│   with module.az_subnets.azurerm_subnet.this["informatica_subnet"],
│   on ../../templates/az-subnets/main.tf line 5, in resource "azurerm_subnet" "this":
│    5:   name                                          = EDITED

Expected Behaviour

I expect to be able to add the delegated service Informatica.DataManagement/organizations into the subnet

Actual Behaviour

I get an output where it lists me all the services that can be delegated to the subnet, but Informatica is not present amogst them.

Steps to Reproduce

No response

Important Factoids

No response

References

No response
@alexivanov-danone alexivanov-danone changed the title Delegation service Informatica.DataManagement/organizations not available when deploying an Infromatica azurerm_subnet Delegation service Informatica.DataManagement/organizations not available when deploying an Informatica azurerm_subnet Nov 8, 2024
@CorrenSoft CorrenSoft mentioned this issue Nov 12, 2024
Merged
13 tasks
@github-actions github-actions bot added this to the v4.11.0 milestone Nov 15, 2024
@github-actions GitHub Actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement service/network v/4.x
Projects
None yet
Milestone
v4.11.0
2 participants
@rcskosir @alexivanov-danone