Azurerm JsonADDomainExtension is failing

erik5starg · November 4, 2020, 11:52am

JsonADDomainExtension error due to backslash in password field. Works properly when back slash is removed. Anyone have a fix for this or seen this?

Error: “protected_settings” contains an invalid JSON: invalid character ‘Y’ in string escape code

on Modules\Virtual_Machine\domain-join\vm_join_domain.tf line 13, in resource “azurerm_virtual_machine_extension” “ADD2AD”:
13: resource “azurerm_virtual_machine_extension” “ADD2AD” {

Terraform Version:
Terraform v0.13.5

provider registry.terraform.io/hashicorp/azurerm v2.20.0`

  resource "azurerm_virtual_machine_extension" "ADD2AD" {
      name                 = "ADD2AD"
      virtual_machine_id   = var.vm-id
      publisher            = "Microsoft.Compute"
      type                 = "JsonADDomainExtension"
      type_handler_version = "1.3"
   
      settings = <<SETTINGS
          {
              "Name": "${var.domainname}",
              "OUPath": "${var.oupath}",
              "User": "user",
              "Restart": "true",
              "Options": "3"
          }
      SETTINGS
    protected_settings = <<PROTECTED_SETTINGS
      {
        "Password": "password"
      }
    PROTECTED_SETTINGS

erik5starg · November 4, 2020, 12:20pm

Disregard this. It had to do with JSON. Just needed to add another backslash to the password for it to work. Example below:

{
	"hello": "\world"
}

and

{
	"hello": "\\world"
}

validating both on jsonlint.com (or any other json linter/parser, such as Terraform) will fail for the first one, but pass for the second - since \ is an escape character in JSON, and so needs to be encoded appropriately (with two backslashes in this instance), which is why the second example works