I am having an issue provisioning a storage account for hosting a static website.
This script has worked in the past but has recently been giving me trouble. I was in the middle of activating “infrastructure_encryption_enabled” for the storage account, requiring it be destroyed and recreated.
When I run my TF script, this is the output I receive when applying:
azurerm_storage_account.web-storage: Destroying… [id=/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Storage/storageAccounts/staticWebStorage]
azurerm_storage_account.web-storage: Destruction complete after 5s
azurerm_storage_account.web-storage: Creating…
azurerm_storage_account.web-storage: Still creating… [10s elapsed]
azurerm_storage_account.web-storage: Still creating… [20s elapsed]
│ Error: reading static website for AzureRM Storage Account “staticWebStorage”: accounts.Client#GetServiceProperties: Failure responding to request: StatusCode=404
– Original Error: autorest/azure: Service returned an error. Status=404 Code=“ResourceNotFound” Message=“The specified resource does not exist.\nRequestId:0cfb8771-e01e-0029-6199-8d724b000000\nTime:2023-05-23T17:12:27.0665511Z”
The error claims the Storage Account does not exist. When I check the portal, the storage account does exist, and I can access everything in it. Despite the resource existing, Terraform considers the storage account Tainted and will always want to destroy and recreate it.
Here is my TF script:
resource "azurerm_storage_account" "web-storage" {
name = "staticWebStorage"
resource_group_name = var.resource_group_name
location = var.location
allow_nested_items_to_be_public = false
default_to_oauth_authentication = false
infrastructure_encryption_enabled = true
account_kind = "StorageV2"
account_tier = "Standard"
account_replication_type = "LRS"
static_website {
index_document = "index.html"
error_404_document = "index.html"
}
network_rules {
default_action = "Allow"
bypass = ["AzureServices"]
ip_rules = ["x.x.0.0/16"] #My VPN IP range
}
blob_properties {
delete_retention_policy {
days = 14
}
container_delete_retention_policy {
days = 7
}
}
}
Here is what I have tried so far…
- Enabling and disabling “infrastructure_encryption_enabled”
- Enabling and disabling “static_website”
- Enabling and disabling “network_rules” “defaul_action” to ‘allow’ & ‘deny’
- Enabling and disabling “blob_properties”
- A requirement of this project is that all blob containers must be set to “Private” access level, so I can’t change it to “Public”
- Manually deleting the Storage account and removing it from the Terraform state
- Manually creating the storage account and importing it to the TF state
If anyone has seen a similar issue, I would appreciate the insight.
Please & Thank You