Terraform newbie here so bear with me.
I’m not running into an authorization error with terraform using azure and i cant seem to be able to figure it out
Here is what i have:
An Azure Subscription with a plan of Azure Plan
I created an service principal under that subscription like this
az login
az ad sp create-for-rbac --name terraform --sdk-auth (this prints out some clientid/secrets
Created a terraform file: main.tf
Please note that id and secret value have been distorted
provider "azurerm" {
features {}
client_id= "d8ec337b-ca53-4764-9a35-a7651acdd863"
client_secret= "d7gt86ihkvBzgqdydUyCte2.N7F21fYsOz"
subscription_id= "dc761b5c-9328-4b91-8962-176a74173e46"
tenant_id= "d5ffd01f-fa67-4ed5-9c12-dbda80d07eba"
}
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.0.2"
}
}
}
resource "azurerm_resource_group" "tf_test" {
name = "terraform_rg"
location = "uksouth"
}
Running terraform init works as expected
However, when i run terraform plan, i get this error
Error: Unable to list provider registration status, it is possible that this is due to invalid credentials or the service principal does not have permission to use the Resource Manager API, Azure error: resources.ProvidersClient#List: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailed" Message="The client '<client-id>' with object id '<object-id>' does not have authorization to perform action 'Microsoft.Resources/subscriptions/providers/read' over scope '/subscriptions/<correct-subscription>' or the scope is invalid. If access was recently granted, please refresh your credentials."
│
│ with provider["registry.terraform.io/hashicorp/azurerm"],
│ on main.tf line 1, in provider "azurerm":
│ 1: provider "azurerm" {
Any ideas? Something tell me it’s something simple.