Creating Data Lake Storage with terraform says datalakestore.Client#GetProperties: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: error response cannot be parsed: "" error: EOF │

onenessboy 1 Reputation point
2022-07-05T04:13:52.783+00:00

Hi

I am creating Azure Data lake storage with Terraform. I am authenticating via Service Principle and it has all roles assigned "Storaage, Owner, Storage Contributor, Storage Blob data owner, Storage blob data contributor" etc.. But it still fails with below error 

resource "azurerm_storage_account" "syn_st" {  
  name                     = "st${var.prefix}${var.postfix}"  
  resource_group_name      = var.rg_name  
  location                 = var.location  
  account_tier             = var.storage_account_tier  
  account_replication_type = var.storage_account_replication_type  
  account_kind             = var.storage_account_kind  
  is_hns_enabled           = var.hns_enabled  
}  
  
resource "azurerm_role_assignment" "st_role_admin_c" {  
  scope                = azurerm_storage_account.syn_st.id  
  role_definition_name = "Contributor"  
  principal_id         = data.azurerm_client_config.current.object_id  
}  
  
resource "azurerm_role_assignment" "st_role_admin_sbdc" {  
  scope                = azurerm_storage_account.syn_st.id  
  role_definition_name = "Storage Blob Data Contributor"  
  principal_id         = data.azurerm_client_config.current.object_id  
}  
  
resource "azurerm_storage_data_lake_gen2_filesystem" "st_adls" {  
  name               = "default"  
  storage_account_id = azurerm_storage_account.syn_st.id  
  
  depends_on = [  
    azurerm_role_assignment.st_role_admin_sbdc  
  ]  
}

Error I get is: 

datalakestore.Client#GetProperties: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: error response cannot be parsed: "" error: EOF │

The service principle has following roles on subscription:

217527-image.png

Please help what wrong this ?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,687 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. HimanshuSinha-msft 19,376 Reputation points Microsoft Employee
    2022-07-05T22:53:57.397+00:00

    Hello @onenessboy ,
    Thanks for the question and using MS Q&A platform.

    As we understand the ask here is how to craete a storage accounts using terraform , please do let us know if its not accurate.
    The permission which you are giving are all on the storage accounts . But I think your intent is to create a new storage accounts .
    I am sure with the owner access you should able to create a the storage account , lets try that and to make sure thats the issues and then we can looking into reducing the access .
    https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#all

    Please do let me if you have any queries.
    Thanks
    Himanshu

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
      • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators