Suddenly unable to deploy a container (file system) on an azure data lake gen 2 via terraform

Marcin 26 Reputation points
2022-02-08T06:42:38.837+00:00

I'm getting this error after trying to deploy a data lake storage container: 

│ Error: checking for existence of existing File System "data" (Account "example-storage-account"): datalakestore.Client#GetProperties: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: error response cannot be parsed: "" error: EOF
│
│ with module.delta_lake.azurerm_storage_data_lake_gen2_filesystem.this,
│ on modules/delta-lake/main.tf line 11, in resource "azurerm_storage_data_lake_gen2_filesystem" "this":
│ 11: resource "azurerm_storage_data_lake_gen2_filesystem" "this" {

I've used the same code without any issues multiple times, including once on the same subscription.
I think that the issue might have happened when I run terraform apply previously and it crashed, because of some other reason, during which it might have queried the rest API too many times, but I might be wrong.

the relevant code snippet: 

resource "azurerm_storage_account" "this" {
name = var.name
resource_group_name = var.rg_name
location = var.location
account_tier = "Standard"
account_replication_type = "LRS"
account_kind = "StorageV2"
is_hns_enabled = "true"
}

resource "azurerm_storage_data_lake_gen2_filesystem" "this" {
name = "data"
storage_account_id = azurerm_storage_account.this.id
}
Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,335 questions
0 comments
Accepted answer
  1. ShaikMaheer-MSFT 37,896 Reputation points Microsoft Employee
    2022-02-09T15:58:25.82+00:00

    Hi @Marcin ,

    Looks strange that, It worked in past but suddenly it stopped working and throwing 403 error, which is actually authorization related error.

    Usually, the resource which we use to perform deployment should have some storage specific roles granted. Some of the built-ins roles that can be attributed are Storage Account Contributor, Storage Blob Data Owner, Storage Blob Data Contributor, Storage Blob Data Reader.

    Could you please check and confirm which of above roles were granted in your case. So that we can try same in our environment to see if we can repro scenario and help better with resolution. Thank you.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sam Cogan 10,082 Reputation points MVP
    2022-02-08T09:10:04.817+00:00

    The 403 error indicates that it's an authorization error. Check the account you are using to run your Terraform to make sure it's not expired or been disabled.