9

using the provider block

provider "azurerm" {
  subscription_id = var.subscription_id
  version         = "=1.44"
}

and after successfully logging in with

az login

running

terraform plan

I get the following error:

Error: Error building account: Error getting authenticated object ID: Error parsing json result from the Azure CLI: Error waiting for the Azure CLI: exit status 2

on main.tf line 21, in provider "azurerm":
21: provider "azurerm" {

UPDATE:

If I change the provider block to:

provider "azurerm" {
 version = "~> 1.43"
}

and set the environment variables

ARM_USE_MSI=true
ARM_SUBSCRIPTION_ID=<...>
ARM_TENANT_ID=<...>
HTTP_PROXY=<...>
HTTPS_PROXY=<...>
http_proxy=<...>
https_proxy=<...>

than after executing terraform plan I get the following error:

Connection to 169.254.169.254 failed. No route to host.

which is very strange, as it seems to me, that a service endpoints IP is "hardcoded" into the terraform client.

Improve this question
6
  • outdated terrafrom\cli? Commented Feb 19, 2020 at 8:33
  • Terraform v0.12.20 + provider.azurerm v1.44.0 + provider.random v2.2.1 azure-cli (2.0.33) Commented Feb 19, 2020 at 8:53
  • Do you use the CLI inside the VM? How do you use login with CLI? VM identity or service principal? Commented Feb 26, 2020 at 1:35
  • @CharlesXu: In the meantime I found out, that removing ARM_USE_MSI=true solves my problem. Anyway, thanks for the help! Commented Feb 27, 2020 at 9:05
  • 1
    For me another 'az login' helped Commented Jun 8, 2020 at 6:45

3 Answers 3

Reset to default
5

Even though I was already logged in via az cli, forcing another:

az login

Resolved this for me.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I had to run az logout first, but then this worked for me.
1

Removing variable

ARM_USE_MSI=true

Solved my problem.

This variable tells terraform to use Managed Service Identity. See the docs. The problem was, that the Azure Instance Metadata service endpoint(available on the above mentioned IP), that is used from that point, is only accessible from within a VM, and I was running the terraform from my desktop.

Improve this answer

1 Comment

Maybe you can show more things. For example, the reason why it solves your problem.
0 
az login --tenant TENANT_ID

resolved by using tenant ID

Initially, I tried to log in with "az login" but got a similar error you posted.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.