I’m creating a new storage account, storage container, storage blob, service plan, and finally – function. Everything but the last one is created successfully, and the last step fails with a message:
creating Linux App Service (Subscription: "6bbf2436-dd82-400e-8476-a022f1f9eacc"
│ Resource Group Name: "mtr-resources"
│ Site Name: "mtr-hello-function11"): performing CreateOrUpdate: unexpected status 400 (400 Bad Request) with response: {"Code":"BadRequest","Message":"There was a conflict. The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'","Target":null,"Details":[{"Message":"There was a conflict. The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'"},{"Code":"BadRequest"},{"ErrorEntity":{"ExtendedCode":"01020","MessageTemplate":"There was a conflict. {0}","Parameters":["The remote name could not be resolved:
│ 'mtrstorageyqo20pyfgz.file.core.windows.net'"],"Code":"BadRequest","Message":"There was a conflict. The remote name could not be resolved: 'mtrstorageyqo20pyfgz.file.core.windows.net'"}}],"Innererror":null}
If you look closely, you’ll see this string: mtrstorageyqo20pyfgz.file.core.windows.net
– which is obviously wrong, because it should contain the word "blob", not "file". Even more so, because I can inspect the created storage account in Azure, and see its type is Account Kind is BlobStorage. Here are the relevant terraform definitions:
resource "random_string" "random_storage_account_suffix" {
length = 10
special = false
upper = false
numeric = true
lower = true
}
resource "azurerm_storage_account" "mtr_storage" {
name = "mtrstorage${random_string.random_storage_account_suffix.result}"
resource_group_name = azurerm_resource_group.mtr_rg.name
location = azurerm_resource_group.mtr_rg.location
account_kind = "BlobStorage"
account_tier = "Standard"
account_replication_type = "LRS"
tags = {
environment = "${var.environment_name}"
}
}
resource "azurerm_storage_container" "mtr_hello_function_container" {
name = "hello-function-releases"
storage_account_name = var.storage_account_name
container_access_type = "private"
}
resource "azurerm_storage_blob" "mtr_hello_function_blob" {
name = "MTR.ListBlobsFunction.publish.zip"
storage_account_name = var.storage_account_name
storage_container_name = azurerm_storage_container.mtr_hello_function_container.name
type = "Block"
source = "./example_code/MTR.ListBlobsFunction/MTR.ListBlobsFunction.publish.zip"
depends_on = [ null_resource.run_pre_hello_powershell_script ]
}
resource "azurerm_service_plan" "mtr_hello_function_svc_plan" {
name = "mtr-hello-function-svc-plan"
location = var.resource_group_location
resource_group_name = var.resource_group_name
os_type = "Linux"
sku_name = "Y1"
# sku_name = "B1" # this doesn't work with zip package download for some reason - consumption tier needs to be used
tags = {
environment = "${var.environment_name}"
}
}
data "azurerm_storage_account_blob_container_sas" "storage_account_blob_container_sas_for_hello" {
connection_string = var.storage_account_primary_connection_string
container_name = azurerm_storage_container.mtr_hello_function_container.name
start = timeadd(timestamp(), "-10m")
expiry = timeadd(timestamp(), "10m")
permissions {
read = true
add = false
create = false
write = false
delete = false
list = true
}
}
resource "azurerm_linux_function_app" "mtr_hello_function" {
name = "mtr-hello-function11"
location = var.resource_group_location
resource_group_name = var.resource_group_name
service_plan_id = azurerm_service_plan.mtr_hello_function_svc_plan.id
storage_account_name = var.storage_account_name
storage_account_access_key = var.storage_account_primary_access_key
app_settings = {
"FUNCTIONS_WORKER_RUNTIME" = "dotnet"
"WEBSITE_RUN_FROM_PACKAGE" = "https://${var.storage_account_name}.blob.core.windows.net/${azurerm_storage_container.mtr_hello_function_container.name}/${azurerm_storage_blob.mtr_hello_function_blob.name}${data.azurerm_storage_account_blob_container_sas.storage_account_blob_container_sas_for_hello.sas}"
"AzureWebJobsStorage" = var.storage_account_primary_connection_string
"AzureWebJobsDisableHomepage" = "true"
}
site_config {
application_stack {
dotnet_version = "8.0"
use_dotnet_isolated_runtime = true
}
cors {
allowed_origins = ["*"]
}
}
tags = {
environment = "${var.environment_name}"
}
}
At this point I’m not even sure if that’s a Terraform issue, or Azure issue, but I know that storage account address is wrong, because if I substitute the file word with blob, use the correct container and blob names + SAS key, I can download the file.
2
Answers
The problem is with the account kind here:
Please note that
BlobStorage
account kind does not supportFile
service. If you need to useFile
service, please choose another account kind (Standard general-purpose v2
orStandard general-purpose v1
).I think there are a few issues with your code:
var.storage_account_name
in the other resources instead ofazurerm_storage_account.mtr_storage.name
azurerm_storage_account.mtr_storage.primary_connection_string
) instead of using variablesdotnet publish
command BEFORE running anyterraform xxx
commandshello
orhello_sas
as opposed tostorage_account_blob_container_sas_for_hello
)Finally, the code with some of the fixes I mentioned. Please note that this sample was not tested, but I hope it helps to solve at least some of your issues.