Question 239440 in Azure Question posted in
The official documentation to get you started can be found here.

Issue with Azure Resource Creation using Terraform – Error: "Authentication failed, please check your credentials for AzureRM provider"

I am trying to provision Azure resources using Terraform, but I’m encountering an authentication issue that I can’t seem to resolve. I’ve followed the Azure documentation to set up my credentials, and I’ve double-checked my subscription ID, client ID, client secret, and tenant ID. However, I keep getting the following error message:

Error: Authentication failed, please check your credentials for the
AzureRM provider

Error: Error building AzureRM Client: InvalidConfig: Error parsing
json result from the Azure CLI: Error loading the JSON file
‘C:UsersUser.azureaccessTokens.json’: open
C:UsersUser.azureaccessTokens.json: The system cannot find the
file specified.

main.tf

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "my-resource-group"
  location = "East US"
}

variable.tf

variable "client_id" {}
variable "client_secret" {}
variable "tenant_id" {}
variable "subscription_id" {}

I’m running Terraform version 0.15.4. My operating system is Windows 10. I’ve ensured that my Azure CLI is updated to the latest version as well.

Can anyone help me understand why I’m encountering this authentication error and how to resolve it? I’ve spent a lot of time double-checking my credentials and searching for solutions, but nothing seems to work.

Tags:

2

Answers


  1. 0

    Terraform version 0.15.4 really, first I would highly recommend you to upgrade the Terraform version to the latest if possible or at least >=1.3.

    It seems that you are having authentication issues.

    1. Please double-check if you are using the right credentials.
    2. Please follow azurerm with SPN guide to authenticate with the service principle client ID and client secret.

    Summary of the Guide

    If you have az cli installed on your machine, please use the below command if you are able to authenticate yourself via az cli, it should automatically work for Terraform.

    az login --service-principal -u CLIENT_ID -p CLIENT_SECRET --tenant TENANT_ID

    You could also use environment variables if az cli is a blocker.

    export ARM_CLIENT_ID="00000000-0000-0000-0000-000000000000"
export ARM_CLIENT_SECRET="12345678-0000-0000-0000-000000000000"
export ARM_TENANT_ID="10000000-0000-0000-0000-000000000000"
export ARM_SUBSCRIPTION_ID="20000000-0000-0000-0000-000000000000"

    I would not recommend personally configuring your provider with secrets but you can do that as well if you are fine with that.

    Login or Signup to reply.
  2. 0

    Normally, I would create a azure.environment.sh file within my terraform repo which has the line:

    echo 'Getting ARM_ACCESS_KEY'
ARM_ACCESS_KEY=$(az keyvault secret show --name ARM-ACCESS-KEY --vault-name <my_vault> --query value -o tsv)
export ARM_ACCESS_KEY

    Before running my terraform, I will source the file, while I am in my terraform folder/repo:

    ¨¨source ./azure-environment.sh
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search