I've tried a number of configurations and none of them seem to work. I've also tried running terraform with my Azure super user which has RW access to everything and it still fails to create the resources.
Here's my terraform config and output from the run:
provider "azurerm" {
subscription_id = "xxxxxxxxxxxxxxxxxx"
client_id = "xxxxxxxxxxxxxxxxxx"
client_secret = "xxxxxxxxxxxxxxxxxxxx"
tenant_id = "xxxxxxxxxxxxxxxxxxx"
}
resource "azurerm_resource_group" "1Demo" {
name = "1Demo"
location = "West US"
}
resource "azurerm_virtual_network" "network" {
name = "demoNetwork"
address_space = ["10.0.0.0/16"]
location = "West US"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
}
resource "azurerm_resource_group" "networkGroup" {
name = "demoNetworkGroup"
location = "West US"
}
resource "azurerm_storage_account" "test" {
name = "accsa"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
location = "westus"
account_type = "Standard_LRS"
tags {
environment = "staging"
}
}
resource "azurerm_storage_container" "test" {
name = "vhds"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
storage_account_name = "${azurerm_storage_account.test.name}"
container_access_type = "private"
}
resource "azurerm_network_security_group" "demo" {
name = "demoSecurityGroup"
location = "West US"
resource_group_name = "${azurerm_resource_group.networkGroup.name}"
security_rule {
name = "default-allow-rdp"
priority = 1000
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "winrm"
priority = 1010
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "5985"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "winrm-out"
priority = 100
direction = "Outbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
destination_port_range = "5985"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
resource "azurerm_public_ip" "demoIP" {
name = "demoIPAddress"
location = "West US"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
public_ip_address_allocation = "static"
}
resource "azurerm_subnet" "demosubnet" {
name = "testsubnet"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
virtual_network_name = "${azurerm_virtual_network.network.name}"
address_prefix = "10.0.2.0/24"
}
resource "azurerm_network_interface" "nicdemo" {
name = "nicdemo"
location = "West US"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
ip_configuration {
name = "ipconfiguration"
subnet_id = "${azurerm_subnet.demosubnet.id}"
private_ip_address_allocation = "dynamic"
}
}
resource "azurerm_virtual_machine" "terraformtest" {
name = "terraformtest"
location = "West US"
resource_group_name = "${azurerm_resource_group.1Demo.name}"
network_interface_ids = ["${azurerm_network_interface.nicdemo.id}"]
vm_size = "Standard_D1_V2"
storage_image_reference {
publisher = "MicrosoftWindowsServerHPCPack"
offer = "WindowsServerHPCPack"
sku = "2012R2"
version = "latest"
}
storage_os_disk {
name = "myosdisk1"
vhd_uri = "${azurerm_storage_account.test.primary_blob_endpoint}${azurerm_storage_container.test.name}/myosdisk1.vhd"
caching = "ReadWrite"
create_option = "FromImage"
}
os_profile {
computer_name = "terraformtest"
admin_username = "adminadmin"
admin_password = "AdminAdmin123"
}
}
azurerm_resource_group.networkGroup: Refreshing state... (ID: /subscriptions/xxxxxxxxxxxxxxx/resourceGroups/demoNetworkGroup)
azurerm_resource_group.1Demo: Refreshing state... (ID: /subscriptions/xxxxxxxxxxxxxxx/resourceGroups/1Demo)
azurerm_public_ip.demoIP: Refreshing state... (ID: /subscriptions/xxxxxxxxxxxxxxx/resourceGroups/1Demo/providers/Microsoft.Network/publicIPAddresses/demoIPAddress)
azurerm_storage_account.test: Refreshing state... (ID: /subscriptions/xxxxxxxxxxxxxxx/resourceGroups/1demo/providers/Microsoft.Storage/storageAccounts/accsa)
azurerm_network_security_group.demo: Refreshing state... (ID: /subscriptions/xxxxxxxxxxxxxxx/resourceGroups/demoNetworkGroup/providers/Microsoft.Network/networkSecurityGroups/demoSecurityGroup)
azurerm_storage_container.test: Refreshing state... (ID: vhds)
azurerm_virtual_network.network: Creating...
address_space.#: "" => "1"
address_space.0: "" => "10.0.0.0/16"
location: "" => "westus"
name: "" => "demoNetwork"
resource_group_name: "" => "1Demo"
subnet.#: "" => "<computed>"
Error applying plan:
1 error(s) occurred:
* azurerm_virtual_network.network: autorest:DoErrorUnlessStatusCode 400 PUT https://management.azure.com/subscriptions/xxxxxxxxxxxxxxx/resourceGroups/1Demo/providers/Microsoft.Network/virtualnetworks/demoNetwork?api-version=2015-06-15 failed with 400 Bad Request
I've tried a lot of different things and this and nothing seems to work. I've also tried doing this with the classic azure provider and that works. It's the azurerm provider that is giving me trouble. I wasn't sure if this was a terraform bug so I'm holding off on submitting a bug until I've gotten a second opinion here. Thanks in advance.