8000 azuread_group gives HTTP 401 OrganizationFromTenantGuidNotFound · Issue #1645 · hashicorp/terraform-provider-azuread · GitHub
[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azuread_group gives HTTP 401 OrganizationFromTenantGuidNotFound #1645

Open
blueelvis opened this issue Feb 18, 2025 · 0 comments
Open

azuread_group gives HTTP 401 OrganizationFromTenantGuidNotFound #1645

blueelvis opened this issue Feb 18, 2025 · 0 comments

Comments

@blueelvis
Copy link
blueelvis commented Feb 18, 2025
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureAD Provider) Version

Affected Resource(s)

  • azuread_group

Terraform Configuration Files

data "azuread_client_config" "current" {}

resource "azuread_group" "test_groups" {
  // for_each         = { for config in local.full_access_users : "${config.client}" => config }
  disp
6F6C
lay_name     = "Studio - Test - Full Access"
  description      = "Provides Test Access to users in this group to Test's Studio"
  security_enabled = true
  mail_enabled = true
  mail_nickname = "Test-test-access"
  types = [ "Unified" ]
  hide_from_address_lists = false
  hide_from_outlook_clients = false
  external_senders_allowed = false

  # Optional: Configure group owners
  owners = [data.azuread_client_config.current.object_id]
}

Debug Output

https://gist.github.com/blueelvis/78860f6dd583fae1604ec987a378245b

Panic Output

PS D:\dev\Entra.Terraform> terraform apply    
data.azuread_client_config.current: Reading...
data.azuread_domains.default: Reading...
data.azuread_users.group_owners: Reading...
data.azuread_client_config.current: Read complete after 0s [id=08dda24a-4103-4d34-936f-7a4adaa758d2-04b07795-8ddb-461a-bbee-02f9e1bf7b46-eec5049c-9751-4e6f-a1a2-c13d1bd6fe11]
azuread_invitation.external_users["aa@aa.com"]: Refreshing state... [id=8d1e4b1d-7627-4602-8120-93295b1478c0]
azuread_invitation.external_users["bb@bb.com"]: Refreshing state... [id=855ebb79-6cf3-4ea9-9bfb-1700b23fe93e]
azuread_group.test_groups: Refreshing state... [id=/groups/6139daba-0509-434e-85f6-efb3b567d083]
data.azuread_users.group_owners: Read complete after 3s [id=users#bz8CSDYzgzpO0lVft6cFpIE7EOU=]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Could not retrieve group with object UID "/groups/6139daba-0509-434e-85f6-efb3b567d083"
│
│   with azuread_group.test_groups,
│   on groups.tf line 2, in resource "azuread_group" "test_groups":
│    2: resource "azuread_group" "test_groups" {
│
│ retrieving additional fields: unexpected status 401 (401 Unauthorized) with error: UnknownError:
│ {"error":{"code":"OrganizationFromTenantGuidNotFound","message":"The tenant for tenant guid
│ '08dda24a-4103-4d34-936f-7a4adaa758d2' does not
│ exist.","innerError":{"oAuthEventOperationId":"9016c767-c41f-414d-a3a8-f2941f80af3a","oAuthEventcV":"kZBeXO2Ta22tHFuh7URHQQ.1.1.1","errorUrl":"https://aka.ms/autherrors#error-InvalidTenant","requestId":"4f32ae42-0a94-4322-8d97-c3aae3e83094","date":"2025-02-18T14:14:35"}}}

Expected Behavior

The apply should complete successfully.

Actual Behavior

  1. The group gets created successfully in Entra.
  2. Terraform Plan fails with the above.

Steps to Reproduce

  1. terraform apply

Important Factoids

  1. Running in Azure Commercial.
  2. Using the az-cli authentication with my own user which has Global Administrator access.
  3. The group gets created successfully in Entra with the required properties and settings.
  4. On the next terraform apply, it fails reading the group as well.
  5. I checked the Group Object ID and it is correct to what is being shown in the logs.

Any idea what could be going wrong here?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@blueelvis
0