You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.
Error: checking for presence of existing Advanced Threat Protection for"/subscriptions/NNN-MMM/resourceGroups/rg-tibo-misc/providers/Microsoft.DBforPostgreSQL/flexibleServers/psql-sb-poc-0001": security.AdvancedThreatProtectionClient#Get: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="Not Supported" Message="Azure Defender for Data Services settings are not supported on resources of type flexibleServers"
Expected Behaviour
Advanced threat protection being enabled on postgres flexible, similar as can be done using azure CLI.
This resource, and its documentation, seems generic enough to support various resource types when attempting to enable Defender. Also it uses the same vocabulary ("advanced threat protection") as does the CLI, which works without a problem.
Azure CLI example:
# setting
az postgres flexible-server advanced-threat-protection-setting update --state=Enabled --ids "/subscriptions/NNN-MMM/resourceGroups/rg-tibo-misc/providers/Microsoft.DBforPostgreSQL/flexibleServers/psql-sb-poc-0001"
# reading
az postgres flexible-server advanced-threat-protection-setting show --ids "/subscriptions/NNN-MMM/resourceGroups/rg-tibo-misc/providers/Microsoft.DBforPostgreSQL/flexibleServers/psql-sb-poc-0001"
Actual Behaviour
Error. Probably because of provider using incorrect API endpoint.
Comparing provider debug logs and azure CLI debug logs, a difference can be observed:
# Provider. Gives 400
GET //subscriptions/NNN-MMM/resourceGroups/rg-tibo-misc/providers/Microsoft.DBforPostgreSQL/flexibleServers/psql-sb-poc-0001/providers/Microsoft.Security/advancedThreatProtectionSettings/current?api-version=2019-01-01
# CLI. Gives 200
GET /subscriptions/NNN-MMM/resourceGroups/rg-tibo-misc/providers/Microsoft.DBforPostgreSQL/flexibleServers/psql-sb-poc-0001/advancedThreatProtectionSettings/Default?api-version=2023-12-01-preview
Is there an existing issue for this?
Community Note
Terraform Version
1.5.7
AzureRM Provider Version
3.110.0
Affected Resource(s)/Data Source(s)
azurerm_advanced_threat_protection
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Advanced threat protection being enabled on postgres flexible, similar as can be done using azure CLI.
This resource, and its documentation, seems generic enough to support various resource types when attempting to enable Defender. Also it uses the same vocabulary ("advanced threat protection") as does the CLI, which works without a problem.
Azure CLI example:
Actual Behaviour
Error. Probably because of provider using incorrect API endpoint.
Comparing provider debug logs and azure CLI debug logs, a difference can be observed:
Steps to Reproduce
terraform apply
Important Factoids
No response
References
Urls seem to be constructed in this file:
terraform-provider-azurerm/internal/services/securitycenter/parse/advanced_threat_protection.go
Line 29 in 24c0009
The text was updated successfully, but these errors were encountered: