Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resource azuread_application_owner unable to set application as owner. Returns 400. #1554

Closed
AtzeDeVries opened this issue Oct 30, 2024 · 1 comment
Closed

Resource azuread_application_owner unable to set application as owner. Returns 400. #1554

AtzeDeVries opened this issue Oct 30, 2024 · 1 comment

Comments

@AtzeDeVries
Copy link

Affected Resource(s)

  • azuread_application_owner

Terraform Configuration Files

terraform {
  required_providers {
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 3"
    }
  }
}

# Configure the Azure Active Directory Provider
provider "azuread" {
  tenant_id = "ad****************70"
}



locals {
  app_object_id = "/applications/a7********************c6"
  # the owner id below is an object id of a other application
  owner_id      = "2b******************2e"
}

resource "azuread_application_owner" "application_owners" {
  application_id  = local.app_object_id
  owner_object_id = local.owner_id
}

Output

azuread_application_owner.application_owners: Creating...
╷
│ Error: checking for presence of existing Application Id Owner (Application: "a7**********************c6"
│ Directory Object: "2b************************2e"): unable to list Owners with filter "id eq '2b*******************2e'": unexpected status 400 (400 Bad Requ
est) with error: Request_BadRequest: Unsupported directory object class 'Application' in resource identifier for reference 'owners'.
│ 
│   with azuread_application_owner.application_owners,
│   on main.tf line 22, in resource "azuread_application_owner" "application_owners":
│   22: resource "azuread_application_owner" "application_owners" {
│ 
│ checking for presence of existing Application Id Owner (Application: "a7**********************c6"
│ Directory Object: "2b*******************2e"): unable to list Owners with filter "id eq '2b*******************2e'": unexpected status 400 (400 Bad
│ Request) with error: Request_BadRequest: Unsupported directory object class 'Application' in resource identifier for reference 'owners'.

Debug Output

azuread_application_owner.application_owners: Creating...
2024-10-30T09:48:13.429+0100 [INFO]  Starting apply for azuread_application_owner.application_owners
2024-10-30T09:48:13.429+0100 [DEBUG] azuread_application_owner.application_owners: applying the planned Create change
2024-10-30T09:48:13.432+0100 [INFO]  provider.terraform-provider-azuread_v3.0.2_x5: 2024/10/30 09:48:13 [DEBUG] Locking "azuread_application.a7**********************c6"
: timestamp=2024-10-30T09:48:13.432+0100
2024-10-30T09:48:13.432+0100 [INFO]  provider.terraform-provider-azuread_v3.0.2_x5: 2024/10/30 09:48:13 [DEBUG] Locked "azuread_application.a7**********************c6":
 timestamp=2024-10-30T09:48:13.432+0100
2024-10-30T09:48:13.441+0100 [INFO]  provider.terraform-provider-azuread_v3.0.2_x5: 2024/10/30 09:48:13 [DEBUG] ============================ Begin AzureAD Request ===============
=============
Request ID: 221ba425-32c4-d5a2-f094-77ae86321656

GET /v1.0/applications/a7**********************c6/owners?%24filter=id+eq+%272b*******************2e%27 HTTP/1.1
Host: graph.microsoft.com
User-Agent: HashiCorp Terraform/1.3.6 (+https://www.terraform.io) Terraform Plugin SDK/2.34.0 terraform-provider-azuread/3.0.2 HashiCorp/go-azure-sdk (Go-http-Client/1.1 Microsof
tGraph-owner/v1.0) pid-222c6c49-1b0a-5959-a213-6608f9eb8820
Accept: application/json; charset=utf-8; IEEE754Compatible=false
Content-Type: application/json; charset=utf-8
Odata-Maxversion: 4.0
Odata-Version: 4.0
Accept-Encoding: gzip


============================= End AzureAD Request =============================: timestamp=2024-10-30T09:48:13.441+0100
2024-10-30T09:48:13.442+0100 [INFO]  provider.terraform-provider-azuread_v3.0.2_x5: 2024/10/30 09:48:13 [DEBUG] GET https://graph.microsoft.com/v1.0/applications/a7**********************c6/owners?%24filter=id+eq+%272b*******************2e%27: timestamp=2024-10-30T09:48:13.442+0100
2024-10-30T09:48:13.642+0100 [INFO]  provider.terraform-provider-azuread_v3.0.2_x5: 2024/10/30 09:48:13 [DEBUG] ============================ Begin AzureAD Response ==============
=============
GET https://graph.microsoft.com/v1.0/applications/a7**********************c6/owners?%24filter=id+eq+%272b*******************2e%27
Request ID: 221ba425-32c4-d5a2-f094-77ae86321656

HTTP/2.0 400 Bad Request
Cache-Control: no-cache
Client-Request-Id: dc3bc393-3103-40e2-89d8-6a7001817236
Content-Type: application/json
Date: Wed, 30 Oct 2024 08:48:13 GMT
Request-Id: dc3bc393-3103-40e2-89d8-6a7001817236
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Ms-Ags-Diagnostic: {"ServerInfo":{"DataCenter":"Norway East","Slice":"E","Ring":"2","ScaleUnit":"002","RoleInstance":"OS2PEPF000001C0"}}
X-Ms-Resource-Unit: 1

{"error":{"code":"Request_BadRequest","message":"Unsupported directory object class 'Application' in resource identifier for reference 'owners'.","innerError":{"date":"2024-10-30
T08:48:13","request-id":"dc3bc393-3103-40e2-89d8-6a7001817236","client-request-id":"dc3bc393-3103-40e2-89d8-6a7001817236"}}}
============================= End AzureAD Response ============================: timestamp=2024-10-30T09:48:13.642+0100
@AtzeDeVries
Copy link
Author

AtzeDeVries commented Oct 30, 2024
edited
Loading

User error. Application cannot be owner, but related service principal can.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AtzeDeVries