Azure Microsoft Monitoring Agent failing to provision with Terraform

Question

Trying to install the MMA agent as part of a VM deployment using Terraform. I am sure the failure is due to the syntax of the extension I am using but I have had no luck determining what it should be. The agent installs but will not join the Log Analytics workspace. I am storing the workspace ID and the Primary Key in Key Vault and passing them into Terraform at execution time. From the extension logs on the VM, it looks like it is getting the correct workspace ID but I can't tell if it is receiving the key correctly. Below is the Terraform syntax I using:

resource "azurerm_virtual_machine_extension" "lawks-test" {
  name = "MMA_${azurerm_virtual_machine.test.name}"
  location             = "${azurerm_resource_group.test.location}"
  resource_group_name  = "${azurerm_resource_group.test.name}"
  virtual_machine_name = "${azurerm_virtual_machine.test.name}"
  publisher            = "Microsoft.EnterpriseCloud.Monitoring"
  type                 = "MicrosoftMonitoringAgent"
  type_handler_version = "1.0"

  settings = <



Below is what is shown in one of the extension log files:

11/19/2018 9:43:51 PM +00:00 Managed Service Identity extension (Microsoft.ManagedIdentity.ManagedIdentityExtensionForWindows) not found on this box, automaticManagement will be skipped on this box.
11/19/2018 9:43:51 PM +00:00 HandlerConfig found, default config will be override, CloudType changed to 1
11/19/2018 9:43:51 PM +00:00 GET http://169.254.169.254/metadata/instance?api-version=2017-08-01 with requestId 9a17250a-bfd0-4e4b-b9d3-aa4ceaf9007e
11/19/2018 9:43:52 PM +00:00 azureResourceId from metadata service.
11/19/2018 9:43:52 PM +00:00 automaticManagement not enabled.
11/19/2018 9:43:52 PM +00:00 systemWorkspace provision failed due to AutomaticManagementNotEnabled
11/19/2018 9:43:52 PM +00:00 only configSpecifiedWorkspace available.
11/19/2018 9:43:52 PM +00:00 SettingFile changed, re-apply configuration.
11/19/2018 9:43:52 PM +00:00 Adding workspace /subscriptions//resourcegroups/resource_group/providers/microsoft.operationalinsights/workspaces/my-workspace.
11/19/2018 9:43:53 PM +00:00 Unknown error during enable command : System.ArgumentException: Value does not fall within the expected range.
   at System.Dynamic.ComRuntimeHelpers.CheckThrowException(Int32 hresult, ExcepInfo& excepInfo, UInt32 argErr, String message)
   at CallSite.Target(Closure , CallSite , ComObject , String , String , Int32 )
   at System.Dynamic.UpdateDelegates.UpdateAndExecute4[T0,T1,T2,T3,TRet](CallSite site, T0 arg0, T1 arg1, T2 arg2, T3 arg3)
   at System.Dynamic.UpdateDelegates.UpdateAndExecuteVoid4[T0,T1,T2,T3](CallSite site, T0 arg0, T1 arg1, T2 arg2, T3 arg3)
   at Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMAConfigHelper.AddCloudWorkspace(String workspaceId, String workspaceKey, Nullable`1 cloudType)
   at Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.EnableProgram.Main(String[] args)

phydeauxman · Accepted Answer

Thanks for those that replied. I discovered what the issue is by trying to do a manual install. The azurerm_log_analytics_workspace resouce has 2 attributes that relate to ID:

id - The Log Analytics Workspace ID

and

workspace_id - The Workspace (or Customer) ID for the Log Analytics Workspace

I was incorrectly trying to use "id" which is the wrong one. Once I used the "workspace_id" attribute, the install worked fine...with no changes to the formatting of the Terraform code.

The one thing I have often found lacking about Terraform is the documentation.

Azure Microsoft Monitoring Agent failing to provision with Terraform

Answers (2)

Related Questions