\n Initializing the backend...
\n Successfully configured the backend \"azurerm\"! Terraform will automatically\n use this backend unless the backend configuration changes.
\n Error refreshing state: storage: service returned error: StatusCode=403, ErrorCode=AuthenticationFailed, ErrorMessage=Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.\n RequestId:665e0067-b01e-007a-6084-97da67000000
\n Time:2018-12-19T10:18:18.7148241Z, RequestInitiated=Wed, 19 Dec 2018 10:18:18 GMT, RequestId=665e0067-b01e-007a-6084-97da67000000, API Version=, QueryParameterName=, QueryParameterValue=
Any ideas what im doing wrong?
\n","author":{"@type":"Person","name":"Staggerlee011"},"upvoteCount":15,"answerCount":6,"acceptedAnswer":null}}Reputation: 1055
I have been using the below to successfully create a back-end state file for terraform in Azure storage, but for some reason its stopped working. I've recycled passwords for the storage, trying both keys and get the same error every-time
backend.tf
terraform {
backend "azurerm" {
storage_account_name = "terraformstorage"
resource_group_name = "automation"
container_name = "terraform"
key = "testautomation.terraform.tfstate"
access_key = "<storage key>"
}
}
Error returned
terraform init
Initializing the backend...
Successfully configured the backend "azurerm"! Terraform will automatically use this backend unless the backend configuration changes.
Error refreshing state: storage: service returned error: StatusCode=403, ErrorCode=AuthenticationFailed, ErrorMessage=Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:665e0067-b01e-007a-6084-97da67000000
Time:2018-12-19T10:18:18.7148241Z, RequestInitiated=Wed, 19 Dec 2018 10:18:18 GMT, RequestId=665e0067-b01e-007a-6084-97da67000000, API Version=, QueryParameterName=, QueryParameterValue=
Any ideas what im doing wrong?
Upvotes: 15
Views: 24648
Reputation: 1
There should a .terraform
directory , where you are running the terraform init command from.
Remove .terraform
or move it to Someotehr name. Next time terraform init runs , it will recreate that directory with new init.
Upvotes: -2
Reputation: 432
I was facing the same issue while setting the remote backend state to Azure StorageV2. I was using SAS token to set the remote backend state. The token was generated using Terraform data provider (data "azurerm_storage_account_sas" ""). The SAS Token thus generated, was not working. So, I had to manually generate SAS token from Azure portal. That fixed the problem.
Upvotes: 0
Reputation: 166755
Here are few suggestions:
terraform init -reconfigure
.azurerm_storage_account
/network_rules
" to allow certain IP addresses, or make sure you're connected to the right VPN network.TF_LOG=TRACE terraform init
to debug further.Upvotes: 9
Reputation: 166755
Please ensure you've been authenticated properly to Azure Cloud.
If you're running Terraform externally, re-run: az login
.
If you're running Terraform on the instance, you can use managed identities, or by defining the following environmental variables:
ARM_USE_MSI=true
ARM_SUBSCRIPTION_ID=xxx-yyy-zzz
ARM_TENANT_ID=xxx-yyy-zzz
or just run az login --identity
, then assign the right role (azurerm_role_assignment
, e.g. "Contributor") and appropriate policies (azurerm_policy_definition
).
See also:
Upvotes: 2
Reputation: 450
Another problem can be time resolution.
I experienced those problems as well, tried all the above mentioned steps, but nothing helped.
What happened on my system (Windows 10, WSL2) was, that WSL lost its time sync and I was hours apart. This behaviour is described in https://github.com/microsoft/WSL/issues/4245.
For me it helped to
get the appropriate time in WSL (sudo hwclock -s
) and
to reboot WSL
Hope, this will help others too.
Upvotes: 12
Reputation: 1218
What worked for me is to delete the local .terraform folder and try again.
Upvotes: 18