Errors during terraform deployment #73
Description
While running the Terraform scripts, I observed the following failures:
- Virtual Machine Creation
• The feature EncryptionAtHost is not enabled under the provider.
• A pull request has been created to address this prerequisite.
- Key Vault Access Restrictions
• Public access to the Key Vault is disabled.
• In production, this is not an issue since GitHub workflow agents run within the network.
• However, for local execution, the workstation’s public IP must be whitelisted or internet access enabled.
• Fix: Configure the vault to “Allow public access from specific virtual networks and IP addresses” and whitelist the workstation’s public IP.
- Service Principal Permissions
• The README currently states that Owner or Contributor access is sufficient for the service principal.
• In practice, deployment also requires RBAC permissions on the Key Vault, which fail without elevated rights.
• Correction: The service principal should be granted Owner or Contributor + User Access Administrator to successfully perform the deployment.