Terraform -AZ CLI- MSAL令牌错误 - 不存在用户
自从今天以来,我会使用Azure AD身份验证遇到有关Terraform启动的错误。
Terrform v1.2.2
AZ CLI v2.37.0
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~>3.0"
}
}
backend "azurerm" {
tenant_id = "XXX"
subscription_id = "XXX"
resource_group_name = "XXX"
storage_account_name = "XXX"
container_name = "tfstate"
key = "devops.terraform.tfstate"
use_azuread_auth = true
}
}
terraform init
> Error: obtaining Authorization Token from the Azure CLI: parsing json result from the Azure CLI: waiting for the Azure CLI: exit status 1: ERROR: User 'XXX' does not exist in MSAL token cache. Run `az login`.
运行AZ登录或az注销/AZ登录,错误仍然存在。 删除MSAL令牌缓存文件或AZ帐户清除也无济于事。 我正在使用最新版本的Terraform和AZ CLI。在遇到错误之前,我在使用Terraform v1.1.x,但升级也无法解决。 另外,用户在account.username中明确存在于msal_token_cache.json中。
有什么建议吗?
干杯, AJ
解决:
重新安装AZ CLI后,问题解决了。我认为这是WSL2的问题。如果不是Terraform和AZ CLI都是Windows二进制文件(或两个Linux二进制文件),则可能遍布整个配置。 反正谢谢!
since today I am experiencing an error concerning terraform initilization using Azure AD Authentication.
Terrform v1.2.2
Az Cli v2.37.0
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~>3.0"
}
}
backend "azurerm" {
tenant_id = "XXX"
subscription_id = "XXX"
resource_group_name = "XXX"
storage_account_name = "XXX"
container_name = "tfstate"
key = "devops.terraform.tfstate"
use_azuread_auth = true
}
}
terraform init
> Error: obtaining Authorization Token from the Azure CLI: parsing json result from the Azure CLI: waiting for the Azure CLI: exit status 1: ERROR: User 'XXX' does not exist in MSAL token cache. Run `az login`.
Upon running az login or az logout/az login, the error remains.
Deleting MSAL token cache file or az account clear do not help, either.
I am using latest versions of terraform and az cli. I was using terraform v1.1.x before when I encountered the error but upgrading did not solve it, either.
Also, the user definetly exists in the msal_token_cache.json at Account.username.
Any suggestions?
Cheers,
AJ
SOLVED:
After reinstalling az cli, the issue resolved. I think it is a problem with WSL2. If not both terraform and az cli are windows binaries (or both linux binaries), configuration is probably all over the place.
Thanks anyway!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我遇到了同样的问题。我做了以下操作,并解决了问题:
AZ帐户清除了
AZ登录命令。
I was experiencing the same issue. I did the following and the issue was resolved:
az account clear
The ran the az login command.
如果有人在
az登录我通过运行以下命令
az登录解决了我的问题 - 租户IDidID 在Azure门户上找到的ID/GUID。请按照以下步骤获取房客ID:
登录到Azure门户。
在Azure服务标题下,选择Microsoft Entra ID。
在概述屏幕中,您可以复制房客ID
If anyone is struggling with
az loginI solved my problem by running the following command
az login --tenant idreplace
idwith the id/guid found on azure portal.follow these steps to get the tenant id:
Sign in to the Azure portal.
Under the Azure services heading, select Microsoft Entra ID.
In the overview screen you can copy the tenant id
谢谢 ajqrea 共享解决方案。将其作为解决方案发布,以帮助其他社区成员将来可能会遇到同样的问题。
错误是由于您更改了Azure帐户的密码,并且存储在磁盘上的访问令牌变得无效。
Terraform在内部只是调用
az帐户获取访问- 因此,您应该能够运行相同的命令以查看错误。解决方案:重新安装或升级
azure-cli-iot-ext扩展程序后,Terraform能够通过新的更新密码再次检索访问令牌。参考: https://github.com/hashiCorp.com/hashasicorp/hashicorp/terraform-profider-profider-provider- -azurerm/essugy/3686
Thank You AJQREA sharing the solution. Posting it as an solution to help other community member who might encounter the same problem in future.
The error is due to you having changed the password of your Azure account and the access token stored on the disk becoming invalid.
Terraform internally is just calling
az account get-access-token- as such you should be able to run the same command to see the error.Solution : After reinstalling or upgrading the
azure-cli-iot-extextension, Terraform was able to retrieve the access token again with new updated password.Reference : https://github.com/hashicorp/terraform-provider-azurerm/issues/3686