azurerm_eventgrid_system_topic is unable to use a management group for the source_arm_resource_id paramater - Reopen

[kgopi1]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

Hi, This issue # #18034 still not resolved with latest azurerm provider (3.87.0) also , still getting validation failed in event system topic when using management group.

Error message:

Error: Can not parse "source_arm_resource_id" as a resource id: No subscription ID found in: "tenants//providers/Microsoft.Management/managementGroups/"
│
│ with azurerm_eventgrid_system_topic.topic,
│ on ev-policy-events.tf line 19, in resource "azurerm_eventgrid_system_topic" "topic":
│ 19: source_arm_resource_id = "/tenants//providers/Microsoft.Management/managementGroups/*****"

Refer the Microsoft link which states to use different syntax when referring the management group id.

If your Event Grid system topic will be applied to the management group scope, then the Azure CLI --source parameter syntax is a bit different. Here's an example:

az eventgrid system-topic create --name PolicyStateChanges --location global --topic-type Microsoft.PolicyInsights.PolicyStates --source "/tenants//providers/Microsoft.Management/managementGroups/<management_group_name>" --resource-group "<resource_group_name>"

https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/governance/policy/tutorials/route-state-change-events.md

Terraform Version

1.5.7

AzureRM Provider Version

3.87.0

Affected Resource(s)/Data Source(s)

azurerm_eventgrid_system_topic

Terraform Configuration Files

resource "azurerm_eventgrid_system_topic" "topic" {
  name                   = "system-topic"
  location               = "Global"
  resource_group_name    = data.azurerm_resource_group.resource_group.name
  source_arm_resource_id = "/tenants/*****/providers/Microsoft.Management/managementGroups/****"
  topic_type             = "Microsoft.PolicyInsights.PolicyStates"
}

Debug Output/Panic Output

Error: Can not parse "source_arm_resource_id" as a resource id: No subscription ID found in: "tenants/***/providers/Microsoft.Management/managementGroups/******"

Expected Behaviour

Able to create azurerm_eventgrid_system_topic successfully.

Actual Behaviour

Error: Can not parse "source_arm_resource_id" as a resource id: No subscription ID found in: "tenants//providers/Microsoft.Management/managementGroups/***"

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[tombuildsstuff]

hi @kgopi1

Taking a look through here, it appears that this is because the value being provided for the Management Group ID doesn't match the defined format for a Management Group ID. Management Group IDs should be in the format:

/providers/Microsoft.Management/managementGroups/XXX

However the following value is being provided:

/tenants/XXX/providers/Microsoft.Management/managementGroups/XXX

As such can you try removing the /tenants/XXX prefix from the Management Group ID?

Thanks!

[kgopi1]

Hi @tombuildsstuff , i tried again by passing source_id as /providers/Microsoft.Management/managementGroups/*****.

apply stage got failed with below error.

performing CreateOrUpdate: unexpected status 400 with error: InvalidRequest: ResourceID is not in the expected format.

So if you look Azure Documentation link ,if we need to pass the management group as source_id it is looking in format as /tenants/*****/providers/Microsoft.Management/managementGroups/****

azurerm_eventgrid_system_topic.topic will be created

• resource "azurerm_eventgrid_system_topic" "topic" {
  • id = (known after apply)
  • location = "global"
  • metric_arm_resource_id = (known after apply)
  • name = "system-topic"
  • resource_group_name = "myresourcegroup"
  • source_arm_resource_id = "/providers/Microsoft.Management/managementGroups/*****"
  • topic_type = "Microsoft.PolicyInsights.PolicyStates"
    }

[dkaushik100]

Is this issue fixed? I am getting System Topic Name: "xxxxx"): performing CreateOrUpdate: unexpected status 400 with error: InvalidRequest: ResourceID is not in the expected f
ormat: /providers/Microsoft.Management/managementgroups/"xxxx"
│ Parameter name: GetSourceScope

when creating a system topic resource via azurerm_eventgrid_system_topic. I made sure I entered the management group id in same format

[sharccc]

reference IPL-6351

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.