Bug: Bootstrap fails on Microsoft Hosted Virtual Machines - Need to upgrade AzAPI to v2

[integyjc]

Is there an existing issue for this?

• I have searched the existing issues

Infrastructure as Code Type? (Required)

bicep

PowerShell Module Version (Optional)

4.1.0

Bootstrap Module Version (Optional)

No response

Starter Module? (Required)

bicep - complete

Starter Module Version (Optional)

No response

Input arguments of the ALZ-PowerShell-Module (Optional)

No response

Debug Output/Panic Output (Optional)

Expected Behaviour (Required)

Terraform plan should have started

Actual Behaviour (Required)

Error: Failed to perform action
│
│ with data.azapi_resource_action.locations,
│ on main.tf line 12, in data "azapi_resource_action" "locations":
│ 12: data "azapi_resource_action" "locations" {
│
│ performing action locations of "Resource: (ResourceId "/subscriptions/fd134809-7884-405a-redacted" / Api
│ Version "2022-12-01")": ChainedTokenCredential authentication failed
│ GET http://169.254.169.254/metadata/identity/oauth2/token
│ --------------------------------------------------------------------------------
│ RESPONSE 400 Bad Request
│ --------------------------------------------------------------------------------
│ {
│ "error": "invalid_request",
│ "error_description": "Identity not found"
│ }
│ --------------------------------------------------------------------------------
│
╵

Steps to Reproduce (Optional)

No response

Important Factoids (Optional)

First time following the new process so this could well be user error. I've got to the point of running Deploy-Accelerator -inputs "c:\accelerator\config\inputs.yaml" -output "c:\accelerator\output" and receive the error shown

Has anyone else hit this or have I missed something?

The user account im using is logged in via az login - I have also tried with -t to fix the tenant. The user is owner at tenant root

References (Optional)

No response

[jaredfholgate]

Looks like you are running on an Azure VM? If so, you can fix by setting the env var ARM_USE_MSI to false.

$env:ARM_USE_MSI = $false

This was a limitation with AzAPI, but has been fixed in v2. I will update the code to fix this moving forward.

[integyjc]

Thats done the trick thank you!

$env:ARM_USE_MSI = "false"

Yes we're using Azure DevBox and I obviously didn't google enough to find this known issue!

Much appreciated

[jaredfholgate]

I'll leave this issue open as a prompt for me to upgrade to azapi v2.

[jaredfholgate]

This was fixed in #236 and released in https://github.com/Azure/ALZ-PowerShell-Module/releases/tag/4.1.2