Terraform Enterprise Flexible Deployment Options deployment on Azure fails with "NOAUTH Authentication required" – HashiCorp Help Center

Problem

The initial deployment of Terraform Enterprise Flexible Deployment Options on Microsoft Azure (AKS) fails. The installation logs show a NOAUTH Authentication required error.

You can view the installation logs with the following command.

$ kubectl logs <pod_name> -n <namespace>

Prerequisites

Terraform Enterprise Flexible Deployment Options in Active-Active mode.
Deployment on Microsoft Azure Kubernetes Service (AKS).

Cause

For installations on Microsoft Azure, you must specify the Redis Access Key as the TFE_REDIS_PASSWORD value to authenticate to the Azure Cache for Redis.

Solutions

To resolve this issue, update your YAML configuration file with the correct Redis authentication parameters and redeploy Terraform Enterprise.

Option 1: Configure for non-SSL Port 6379

If you are using the default, non-SSL port 6379, set the following parameters.

TFE_REDIS_HOST: "HOSTNAME_OF_YOUR_REDIS_CACHE"
TFE_REDIS_USE_AUTH: "true"
TFE_REDIS_PASSWORD: "ACCESS_KEY_OF_YOUR_REDIS_CACHE"

Option 2: Configure for SSL Port 6380

If you are using the SSL port 6380, set the following parameters.

TFE_REDIS_HOST: "HOSTNAME_OF_YOUR_REDIS_CACHE:6380"
TFE_REDIS_USE_AUTH: "true"
TFE_REDIS_USE_TLS: "true"
TFE_REDIS_PASSWORD: "ACCESS_KEY_OF_YOUR_REDIS_CACHE"

Verification

You can find the required access keys in the Azure Portal under Azure Cache for Redis > [your cache name] > Settings > Access keys.

Azure Portal showing Access keys for Redis Cache

While the Terraform Enterprise container is being created, you can validate the connectivity to your Redis instance.

To validate a connection using the non-SSL port 6379, run the following command.

$ kubectl exec -n terraform-enterprise -it <PODNAME> -- \
    redli -h $TFE_REDIS_HOST -a $TFE_REDIS_PASSWORD

To validate a connection using the SSL port 6380, run the following command.

$ kubectl exec -n terraform-enterprise -it <PODNAME> -- \
    redli --tls -h <DNS_NAME>.redis.cache.windows.net -p 6380 -a $TFE_REDIS_PASSWORD

Outcome

After applying the correct configuration, the installation of Terraform Enterprise Flexible Deployment Options on Azure completes successfully.

Additional Information

For more details on Redis settings, refer to the Configuration Reference for Redis server.