Provider doesn't detect when the tenant domain has been deleted from RSC.

[DamaniN]

Expected Behavior

Using the Azure CNP integration, an update of polaris_azure_service_principal should detect if the Azure AD tenant still exists in RSC.

Current Behavior

I destroyed a Terraform script that removed the polaris_azure_subscription resource. This resource was linked to the last subscription in the tenant. This action also causes RSC to delete the last tenant. I then went to add the subscription back again by running a plan on the same resource. This resulted in the following error:

│ Error: failed to add subscription: failed to request addAzureCloudAccountWithoutOauth: graphql response body is an error (status code 200): NOT_FOUND: Failed to get service principal in the tenant. Azure may take some time to sync service principal. Please try after a minute (Azure error: [Unknown] Unknown service error) (code: 404, traceId: FWaZk7YsxjaRDF5NlWWsAw==)
│ 
│   with polaris_azure_subscription.polaris,
│   on main.tf line 84, in resource "polaris_azure_subscription" "polaris":
│   84: resource "polaris_azure_subscription" "polaris" {

I looked in RSC and noticed that the tenant domain was not there anymore. I then re-ran my TF script that creates the tenant domain in RSC via the polaris_azure_service_principal resource. Re-running the existing TF configuration resulted in the following message:

polaris_azure_service_principal.polaris: Refreshing state... [id=907a1235-8fb2-4670-943d-c478af52734f]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

This action should have resulted in TF finding that the tenant domain no longer existed and therefore putting it back. I was able to prove/workaround this by tainting the polaris_azure_service_principal.polaris resource and re-running the apply operation.

Failure Information (for bugs)

See text above

Steps to Reproduce

1. Create an SP for a new Azure tenant domain with the polaris_azure_service_principal resource.
2. Add a subscription to the tenant domain with the polaris_azure_subscription resource.
3. Delete the subscription from RSC by destroying the polaris_azure_subscription resource, but do not destroy the polaris_azure_service_principal resource.
4. Try to add the subscription back again by re-creating the same polaris_azure_subscription resource.

Context

• Version of project = v0.8.0-beta.3
• Version of dependencies = N/A
• Version of operating system = N/A

Failure Logs

See above.

[johan3141592]

This could be solved using the azureCloudAccountTenant GraphQL endpoint. We should probably add Tenant as a concept to the Go SDK, to be used in the TF provider.

[johan3141592]

To fix this issue we need improvements to the GraphQL API. The issue has been raised with the engineering team.