I have recently added managed identity support to Azure Service Bus and struggling how to properly add the health check. Prior to using managed identity, the health check was working fine, but now I am facing issues. The code to add the health check is the following:
builder.AddAzureServiceBusQueue(
"myservicebus.servicebus.windows.net",
"myqueue",
new DefaultAzureCredential(),
name: $"Azure Service Bus Health Check");
With this code, I am receiving the following error:
Put token failed. status-code: 404, status-description: The messaging entity 'sb://myservicebus.servicebus.windows.net/myqueue/$management' could not be found. To know more visit https://aka.ms/sbResourceMgrExceptions. TrackingId:6bd6fac5-3fbd-4889-a89b-a4854b8299f9_G13, SystemTracker:myservicegus.servicebus.windows.net:myqueue/$management, Timestamp:2022-12-23T02:21:08. (MessagingEntityNotFound). For troubleshooting information, see https://aka.ms/azsdk/net/servicebus/exceptions/troubleshoot.
I am not sure what the $management is all about or why it is needed. I thought perhaps the role associated with managed identity was missing a capability. To test that, I granted the role "Azure Service Bus Data Owner" and "Owner" to the resource, but still receiving the above error.
Also, not sure if it matters, but I am using Rebus to handle the publishing and subscribing of events (with managed identity) and that is working fine.
Any help is appreciated.
Thanks,
Eric
This is not really an answer, but here's some hopefully helpful information for anyone running into a similar issue.
The main mistake I had made was specifiying an incorrect queue name. It seems that when trying to perform the operation that health check is performing, something like:
var receiver = client.CreateReceiver("the_invalid_queue");
_ = await receiver.PeekMessageAsync().ConfigureAwait(false);
And when the queue name specified does not exist, we get the error as described in the question, mentioning the missing entity.
So just need to make sure to specify an existing queue name and all should work OK.
Eric
Related
I want to create Microsoft BotBuilder following this tutorial. But it seems SO complicated compared to v3.(BTW: starting a tutorial with 3 authentications that cover 75% of the article is not a good sign)
So I follow the EchoBot sample (I chose MultiTenant because my server is outside AND it seems the most covered):
const credentialsFactory = new BotBuilder.ConfigurationServiceClientCredentialFactory({
MicrosoftAppId: '***',
MicrosoftAppPassword: '***',
MicrosoftAppType: 'MultiTenant',
});
const botFrameworkAuthentication = BotBuilder.createBotFrameworkAuthenticationFromConfiguration(null, credentialsFactory);
const onTurnErrorHandler = async (context, error) => { /* for errors */ }
const adapter = new BotBuilder.CloudAdapter(botFrameworkAuthentication);
adapter.onTurnError = onTurnErrorHandler;
Questions:
How do I test everything is working ? isValidAppId() and isAuthenticationDisabled() are the only available method and seems OK.
How do I get MicrosoftAppPassword ? According to the documentation I have to click manage, then create a value/secret pair. Should I use value ? or secret ? Why none is named password ? Anyway none works ...
To test if it works, I follow the sample:
setup an HTTP POST Endpoint (with Node-RED)
declare the endpoint in Azure Portal Bot Configuration
go to webchat to test
I correctly receive the Messages then try to do some authentication/parisng (I assume) :
await adapter.process(msg.req, msg.res, (context) => {
/* do some stuff */
});
But it fails with a very explicit error :
Error: 1 validation issue(s)
Issue #0: custom_error at [[root]]
Response
I think, the errors is related to an authentication issue, since I don't understand what/how to set the password. I guess I have to go through this CloudAdapter in order to get a parsed context and be able to send messages.
EDIT 07/05/2022:
I use the AppId from here :
I click "Manage" but where is the AppPassword ?
EDIT 12/05/2022:
Using cURL I manage to validate the appID and appPassword (the value (hidden by stars) of the secret).
BotBuilder is mixing the Communication Stack (HTTP / WebSocket) and the Logic stack (Turn Conversation). I think it's a bad habbit but I manage a workaround:
I use a BotFrameworkAdapter instead of CloudAdpater
I call adapter.processActivity() instead of adapter.process()
The adapter still want to end() the request and set deprecated values but it works in Node-RED. The context handle all the requirement to call sendActivity() anywhere multiple times.
To answer second question in your case, kindly go through the link :https://learn.microsoft.com/en-us/azure/bot-service/bot-service-quickstart-registration?view=azure-bot-service-4.0&tabs=multitenant
To answer the first question in your case, kindly check disabling and enabling the authentication to test the app: https://learn.microsoft.com/en-us/azure/bot-service/bot-service-troubleshoot-authentication-problems?view=azure-bot-service-4.0&tabs=csharp
As far as getting the password goes, when you create a new Multi Tenant Azure Bot resource, the app password goes into the Azure Key Vault created alongside it. The AppId and AppPassword are randomly generated by Azure. You can get them from the key vault in the Azure portal in the correct resource group.
If you want to create a resource manually using the CLI and define your own password, you can use this docs page for deploying a bot. Make sure you select the correct tabs. I have pre-selected C# and Multi Tenant in a new resource group for the above link.
Single Tenant is for limiting your bot's connections to Azure resources within the same tenant, and a User Assigned Managed Identity is if you want to make use of an Azure Managed Identity across the bot's resources instead of having a password for each resource.
You should be able to simply add the AppId and AppPassword to the echo bot sample and deploy it.
I'm getting the below error during validation when trying to deploy an ARM template via private offer (cleansed):
{"code":"MarketplacePurchaseEligibilityFailed","details":[{"code":"BadRequest","message":"Offer with PublisherId: 'PUBLISHER', OfferId: 'OFFER' cannot be purchased due to validation errors. For more information see details. Correlation Id: 'ID' Sku 'SKU' of offer 'OFFER' by publisher 'PUBLISHER' is not available to you for deployment per the policy set by your IT Admin.
I went through powershell and accepted the terms but still having the issue. Microsoft's responses so far are based on the browser. I've tried in Firefox, Chrome, and Edge to no avail. The Azure environment is pretty basic with no specific policies for anything so I'm not sure why it's saying this. Any help would be greatly appreciated.
Thanks!
There could be multiple reasons why you are getting this validation failure.
These are:
Programmatic deployment for the Marketplace is not configured.
Undefined task failed while creating or updating the template deployment.
Offer with PublisherId, and OfferId is not found. Doesn't exist anymore. As example, publisher revoked it.
Marketplace purchase is not enabled.
Unknown payment instrument(s) is unsupported for offer with OfferId, PlanId.
Organization is in deleted state.
etc.
Based on your failure details "is not available to you for deployment per the policy set by your IT Admin.", it seems your subscription is not registered and approved to deploy this specific image.
I'd recommend to do the next steps to resolve the issue:
Go to https://learn.microsoft.com/he-il/marketplace/manage-private-azure-marketplace-powershell#add-an-offer-to-a-private-marketplace
Click on try me button next to Add an Offer the private marketplace.
Login to the relevant tenant.
Use PowerShell and run the commands:
(a) Install-Module -Name Az.Marketplace
(b) Get-AzMarketplacePrivateStore - to get the privateStore Id
(c) use the private store id from step b
`$Params = #{
privateStoreId = 'PrivateStoreId'
offerId = 'paloaltonetworks.vmseries-flex'
SpecificPlanIdsLimitation = #('byol')
}
Set-AzMarketplacePrivateStoreOffer #Params`
I look forward to your response. Please let me know if you have any questions.
I trying to pull messages from azure service bus queue using Go.Queue topic name,subscription name,service name and shared access key value are the credentials.I'm not getting proper sample code for this.Please help me!!
The Go Cloud Development Kit Pub/Sub API is still a work in progress (it's one of our newer APIs). As of 2019-01-30, there is a pull request out for review that adds support, so stay tuned!
from azure.servicebus.control_client
import ServiceBusService
bus_service=ServiceBusService(service_namespace='<namespace>',
shared_access_key_name='<key_name>',
shared_access_key_value='<acess_key>')
topic_name = "<topic_name>"
subscription_name = "<subscription_name>"
message = bus_service.receive_subscription_message(topic_name,
subscription_name, peek_lock=True)
I am facing an issue with following Azure API.
GET https://management.azure.com/{resourceUri}/providers/microsoft.insights/metricDefinitions?api-version=2018-01-01
I am trying to access the above API using my Subscription ID in place of resourceUri. But it is throwing the below error:
{
"error": {
"code": "MissingSubscription",
"message": "The request did not have a provided subscription. All requests must have an associated subscription Id."
}
}
I have checked in Azure Portal, everything seems fine. The Subscription ID is correct one. The user account have owner permissions. Still getting the error. Not sure of the reason.
Can someone help me out with the most common and basic reasons of this error and steps to resolve this one. Already I have spent couple of hours debugging this one, but no luck.
I have reproduced your issue, the resourceUri should be the Resource ID instead of the Subscription ID.
Use Subscription ID :
Use Resource ID(in my sample, I use a web app resource id, you could find it in the portal-> your web app -> Properties):
I am creating a LUIS app using the LUIS programmatic API. After the app is successfully created and trained, I want to assign an API key to the app using this endpoint:
PUT /luis/api/v2.0/apps/{appId}/versions/{versionId}/assignedkey
Both my programmatic API key (obtained from luis.ai) and the normal API key (the one I am trying to assign, obtained from Azure Portal) are registered to the same email address.
However, when I am trying to send a request to the above endpoint, it fails with this error:
{
"error": {
"code": "BadArgument",
"message": "Cannot find the specified subscription"
}
}
I'm out of ideas for what I might be doing wrong, because exactly the same logic already worked before.
Is there some kind of way to "assign" an Azure subscription to my LUIS account?
Update:
I didn't find an answer to my question, but I found a workaround. Calling PUT /luis/api/v2.0/apps/{appId}/settings will set the application to "public", which means you can use any subscription key with it. See docs.
It seems that this endpoint is now deprecated because I get the following:
{
"error": {
"code": "DeprecatedException",
"message": "To assign a subscription key to an app, please go to the LUIS website at https://www.luis.ai and assign it from the app publish page."
}
}
In the luis page I see this:
The endpoint PUT /luis/api/v2.0/apps/{appId}/versions/{versionId}/assignedkey and /luis/api/v2.0/subscriptions are indeed deprecated. I contacted to LUIS support and they answered:
We are shifting the key management experience to happen only through the portal. Users no longer need to copy and paste keys, we offer a well-integrated experience that lists all the Azure keys inside our portal, key management details here.