'Unauthorized' error creating app service plan - azure

Don't know where exactly it is failing. I'm using VS Code to create the following script and running from there only:
$ResourceGroupName="powershell-grp"
$Location="North Europe"
$AppServicePlanName="PowershellAppService1975"
$WebAppName="PowershellWebApp1975"
Connect-AzAccount
Get-AzSubscription -SubscriptionName "Visual Studio Enterprise" | Select-AzSubscription
New-AzResourceGroup -Name $ResourceGroupName -Location $Location
New-AzAppServicePlan -Name $AppServicePlanName -Location $Location -Tier "B1" -NumberofWorkers 1 -ResourceGroupName $ResourceGroupName
New-AzWebApp -ResourceGroupName $ResourceGroupName -Name $WebAppName -Location $Location -AppServicePlan $AppServicePlanName
And in the powershell console, i get this error:
New-AzAppServicePlan: C:\Temp\AzureCmds\Azure Powershell-WebApp\Script1.ps1:9:1
Line |
9 | New-AzAppServicePlan -Name $AppServicePlanName -Location $Location -T …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Operation returned an invalid status code 'Unauthorized'
New-AzWebApp: C:\Temp\AzureCmds\Azure Powershell-WebApp\Script1.ps1:10:1
Line |
10 | New-AzWebApp -ResourceGroupName $ResourceGroupName -Name $WebAppName …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Operation returned an invalid status code 'Unauthorized'

Used -debug cmdlet option that gave the exact info on the issue.
The resource group location supported 0 instances for the chosen app service plan. Therefore, deployed app service plan and the web app to an altogether different location

Related

How to enable storage account backup for app service / web app using powershell?

$sa=Get-AzStorageaccount -Name $storageAccountName -ResourceGroupName $resourceGroupName
$con=$sa.context
#newconatiner
New-AzStorageContainer -Context $con -Name $containerName -Permission off
#Get-azstoragecontainersastoken -Name $containerName -Context $con
#get uri
$r=New-azstoragecontainersastoken -Context $con -Name $containerName -Permission rwdl -FullUri
#enable storage backup
New-AzWebAppBackup -ResourceGroupName $resourceGroupName -Name $webappname -StorageAccountUrl $r
Edit-azwebappbackupconfiguration -ResourceGroupName $resourceGroupName -Name $webappname -FrequencyInterval $FrequencyInterval -FrequencyUnit $FrequencyUnit -RetentionPeriodInDays $RetentionPeriodInDays -StorageAccountUrl $r
The above lines of code throws an error saying storage access is denied.
Try these commands from the official MS document for Back up a web app using PowerShell
$webappname="mywebapp$(Get-Random -Minimum 100000 -Maximum 999999)"
$storagename="$($webappname)storage"
$container="appbackup"
$location="West Europe"
$backupname="backup1"
# Create a resource group.
New-AzResourceGroup -Name myResourceGroup -Location $location
# Create a storage account.
$storage = New-AzStorageAccount -ResourceGroupName myResourceGroup `
-Name $storagename -SkuName Standard_LRS -Location $location
# Create a storage container.
New-AzStorageContainer -Name $container -Context $storage.Context
# Generates an SAS token for the storage container, valid for one month.
# NOTE: You can use the same SAS token to make backups in Web Apps until -ExpiryTime
$sasUrl = New-AzStorageContainerSASToken -Name $container -Permission rwdl `
-Context $storage.Context -ExpiryTime (Get-Date).AddMonths(1) -FullUri
# Create an App Service plan in Standard tier. Standard tier allows one backup per day.
New-AzAppServicePlan -ResourceGroupName myResourceGroup -Name $webappname `
-Location $location -Tier Standard
# Create a web app.
New-AzWebApp -ResourceGroupName myResourceGroup -Name $webappname `
-Location $location -AppServicePlan $webappname
# Create a one-time backup
New-AzWebAppBackup -ResourceGroupName myResourceGroup -Name $webappname `
-StorageAccountUrl $sasUrl -BackupName $backupname
# List statuses of all backups that are complete or currently executing.
Get-AzWebAppBackupList -ResourceGroupName myResourceGroup -Name $webappname
Source for above PowerShell command is : https://learn.microsoft.com/en-us/azure/app-service/scripts/powershell-backup-onetime

How to reach a script file in a VM from Powershell runbook

I have a script file in a VM that I want to reach from the azure portal in a Powershell runbook but it can't find the file. The file is manually saved in c:\ of the VM.
Code snippet in azure runbook:
IF ($VmAction -eq "Shutdown") {
try
{
Invoke-AzVMRunCommand -ResourceGroupName $ResourceGroupName -VMName $VmName -CommandId 'RunPowerShellScript' -ScriptPath 'C:\\stopservice.ps1' -ErrorVariable result
Stop-AzVM -Name $VmName -ResourceGroupName $ResourceGroupName -Force
}
catch
{
throw "Error: $($_.Exception.Message)"
}
The command "Invoke-AzVMRunCommand -ResourceGroupName $ResourceGroupName -VMName $VmName -CommandId 'RunPowerShellScript' -ScriptPath 'C:\stopservice.ps1' -ErrorVariable result" can be used on powershell on my computer so I think the issue is somewhere in Azure possibly.
script file (c:\stopservice.ps1):
try
{
Stop-Service -Name SSASTELEMETRY
}
catch
{
throw "Error: $($_.Exception.Message)"
}
(ps. the service name is for testing purposes, will stop different service when this works)
Have your Azure Automation runbook something like shown below. It should accomplish your requirement.
$ServicePrincipalConnection = Get-AutomationConnection -Name 'AzureRunAsConnection'
Add-AzAccount -ServicePrincipal -TenantId $ServicePrincipalConnection.TenantId -ApplicationId $ServicePrincipalConnection.ApplicationId -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
$rgname ="rrrrrrrrrrrrrr"
$vmname ="vvvvvvvvvvvvvv"
$ScriptToRun = "c:\test.ps1"
Out-File -InputObject $ScriptToRun -FilePath ScriptToRun.ps1
Invoke-AzVMRunCommand -ResourceGroupName $rgname -Name $vmname -CommandId 'RunPowerShellScript' -ScriptPath ScriptToRun.ps1
Remove-Item -Path ScriptToRun.ps1
Note: Before you run your runbook, make sure you update "rrrrrrrrrrrrrr" with your resource group name and "vvvvvvvvvvvvvv" with your VM name and also make sure you have the PowerShell named test.ps1 in C:\ drive of the VM.

How do I find the network interface ID associated with an Azure VM

I can find the VM by using
$vm = Get-AzureRmVM -ResourceGroupName "MyResource" -Name "MyVM"
But how can I find the network interface associated with this VM?
Once you have your VM in a variable $vm (as shown below)
$vm = Get-AzureRmVM -ResourceGroupName "MyResource" -Name "MyVM"
You can get the NIC by finding the interface that matches the ID from your VM
$nic = Get-AzureRmNetworkInterface
| Where {$_.Id -eq $vm.NetworkProfile.NetworkInterfaces[0].Id}

Change SQL Connectivity in Azure using PowerShell

Is there a way to change/set SQL connectivity to Public(Internet) in a SQL Server azure vm while deploying sql vm or once deployed using powershell?
Part of my provisioning script looks like this. Will updating something in $vmConfig work?
# Create SQL Server
$vmConfig = New-AzureRmVMConfig -VMName $ServerName -VMSize 'Standard_D2_v2' | `
Set-AzureRmVMOperatingSystem -Windows -ComputerName $ServerName -Credential $adminCredentials -ProvisionVMAgent -EnableAutoUpdate | `
Set-AzureRmVMSourceImage -PublisherName "MicrosoftSQLServer" -Offer "SQL2017-WS2016" -Skus "SQLDEV" -Version "latest" | `
Set-AzureRmVMOSDisk -Name $osDiskName -VhdUri $osDiskUri -CreateOption "FromImage" | `
Add-AzureRmVMNetworkInterface -Id $nic.Id
# Add SQL Server VM extension
New-AzureRmVM -VM $vmConfig -ResourceGroupName $ResourceGroupName -Location $Location
Set-AzureRmVMSqlServerExtension -Name "SqlIaasExtension" -Version "1.2" -VMName $ServerName -ResourceGroupName $ResourceGroupName `
-Location $Location
Thank you

Setting a static IP address while using New-AzureQuickVM

I'm currently writing a powershell script that provisions a virtual machine, more testing at the moment. The code at present
New-AzureQuickVM -ImageName $VMImage.ImageName -Windows -Name $VMName -ServiceName $VMName -AdminUsername $adminLogin `
-Password $adminPasswd -AffinityGroup $affinityGrp -InstanceSize $instanceSize -VNetName $virtualNetwork -SubnetNames $virtualSubnet -WaitForBoot
I can't see a parameter on MSDN to set the IP address of the VM. I know you can do it like this:
New-AzureVMConfig -Name $vmname -ImageName $img –InstanceSize Small | Set-AzureSubnet –SubnetNames $sub | Set-AzureStaticVNetIP -IPAddress 192.168.4.7 | New-AzureVM –ServiceName $vmsvc1 –AffinityGroup "NorthEuropeAG";
But it seems neater to use the New-AzureQuickVM. Am I able to just pipe New-AzureQuickVM to Set-AzureStaticVNetIP similar to how New-AzureVMConfig works or is there a better way to do it?
The purpose of the New-AzureQuickVM is to create the VM with absolute minimum number of required fields. Like the Quick Create.
On the Other hand the New-AzureVMConfig give you all options that are necessary to have the StaticIP , as you have mentioned or something like the following.
New-AzureVMConfig -Name "testvm123" -InstanceSize "Small" -ImageName $ImageName |
Add-AzureProvisioningConfig -Windows -AdminUsername $username-Password $password |
Set-AzureSubnet -SubnetNames "Subnetname" |
Set-AzureStaticVNetIP -IPAddress "10.0.0.22" |
New-AzureVM -ServiceName "somevmservicename"
Only way to do it is by setting the IP after VM creation:
Get-AzureVM -ServiceName $VMName -Name $VMName | Set-AzureStaticVNetIP -IPAddress 192.168.4.7 | Update-AzureVM

Resources