2021-01-04T11:03:16.0647360Z ##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2021-01-04T11:03:16.0659882Z ##[error]Details:
2021-01-04T11:03:16.0662124Z ##[error]InternalServerError: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 78006c94-253a-4b3f-8407-0d7690a7ca5d
2021-01-04T11:03:16.0663958Z ##[error]InternalServerError: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 78006c94-253a-4b3f-8407-0d7690a7ca5d
2021-01-04T11:03:16.0665674Z ##[error]InternalServerError: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 78006c94-253a-4b3f-8407-0d7690a7ca5d
2021-01-04T11:03:16.0667350Z ##[error]InternalServerError: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 78006c94-253a-4b3f-8407-0d7690a7ca5d
2021-01-04T11:03:16.0669314Z ##[error]InternalServerError: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 78006c94-253a-4b3f-8407-0d7690a7ca5d
2021-01-04T11:03:16.0671142Z ##[error]Check out the troubleshooting guide to see if your issue is addressed: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
2021-01-04T11:03:16.0672521Z ##[error]Task failed while creating or updating the template deployment.
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"current_environment": {
"type": "string"
},
"instanceNo": {
"type": "string"
},
"current_app_name": {
"type": "string"
},
"current_app_name_short": {
"type": "string",
"defaultValue":"66"
// "maxLength": 4
},
"functionName": {
"type": "array",
"defaultValue": [
"searchindex",
"delta",
"product",
"catalog",
"category"
]
},
"vnetName": {
"type": "string",
"defaultValue":"networking-001"
},
"existingVirtualNetworkResourceGroup": {
"type": "string",
"defaultValue": "rg-networking-001"
}
},
"functions": [],
"variables": {
"commonprefix": "[concat(parameters('current_app_name'),'-',parameters('current_environment'),'-',parameters('instanceNo'))]",
"commonprefix1":"[concat(parameters('current_app_name_short'),parameters('current_environment'),parameters('instanceNo'))]"
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "[concat('plan-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix'))]",
"type": "Microsoft.Web/serverfarms",
"location": "[resourceGroup().location]",
"kind": "linux",
"dependsOn": [],
"properties": {
"name": "[concat('plan-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix'))]",
"workerSize": "3",
"workerSizeId": "3",
"numberOfWorkers": "1",
"reserved": true
},
"sku": {
"Tier": "PremiumV2",
"Name": "P1v2"
},
"copy": {
"name": "appplancopy",
"count": "[length(parameters('functionName'))]"
}
},
{
"type": "microsoft.insights/components",
"apiVersion": "2018-05-01-preview",
"name": "[concat('appi-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix'))]",
"kind": "web",
"location": "[resourceGroup().location]",
"dependsOn": [],
"properties": {
"Application_Type": "web",
"RetentionInDays": 90,
"publicNetworkAccessForIngestion": "enabled",
"publicNetworkAccessForQuery": "enabled"
},
"copy": {
"name": "componentcopy",
"count": "[length(parameters('functionName'))]"
}
},
{
"apiVersion": "2019-06-01",
"type": "Microsoft.Storage/storageAccounts",
"name": "[concat('st',parameters('functionName')[copyIndex('')],variables('commonprefix1'))]",
"location": "[resourceGroup().location]",
"kind": "Storage",
"sku": {
"name": "Standard_LRS"
},
"properties": {
"supportsHttpsTrafficOnly": true
},
"copy": {
"name": "storagecopy",
"count": "[length(parameters('functionName'))]"
}
},
{
"apiVersion": "2018-11-01",
"name": "[concat('func-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix'))]",
"type": "Microsoft.Web/sites",
"kind": "functionapp,linux",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('microsoft.insights/components', concat('appi-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]",
"[resourceId('Microsoft.Web/serverfarms', concat('plan-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]",
"[resourceId('Microsoft.Storage/storageAccounts', concat('st',parameters('functionName')[copyIndex('')],variables('commonprefix1')))]"
],
"properties": {
"name": "[concat('func-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix'))]",
"clientAffinityEnabled": false,
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', concat('plan-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]"
},
"resources": [
{
"type": "networkConfig",
"apiVersion": "2019-08-01",
"name": "virtualNetwork",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', concat('func-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]"
],
"properties": {
"subnetResourceId": "[resourceId(parameters('existingVirtualNetworkResourceGroup'),'Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'),concat('subnet-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]"
}
}
],
"copy": {
"name": "apppservicecopy",
"count": "[length(parameters('functionName'))]"
}
}
],
"outputs": {}}
According to the doc, we could see multiple reasons for this type of error:
The resource type you're trying to deploy isn't yet available in that region.
Downtime of either the service you're deploying to in the region you're deploying to.
Downtime of Azure DevOps itself.
You could switch the region and then try it again.
In addition, We could create ARM templates by using the Azure portal and then deploy azure function app via the template.
I can reproduce the same issue with your template. Please note that there is no networkConfig type and subnetResourceId properties in the template-Microsoft.Web sites/virtualNetworkConnections 2019-08-01, you could change the type to virtualNetworkConnections and properties to vnetResourceId like this:
{
"type": "virtualNetworkConnections",
"apiVersion": "2019-08-01",
"name": "virtualNetwork",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', concat('func-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]"
],
"properties": {
"vnetResourceId": "[resourceId(parameters('existingVirtualNetworkResourceGroup'),'Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'),concat('subnet-',parameters('functionName')[copyIndex('')],'-',variables('commonprefix')))]"
}
}
Related
Background
I am trying to create an AD app registration for my function app to use for authentication.
I would like it to be for just our tenant, using Azure AD. The app is function app made up of a few endpoints
When I deploy the ARM template below, I don't get any errors, but in poking around and comparing it with what happens when I create authentication manually for my app, i see the following problems:
the application registration is created but there's no Application ID URI specified. When I create this manually via the portal I believe it's auto filled with a value "api://[applicationClientId]"
there are no scopes defined. again, when i create an authentication policy for my app manually via the portal, it does create a user_impersonation scope for me.
When i open up the function app in the portal, under "authentication" this new app registration hasn't been associated with it / or added.
Code
Here's what the ARM template looks like:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"functionAppName": {
"type": "string",
"defaultValue": "[concat('widgets-', uniqueString(resourceGroup().id),'-app')]",
"minLength": 2,
"metadata": {
"description": "my function app"
}
},
"storageAccountName": {
"type": "string",
"defaultValue": "[concat('widgets', uniqueString(resourceGroup().id))]",
"minLength": 2,
"metadata": {
"description": "StorageAccount"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"serviceBusNamespaceName": {
"type": "string",
"defaultValue": "[concat('widgets-', uniqueString(resourceGroup().id),'-bus')]",
"metadata": {
"description": "Name of the Service Bus namespace"
}
},
"serviceBusQueueName": {
"type": "string",
"defaultValue": "workspaces",
"metadata": {
"description": "Name of the Queue"
}
},
"queueAuthorizationRuleName": {
"type": "string",
"defaultValue": "myRule",
"metadata": {
"description": "Name of the Queue AuthorizationRule"
}
},
"aadAppClientId": {
"type": "string"
},
"tenant": {
"type": "string"
}
},
"variables": {
"appServicePlanPortalName": "[concat(parameters('functionAppName'),'servicePlan')]",
"appInsightsName": "[concat(parameters('functionAppName'),'-insights')]",
"identityName": "[concat(parameters('functionAppName'),'-userId')]",
"clientSecret": ""
},
"resources": [
{
"name": "[variables('identityName')]",
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"apiVersion": "2018-11-30",
"location": "[parameters('location')]"
},
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('storageAccountName')]",
"apiVersion": "2019-06-01",
"location": "[parameters('location')]",
"kind": "StorageV2",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
}
},
{
"type": "Microsoft.Storage/storageAccounts/queueServices",
"apiVersion": "2020-08-01-preview",
"name": "[concat(parameters('storageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
],
"properties": {
"cors": {
"corsRules": []
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2020-08-01-preview",
"name": "[concat(parameters('storageAccountName'), '/default/workspaces')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/queueServices', parameters('storageAccountName'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
],
"properties": {
"metadata": {}
}
},
{
"type": "Microsoft.Storage/storageAccounts/tableServices/tables",
"apiVersion": "2021-06-01",
"name": "[concat(parameters('storageAccountName'), '/default/provisionedWorkspaces')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
],
"properties": {
"partitionName": "workspaces"
}
},
{
"type": "Microsoft.ServiceBus/namespaces",
"apiVersion": "2017-04-01",
"name": "[parameters('serviceBusNamespaceName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard"
},
"properties": {}
},
{
"type": "Microsoft.ServiceBus/namespaces/queues",
"apiVersion": "2017-04-01",
"name": "[format('{0}/{1}', parameters('serviceBusNamespaceName'), parameters('serviceBusQueueName'))]",
"properties": {
"lockDuration": "PT5M",
"maxSizeInMegabytes": 1024,
"requiresDuplicateDetection": false,
"requiresSession": false,
"defaultMessageTimeToLive": "P10675199DT2H48M5.4775807S",
"deadLetteringOnMessageExpiration": false,
"duplicateDetectionHistoryTimeWindow": "PT10M",
"maxDeliveryCount": 10,
"autoDeleteOnIdle": "P10675199DT2H48M5.4775807S",
"enablePartitioning": false,
"enableExpress": false
},
"resources": [
{
"apiVersion": "2017-04-01",
"name": "[parameters('queueAuthorizationRuleName')]",
"type": "AuthorizationRules",
"dependsOn": ["[parameters('serviceBusQueueName')]"],
"properties": {
"rights": ["Listen", "Send", "Manage"]
}
}
],
"dependsOn": [
"[resourceId('Microsoft.ServiceBus/namespaces', parameters('serviceBusNamespaceName'))]"
]
},
{
"apiVersion": "2015-05-01",
"name": "[variables('appInsightsName')]",
"type": "Microsoft.Insights/components",
"kind": "web",
"location": "[parameters('location')]",
"tags": {
"[concat('hidden-link:', resourceGroup().id, '/providers/Microsoft.Web/sites/', parameters('functionAppName'))]": "Resource"
},
"properties": {
"Application_Type": "web",
"ApplicationId": "[variables('appInsightsName')]"
}
},
{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2020-06-01",
"name": "[variables('appServicePlanPortalName')]",
"location": "[parameters('location')]",
"sku": {
"tier": "Standard",
"name": "S1"
},
"kind": "functionapp,linux",
"properties": {
"name": "[variables('appServicePlanPortalName')]",
"reserved": true
}
},
{
"type": "Microsoft.Web/sites",
"apiVersion": "2020-06-01",
"name": "[parameters('functionAppName')]",
"location": "[parameters('location')]",
"kind": "functionapp,linux",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('identityName'))]": {}
}
},
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanPortalName'))]",
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('identityName'))]"
],
"properties": {
"reserved": true,
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanPortalName'))]",
"siteConfig": {
"linuxFxVersion": "DOTNETCORE|6.0",
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId('Microsoft.Insights/components', variables('appInsightsName')), '2015-05-01').InstrumentationKey]"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('storageAccountName'), ';EndpointSuffix=', environment().suffixes.storage, ';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2019-06-01').keys[0].value)]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~4"
},
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "dotnet"
}
],
"resources": [
{
"type": "config",
"apiVersion": "2020-12-01",
"name": "authsettingsV2",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Web/sites/', parameters('functionAppName'))]"
],
"properties": {
"platform": {
"enabled": true,
"runtimeVersion": "~1"
},
"identityProviders": {
"azureActiveDirectory": {
"isAutoProvisioned": false,
"registration": {
"clientId": "[parameters('aadAppClientId')]",
"clientSecret": "[variables('clientSecret')]",
"openIdIssuer": "[concat('https://sts.windows.net/', parameters('tenant'), '/v2.0')]"
},
"validation": {
"allowedAudiences": [
"https://management.core.windows.net/"
]
}
}
}
},
"login": {
"routes": {},
"tokenStore": {
"enabled": true,
"tokenRefreshExtensionHours": 72,
"fileSystem": {},
"azureBlobStorage": {}
},
"preserveUrlFragmentsForLogins": false,
"allowedExternalRedirectUrls": [],
"cookieExpiration": {
"convention": "FixedTime",
"timeToExpiration": "08:00:00"
},
"nonce": {
"validateNonce": true,
"nonceExpirationInterval": "00:05:00"
}
},
"globalValidation": {
"redirectToProvider": "azureactivedirectory",
"unauthenticatedClientAction": "RedirectToLoginPage"
},
"httpSettings": {
"requireHttps": true,
"routes": {
"apiPrefix": "/.auth"
},
"forwardProxy": {
"convention": "NoProxy"
}
}
}
]
}
}
}
]
}
Two comments in case they help / are relevant:
client secret - As you can see I have a variable defined, but its blank. I'm not supplying a client secret value because I was assuming it would auto create for me. But maybe I shouldn't include that parameter at all?
Also, I'm using a linux container for the web app.
Any tips on how to fix these issues would be appreciated.
EDIT 1
I manually created and added an authencation policy and then I've been using resources.azure.com to see what's been created for me. I have two relevant sections under config.
One is called authsettings and looks like this:
And the other is under authsettingsV2 and looks like this:
I'm trying to use the authsettingsV2 for now... but it's not clear where I should paste it into in the ARM template.
Any suggestions?
EDIT 2
Added all the authsettingsv2 stuff under the site resource. No errors. but still the same results.
Found out that I can use the Az Powershell commandlets:
New-AzADApplication
New-AzADAppCredential
Why doesn't app insights turn on automatically after the release?
After executing the automated release, I'm getting this when navigating to app insights in the portal:
Here's how I've defined this in my ARM template:
{
"type": "microsoft.insights/components",
"kind": "web",
"name": "[parameters('webAppName')]",
"apiVersion": "2015-05-01",
"location": "[parameters('location')]",
"tags": {
"[concat('hidden-link:', resourceGroup().id, '/providers/Microsoft.Web/sites/', parameters('webAppName'))]": "Resource",
"displayName": "[parameters('webAppName')]"
},
"properties": {
"Application_Type": "web"
},
"dependsOn": []
}
What am I doing wrong? Why isn't app insights automatically turned on?
Please note that I've added the following appsettings:
In order for the Azure Portal to show an active integration with Application Insights, you need to set two app settings. The reason is that you also need to configure the Application Insights Agent Extension.
Note that setting the InstrumentationKey(deprecated) or connection string might be enough for your application to send telemetry to ApplicationInsights, e.g. if you are using ASP.NET Core and the corresponding Nuget package. But you will need both settings for the portal to show the active integration.
{
"resources": [
{
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"properties": {
"siteConfig": {
"appSettings": [
{
"name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
"value": "[reference('microsoft.insights/components/AppMonitoredSite', '2015-05-01').ConnectionString]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
}
]
},
"name": "[parameters('name')]",
"serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', parameters('serverFarmResourceGroup'), '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"hostingEnvironment": "[parameters('hostingEnvironment')]"
},
"dependsOn": [
"[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"microsoft.insights/components/AppMonitoredSite"
],
"apiVersion": "2016-03-01",
"location": "[parameters('location')]"
},
{
"apiVersion": "2016-09-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[parameters('location')]",
"properties": {
"name": "[parameters('hostingPlanName')]",
"workerSizeId": "[parameters('workerSize')]",
"numberOfWorkers": "1",
"hostingEnvironment": "[parameters('hostingEnvironment')]"
},
"sku": {
"Tier": "[parameters('sku')]",
"Name": "[parameters('skuCode')]"
}
},
{
"apiVersion": "2015-05-01",
"name": "AppMonitoredSite",
"type": "microsoft.insights/components",
"location": "West US 2",
"properties": {
"ApplicationId": "[parameters('name')]",
"Request_Source": "IbizaWebAppExtensionCreate"
}
}
],
"parameters": {
"name": {
"type": "string"
},
"hostingPlanName": {
"type": "string"
},
"hostingEnvironment": {
"type": "string"
},
"location": {
"type": "string"
},
"sku": {
"type": "string"
},
"skuCode": {
"type": "string"
},
"workerSize": {
"type": "string"
},
"serverFarmResourceGroup": {
"type": "string"
},
"subscriptionId": {
"type": "string"
}
},
"$schema": "https://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0"
}
See also my other answer on this: Azure Cli How to enable Application Insights for webapp
Edit: updated based on the new information in the answer by BearOakheart.
The accepted answer is outdated. It's not recommended to use APPINSIGHTS_INSTRUMENTATIONKEY with APPLICATIONINSIGHTS_CONNECTION_STRING. Whichever is provided last wins.
Using instrumentation key is deprecated, we should transition to using APPLICATIONINSIGHTS_CONNECTION_STRING instead.
Otherwise provided answer holds true. More info here:
https://learn.microsoft.com/en-us/azure/azure-monitor/app/migrate-from-instrumentation-keys-to-connection-strings
I'm trying to get the primaryConnectionStrings from an aRM template that creates multiple notification hubs
But I get this error
Error: Code=InvalidTemplate; Message=Deployment template validation failed: 'The template output 'connectionStrings' at line '291' and column '30' is not valid: The
template function 'copyIndex' is not expected at this location. The function can only be used in a resource with copy specified. Please see https://aka.ms/arm-copy for usage details.. Please see
https://aka.ms/arm-template-expressions for usage details.'.
I am clearly missing what this actually means as I've tried various incarnations of the template all of which have a copy for the resource.
I've tried this with a nested template (apologies if i've mangled the template, just removed some extraneous items):
"resources": [
{
"type": "Microsoft.NotificationHubs/namespaces",
"apiVersion": "2017-04-01",
"name": "[parameters('notificationHubName')]",
"location": "[resourceGroup().location]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Namespace"
},
"sku": {
"name": "[parameters('notificationHubSku')]"
},
"kind": "NotificationHub",
"properties": {
"namespaceType": "NotificationHub"
}
},
{
"type": "Microsoft.NotificationHubs/namespaces/AuthorizationRules",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/RootManageSharedAccessKey')]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Namespace Auth Rules"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"rights": [
"Listen",
"Manage",
"Send"
]
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2018-05-01",
"name": "[concat('nestedTemplate', copyIndex('notificationHubEntities'))]",
"copy": {
"name": "notificationHubEntities",
"count": "[length(parameters('notificationHubEntities'))]"
},
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/', parameters('notificationHubEntities')[copyIndex('notificationHubEntities')])]",
"location": "[resourceGroup().location]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hubs"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"authorizationRules": []
}
},
{
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs/authorizationRules",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/',parameters('notificationHubEntities')[copyIndex('notificationHubEntities')],'/DefaultFullSharedAccessSignature')]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Auth Rules"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces/notificationHubs',parameters('notificationHubName'), parameters('notificationHubEntities')[copyIndex('notificationHubEntities')])]",
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"rights": [
"Listen",
"Manage",
"Send"
]
}
},
],
"outputs" : {
"connectionString" : {
"type" : "object",
"value": "[listKeys(resourceId('Microsoft.NotificationHubs/namespaces/NotificationHubs/AuthorizationRules',parameters('notificationHubName'), parameters('notificationHubEntities')[copyIndex('notificationHubEntities')], 'DefaultFullSharedAccessSignature'),'2016-03-01').primaryConnectionString]"
}
}
}
}
}
],
"outputs": {
"connectionStrings" :
{
"type": "array",
"value": "[reference(concat('nestedTemplate', copyIndex('notificationHubEntities'))).outputs.connectionString.value]"
}
}
}
I've also tried with this:
"resources": [
{
"type": "Microsoft.NotificationHubs/namespaces",
"apiVersion": "2017-04-01",
"name": "[parameters('notificationHubName')]",
"location": "[resourceGroup().location]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Namespace"
},
"sku": {
"name": "[parameters('notificationHubSku')]"
},
"kind": "NotificationHub",
"properties": {
"namespaceType": "NotificationHub"
}
},
{
"type": "Microsoft.NotificationHubs/namespaces/AuthorizationRules",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/RootManageSharedAccessKey')]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Namespace Auth Rules"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"rights": [
"Listen",
"Manage",
"Send"
]
}
},
{
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/', parameters('notificationHubEntities')[copyIndex()])]",
"location": "[resourceGroup().location]",
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hubs"
},
"copy": {
"name": "addNotificationHub",
"count": "[length(parameters('notificationHubEntities'))]"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"authorizationRules": []
}
},
{
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs/authorizationRules",
"apiVersion": "2017-04-01",
"name": "[concat(parameters('notificationHubName'), '/',parameters('notificationHubEntities')[copyIndex()],'/DefaultFullSharedAccessSignature')]",
"copy": {
"name": "addNotificationHub",
"count": "[length(parameters('notificationHubEntities'))]"
},
"tags": {
"Environment": "[parameters('environment')]",
"DisplayName": "Notification Hub Auth Rules"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces/notificationHubs',parameters('notificationHubName'), parameters('notificationHubEntities')[copyIndex()])]",
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('notificationHubName'))]"
],
"properties": {
"rights": [
"Listen",
"Manage",
"Send"
]
}
}
],
"outputs": {
"connectionStrings" :
{
"type": "array",
"value": "[listKeys(resourceId('Microsoft.NotificationHubs/namespaces/NotificationHubs/AuthorizationRules',parameters('notificationHubName'), parameters('notificationHubEntities')[copyIndex()], 'DefaultFullSharedAccessSignature'),'2016-03-01').primaryConnectionString]"
}
}
I've tried using object instead of array but to no avail, so I'm a bit confused, any help would be appreciated as the error message seems misleading to me or I'm just not interpreting it correctly.
To accomplish requirement of creating multiple notification hubs and it's authorization rules, you can use below ARM template.
Template Parameter File (notificationhub.parameters.json):
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"namespaceName": {
"value": "mm-namespace"
},
"notificationhubNamePrefix": {
"value": "mm-notificationhub"
},
"notificationhubAuthorizationruleNamePrefix": {
"value": "mm-notificationhubAuthorizationrule"
}
}
}
Template File (notificationhub.json):
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"namespaceName": {
"type": "string",
"defaultValue": "mm-namespace",
"metadata": {
"description": "namespaceName sample description"
}
},
"notificationhubNamePrefix": {
"type": "string",
"defaultValue": "mm-notificationhub",
"metadata": {
"description": "notificationhubName sample description"
}
},
"notificationhubAuthorizationruleNamePrefix": {
"type": "string",
"defaultValue": "mm-notificationhubAuthorizationrule",
"metadata": {
"description": "notificationhubAuthorizationruleName sample description"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "The location in which the resources should be deployed."
}
},
"notificationhubNameSuffix": {
"type": "array",
"defaultValue": [
"00",
"01",
"02"
]
},
"notificationhubAuthorizationruleNameSuffix": {
"type": "array",
"defaultValue": [
"00",
"01",
"02"
]
}
},
"variables": {},
"resources": [
{
"name": "[parameters('namespaceName')]",
"type": "Microsoft.NotificationHubs/namespaces",
"apiVersion": "2017-04-01",
"location": "[parameters('location')]",
"tags": {},
"sku": {
"name": "Free"
},
"properties": {
"namespaceType": "NotificationHub"
}
},
{
"name": "[concat(parameters('namespaceName'), '/', parameters('notificationhubNamePrefix'), parameters('notificationhubNameSuffix')[copyIndex()])]",
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs",
"apiVersion": "2017-04-01",
"location": "[parameters('location')]",
"sku": {
"name": "Free"
},
"copy": {
"name": "notificationhubscopy",
"count": "[length(parameters('notificationhubNameSuffix'))]"
},
"dependsOn": [
"[resourceId('Microsoft.NotificationHubs/namespaces', parameters('namespaceName'))]"
]
},
{
"name": "[concat(parameters('namespaceName'), '/', parameters('notificationhubNamePrefix'), parameters('notificationhubNameSuffix')[copyIndex()], '/', parameters('notificationhubAuthorizationruleNamePrefix'), parameters('notificationhubAuthorizationruleNameSuffix')[copyIndex()])]",
"type": "Microsoft.NotificationHubs/namespaces/notificationHubs/AuthorizationRules",
"apiVersion": "2017-04-01",
"properties": {
"rights": [
"Listen",
"Manage",
"Send"
]
},
"copy": {
"name": "notificationhubsauthroizationrulescopy",
"count": "[length(parameters('notificationhubAuthorizationruleNameSuffix'))]"
},
"dependsOn": [
"notificationhubscopy"
]
}
]
}
Deployment:
AFAIK, to accomplish requirement of getting output (in this case primaryConnectionStrings of multiple notification hubs' authorization rules) from ARM template is currently an unsupported feature. I already see related feature requests / feedback here and here. I would recommend you to up-vote these feature requests / feedback or create a new feature request / feedback explaining your use case and requirement. Azure feature team would consider and work on the feature request / feedback based on the votes, visibility and priority on it.
Azure document references:
ARM template reference for NotificationHubs
Resolve Invalid Template errors
Create multiple instances of a resource using copy and copyIndex
ARM template functions like list (ListKeys)
ARM template structure
Defining order for deploying resources in ARM templates
Hope this helps!! Cheers!!
You can't use a copy loop in outputs today - listing the keys is fine, but you have to know how many you need at design time and hardcode each output. We're working on a fix for that but not there yet.
You could emulate this by using your second option - deploying in a nested deployment and outputting each key in it's own deployment, but then you have to iterate through all the deployments to get all the outputs.
I am trying to deploy Azure Function with ARM template , but I am not able to create the function itself. Is it possible to create the actual function using ARM template?
I have zipped the source code for the function and placed it in a public location, I have added the MSBuild section to the template and although the deployment finished successfully - the App function was created but not the function itself
here is the template
{
"parameters": {
"name": {
"type": "string"
},
"storageName": {
"type": "string"
},
"location": {
"type": "string"
},
"subscriptionId": {
"type": "string"
},
"storage_account_endpoint": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2016-03-01",
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"properties": {
"name": "[parameters('name')]",
"siteConfig": {
"appSettings": [
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "node"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageName')), '2015-05-01-preview').key1)]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageName')), '2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[concat(toLower(parameters('name')), 'bd58')]"
},
{
"name": "WEBSITE_NODE_DEFAULT_VERSION",
"value": "8.11.1"
},
{
"name": "storage_account_connection",
"value": "[parameters('storage_account_endpoint')]"
}
]
},
"clientAffinityEnabled": false,
"reserved": false
},
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageName'))]"
],
"resources": [
{
"name": "MSDeploy",
"type": "Extensions",
"apiVersion": "2015-02-01",
"dependsOn": [
"[resourceId('Microsoft.Web/Sites', parameters('name'))]"
],
"properties": {
"packageUri": "<URL to zip>"
}
}
],
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"kind": "functionapp"
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('storageName')]",
"location": "[parameters('location')]",
"properties": {
"accountType": "Standard_LRS"
}
}
],
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0"
}
In short No - ARM can only create the infrastructure for you but not deploy the code (**see comment).
But as always there is a way. A while back MS release a new feature 'Run from ZIP' on web apps (including Function Apps). All you need is the actual project (code published as ZIP) to be in a location where the function app can access it.
We use VSTS (Azure Dev Ops) for CI/CD. So we build the solution add the ZIP to the artifact. Then in the Release we copy the ZIP to blob storage, create a SAS Token and pass the location of the blob Container with the SAS Token to ARM. In the ARM template we build the connection string to the ZIP, using input parameter. As soon as ARM is done then the Function is up and running.
Eg.
{
"parameters": {
"name": {
"type": "string"
},
"storageName": {
"type": "string"
},
"location": {
"type": "string"
},
"subscriptionId": {
"type": "string"
},
"storage_account_endpoint": {
"type": "string"
},
"artifactsUri": {
"type": "string"
},
"artifactsBlobContainer": {
"type": "string"
},
"artifactsLocationSasToken": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2016-03-01",
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"properties": {
"name": "[parameters('name')]",
"siteConfig": {
"appSettings": [
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "node"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageName')), '2015-05-01-preview').key1)]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=',parameters('storageName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageName')), '2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[concat(toLower(parameters('name')), 'bd58')]"
},
{
"name": "WEBSITE_NODE_DEFAULT_VERSION",
"value": "8.11.1"
},
{
"name": "storage_account_connection",
"value": "[parameters('storage_account_endpoint')]"
},
{
"name": "WEBSITE_RUN_FROM_ZIP",
"value": "[concat(parameters('artifactsUri'), '/', parameters('artifactsBlobContainer'),'/','blahbla.FA.zip',parameters('artifactsLocationSasToken'))]"
}
]
},
"clientAffinityEnabled": false,
"reserved": false
},
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageName'))]"
],
"resources": [
{
"name": "MSDeploy",
"type": "Extensions",
"apiVersion": "2015-02-01",
"dependsOn": [
"[resourceId('Microsoft.Web/Sites', parameters('name'))]"
],
"properties": {
"packageUri": "<URL to zip>"
}
}
],
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"kind": "functionapp"
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('storageName')]",
"location": "[parameters('location')]",
"properties": {
"accountType": "Standard_LRS"
}
}
],
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0"
}
'Run from ZIP' is achieved with the 'WEBSITE_RUN_FROM_ZIP' app setting.
Hope this helps
I just use this FunctionWebDeploy.json template. I download the app content(zip file)from the existing function app and upload it to the public address. Finally I can deploy function app including code.
Go to Azure portal portal.azure.com, and create a new Azure Function.
2.Go to Resource Group.
3.Go to Export template.
4.You will see something like this.
This is the ARM Template for all resources/componets.
They used this resource in the previous template but this is no longer available:
{
"apiVersion": "2015-04-01",
"name": "[parameters('siteName')]",
"type": "Microsoft.Web/sites",
"location": "[parameters('siteLocation')]",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]"
],
"properties": {
"serverFarmId": "[parameters('hostingPlanName')]"
},
"resources": [
{
"apiVersion": "2015-04-01",
"name": "web",
"type": "sourcecontrols",
"dependsOn": [
"[resourceId('Microsoft.Web/Sites', parameters('siteName'))]"
],
"properties": {
"RepoUrl": "[parameters('repoURL')]",
"branch": "[parameters('branch')]",
"IsManualIntegration": true
}
}
]
}
https://github.com/Azure/azure-quickstart-templates/blob/master/201-web-app-github-deploy/azuredeploy.json
Update:
This is what Visual Studio creates with the latest SDK and API.
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"hostingPlanName": {
"type": "string",
"minLength": 1
},
"skuName": {
"type": "string",
"defaultValue": "F1",
"allowedValues": [
"F1",
"D1",
"B1",
"B2",
"B3",
"S1",
"S2",
"S3",
"P1",
"P2",
"P3",
"P4"
],
"metadata": {
"description": "Describes plan's pricing tier and instance size. Check details at https://azure.microsoft.com/en-us/pricing/details/app-service/"
}
},
"skuCapacity": {
"type": "int",
"defaultValue": 1,
"minValue": 1,
"metadata": {
"description": "Describes plan's instance count"
}
}
},
"variables": {
"webSiteName": "[concat('webSite', uniqueString(resourceGroup().id))]"
},
"resources": [
{
"apiVersion": "2015-08-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "HostingPlan"
},
"sku": {
"name": "[parameters('skuName')]",
"capacity": "[parameters('skuCapacity')]"
},
"properties": {
"name": "[parameters('hostingPlanName')]"
}
},
{
"apiVersion": "2015-08-01",
"name": "[variables('webSiteName')]",
"type": "Microsoft.Web/sites",
"location": "[resourceGroup().location]",
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]": "Resource",
"displayName": "Website"
},
"dependsOn": [
"[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]"
],
"properties": {
"name": "[variables('webSiteName')]",
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]"
}
}
]
}
Where should I insert the "sourcecontrols" resource? The schema validation fails.
What you show in the original template will continue to work with the latest 2015-08-01 version. Just add the sourcecontrols node as a child of the Microsoft.Web/sites (i.e. add a "resources" property).
It's possible that the schema validation is not up to date, but it will still work. Nothing has changed for the sourcecontrols node.