Azure ARM Template - SQL Failover Group Error FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - azure

Successfully deployed from ARM template the primary and secondary Azure SQL servers with expected failover groups. Deploying the ARM template on subsequent deployments is returning the following error message:
"error": {
"code": "FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified",
"message": "The create or update failover group request body should not modify the read-only property 'location'."
}
} undefined
We haven't made any changes to the primary or secondary server's location property as indicated in the error message.
Code snippet from the ARM template:
{
"comments": "Azure SQL Server Failover Group",
"condition": "[parameters('isProduction')]",
"type": "Microsoft.Sql/servers/failoverGroups",
"apiVersion": "2015-05-01-preview",
"name": "[concat(variables('sqlServerPrimaryName'), '/', variables('sqlServerFailoverName'))]",
"location": "[parameters('sqlServerPrimaryLocation')]",
"dependsOn": [
"[resourceId('Microsoft.Sql/servers', variables('sqlServerPrimaryName'))]",
"[resourceId('Microsoft.Sql/servers', variables('sqlServerSecondaryName'))]",
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('adminDbName'))]",
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('trxnDbName'))]",
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('dbaDbName'))]"
],
"properties": {
"readWriteEndpoint": {
"failoverPolicy": "Automatic",
"failoverWithDataLossGracePeriodMinutes": 60
},
"readOnlyEndpoint": {
"failoverPolicy": "Disabled"
},
"partnerServers": [
{
"id": "[resourceId('Microsoft.Sql/servers', variables('sqlServerSecondaryName'))]"
}
],
"databases": [
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('adminDbName'))]",
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('trxnDbName'))]",
"[resourceId('Microsoft.Sql/servers/databases', variables('sqlServerPrimaryName'), variables('dbaDbName'))]"
]
}
}

If possible then remove the location from the ARM template, As you have already given the sqlServerPrimaryName in failover group creation name, It takes the location of sqlServerPrimaryName.

As #Leon Yue's comment said:
Once the arm template is deployed, the failover group is created and
exist. As the error said, location is read only. When we deploy it
twice, even if you didn't set the location value, it will still update
it, then cause the error.
You couldn't update location property when you deploy at the second time, and you need to move this property.

Related

Microsoft.ApiManagement/service/diagnostics/loggers in Azure API Manager ARM template

This is how the chunk of the ARM template looks:
{
"type": "Microsoft.ApiManagement/service/diagnostics/loggers",
"apiVersion": "2018-01-01",
"name": "[concat(variables('gatewayName'), '/applicationinsights/', variables('gatewayName'))]",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service/diagnostics', variables('gatewayName'), 'applicationinsights')]",
"[resourceId('Microsoft.ApiManagement/service', variables('gatewayName'))]"
],
"properties": {
"loggerType": "applicationInsights",
"credentials": {
"instrumentationKey": "[reference(resourceId('Microsoft.Insights/components', variables('appInsights')), '2014-04-01').InstrumentationKey]"
},
"isBuffered": true,
"resourceId": "[variables('appInsights')]"
}
},
For two days our ARM template deployment is failing with the error:
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"MethodNotAllowedInPricingTier\",\r\n \"message\": \"Method not allowed in this pricing tier\",\r\n \"details\": null\r\n }\r\n}"}]}}
Although the error states the pricing tier, there were no changes in the template.
Verbatim google search result shows that the resource existed before as the first result item.
The documentation does not mention it anymore in the diagnostics section.
GitHub, though, remembers the resource but mentions different properties within the object:
"service_diagnostics_loggers": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2018-01-01"
]
},
"name": {
"oneOf": [
{
"type": "string",
"pattern": "(^[\\w]+$)|(^[\\w][\\w\\-]+[\\w]$)",
"maxLength": 80
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Logger identifier. Must be unique in the API Management service instance."
},
"type": {
"type": "string",
"enum": [
"Microsoft.ApiManagement/service/diagnostics/loggers"
]
}
},
"required": [
"apiVersion",
"name",
"type"
],
"description": "Microsoft.ApiManagement/service/diagnostics/loggers"
}
It looks like the resource was removed from the ARM template infrastructure silently. What is wrong my analysis?
diagnostics/loggers resource does exist in 2018-01-01 API version: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2018-01-01/apimdiagnostics.json
After that though it was removed and replaced by loggerId property on diagnostic entity itself: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2019-01-01/definitions.json#L1771
We'll check why older API version doesn't seem to work, meanwhile you could try migrating to a newer API version.

Add a default DNS domain name to azure Web app

I am creating an Azure Web app with the name "CustomerX-app-001" the default custom domain that Azure creates after the creation of the Azure web app is : "Customerx-app-001.azurewebsites.net".
Inside my arm template I've tried to change this default hostname to "Customerx-app.azurewebsites.net" by doing these 2 solutions:
Adding the hostnamebinding resource inside the resource block of microsoft.web/sites
"resources": [
{
"type": "hostNameBindings",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('CustomHostname'), '.azurewebsites.net')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('siteName'))]"
],
"properties": {
"siteName": "[parameters('siteName')]"
}
},
**Adding the hostnamebinding resource outside as a new resource block **
{
"type": "Microsoft.Web/sites/hostNameBindings",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('siteName'), '/', parameters('CustomHostname'), '.azurewebsites.net')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('siteName'))]"
],
"properties": {
"siteName": "[parameters('siteName')]",
"hostNameType": "Verified"
}
}
With CustomHostname being: "Customerx-app" and sitename being "Customerx-app-001"
Both solutions gave me the same error:
"Code": "BadRequest",
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1.",
"Target": null,
"Details": [
{
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1."
},
{
"Code": "BadRequest"
},
{
"ErrorEntity": {
"ExtendedCode": "04017",
"MessageTemplate": "Too many ({0}) hostnames in the default DNS zone. Limit is {1}.",
"Parameters": [
"2",
"1"
],
"Code": "BadRequest",
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1."
}
}
I am stuck at this for a while and figuring out why the problem occurs.
I think that the azure web app has 1 default DNS name that you can't change and that is always the name of the web app. If another DNS name needs to be added a new DNS record should be made and this record can be added to the web app. But solution 2 does exactly that with the only difference that the DNS name does not exist.
Is there anyone who can help me out here, or guide me in the right direction ?
You can only use a single *.azurewebsites.net dns name and it is being autogenerated. You can only add dns names on a domain you own (and you'd have to validate it first).

ARM template deployment fails for Azure Function Event Grid Subscription to custom topic

I can successfully deploy a Custom Event Grid Topic and Azure Function app via ARM templates.
After that, in a separate ARM deployment, an Azure Function Event Grid Subscription to this custom topic fails at validation stage with the following error:
The template resource 'Microsoft.EventGrid/topics/EventGridCustomTopicName/providers/Microsoft.EventGrid/eventSubscriptions/EventGridSubscriptionName' cannot reference itself.
'EventGridSubscriptionName' is the same as the name of my function app, if that matters.
Again: I have a Topic and a Function app already created.
I have gone through the official examples and documentation, but it does not work for me nevertheless.
Here is my template defined as a root resource:
{
"name": "[concat(parameters('EventGridCustomTopicName'), '/Microsoft.EventGrid/', variables('EventGridSubscriptionName'))]",
"type": "Microsoft.EventGrid/topics/providers/eventSubscriptions",
"location": "[resourceGroup().location]",
"apiVersion": "2018-01-01",
"dependsOn": [
"[parameters('FunctionAppName')]"
],
"properties": {
"destination": {
"endpointType": "WebHook",
"properties": {
"endpointUrl": "[concat('https://', parameters('FunctionAppName'), '.azurewebsites.net/admin/extensions/EventGridExtensionConfig?functionName=TopicSubscriber&code=', variables('funcCode'))]"
}
},
"filter": {
"includedEventTypes": [
"All"
]
}
}
}
Any help is highly appreciated!
i think whats happening the name is ambiguous and it cannot understand what to depends on. try doing something like this:
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('FunctionAppName'))]"
],

Azure resource can't find dependancy when deploying

I'm trying to deploy an Azure Windows VM using templates and keep running into the error code: InvalidResourceReference Resource X referenced by Resource Y was not found. Resource X is Microsoft.Network/networkSecurityGroups (named 'FBI') and resource Y is Microsoft.Network/networkInterfaces (named vInterface).
All my required resources are created during this deployment with their dependencies set in the template. The first thing I did was confirm that my FBI resource exists, which it did:
Next I ensured that my FBI security group was listed as a dependency in vInterface to ensure that FBI does get created first before vInterface is created, which it is:
{
"name": "[parameters('networkInterfaceName')]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2018-04-01",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpAddressName'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroupName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
},
"privateIPAllocationMethod": "Dynamic",
"publicIpAddress": {
"id": "[resourceId('VMGroup','Microsoft.Network/publicIpAddresses', parameters('publicIpAddressName'))]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('VMGroup', 'Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroupName'))]"
}
}
}
I can confirm that the location is the same for both of these resources. Everything looks ok but I can't figure out why my vInterface can't find/see my FBI security group.
For reference here's the full error message:
"error": {
"code": "InvalidResourceReference",
"message": "Resource /subscriptions/---/resourceGroups/VMGroup/providers/Microsoft.Network/networkSecurityGroups/FBI referenced by resource /subscriptions/---/resourceGroups/VMDeployment/providers/Microsoft.Network/networkInterfaces/vInterface was not found. Please make sure that the referenced resource exists, and that both resources are in the same region.",
"details": []
You are probably deploying to a resource group not called vmgroup hence this error.
your resource id's are hardcoded to vmgroup resource group, not to the resource group you are deploying to; change your resourceId() input to:
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroupName'))]"
ps. you have it in 2 places.

"Cannot find Web space" error when provisioning web app using Azure Resource Manager

I am trying to provision some resources on Azure using the Azure Resource Manager with a template I have put together;
I am provisioning several web apps with independent Service Plans concurrently. Of course each web app resource "dependsOn" its Service plan.
Everyone once in a while when I deploy using Powershell I get the following error:
New-AzureRmResourceGroupDeployment : 4:21:22 PM - Resource Microsoft.Web/serverfarms 'ServicePlanA' failed with message 'Cannot find Web space
ExampleResourceGroup-AustraliaEastwebspace for subscription ...'
This fails randomly on one or more of the Service Plans.
I also found this GitHub issue, but since I am not using the CLI I couldn't see how this would help https://github.com/Azure/azure-xplat-cli/issues/1646
I also have the latest AzureRM packages from https://www.powershellgallery.com/packages/AzureRM/
The API version I am using is "2015-08-01", and the schema of the deployment template is https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#
Here is a segment from the template that creates the mentioned resources:
{
"name": "[variables('WebFrontServicePlanAName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[parameters('DataCenterALocation')]",
"apiVersion": "2015-08-01",
"dependsOn": [ ],
"tags": {
"displayName": "WebFrontServicePlanA"
},
"sku": {
"name": "[parameters('WebFrontServicePlanSKU')]"
},
"properties": {
"name": "[variables('WebFrontServicePlanAName')]",
"workerSize": "[parameters('WebFrontServicePlanAWorkerSize')]",
"numberOfWorkers": 1
}
},
....
{
"name": "[variables('webAppName')]",
"type": "Microsoft.Web/sites",
"location": "[parameters('DataCenterALocation')]",
"apiVersion": "2015-08-01",
"dependsOn": [
"[concat('Microsoft.Web/serverfarms/', variables('WebFrontServicePlanAName'))]"
],
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', variables('WebFrontServicePlanAName'))]": "Resource",
"displayName": "webApp"
},
"properties": {
"name": "[variables('webAppName')]",
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms/', variables('WebFrontServicePlanAName'))]"
},
}
Do you already have an existing resource group that you're deploying to? If not try using the cmdlet New-AzureRmResourceGroupinstead of New-AzureRmResourceGroupDeployment.
In Azure Web Apps, resource groups are backed by webspaces. Thus a resource group may contain multiple webspaces each in a different geo region. If you don't have the resource group, and you're not creating it, then you wouldn't have the corresponding webspace, which would cause the error you're seeing.

Resources