I'm trying to deploy simple resource group to Azure with ARM template. It consist of single virtual machine with public IP and nsg allowing accessing it via SSH. To secure access I'm setting admin user and password for VM, which are passed to template with parameters json. VM definition looks like this:
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2018-10-01",
"name": "[variables('vmName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "Standard_D2s_v3"
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"linuxConfiguration": {
"disablePasswordAuthentication": false
}
},
// ...
},
// ...
}
According to Azure quickstart templates repository for generating password I can use GEN-PASSWORD placeholder and GEN-UNIQUE to get unique alphanumeric string. That's why my parameters json looks like this:
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
// ...
"adminUsername": {
"value": "GEN_UNIQUE"
},
"adminPassword": {
"value": "GEN_PASSWORD"
}
}
}
However, whenever I try to deploy it (via Azure DevOps Pipeline) I got error that password is invalid:
2020-06-29T21:27:40.5401781Z ##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2020-06-29T21:27:40.5416217Z ##[error]Details:
2020-06-29T21:27:40.5419655Z ##[error]InvalidParameter: The supplied password must be between 6-72 characters long and must satisfy at least 3 of password complexity requirements from the following:
1) Contains an uppercase character
2) Contains a lowercase character
3) Contains a numeric digit
4) Contains a special character
5) Control characters are not allowed
Can anyone help? I tried to find more info about these placeholders, but Azure GitHub repository that I linked above seems to be the only source.
The GEN* values are special placeholders that only work in the context of the Azure Resource Manager QuickStart Templates repository and its automated template validation.
I am afraid you cannot use these placeholders in your own custom Azure DevOps pipelines.
Related
As part of our template files, we have a variable defined partially by deployment method's deployment().name, similar to this:
"myVariable": "[concat(SOME_CUSTOM_STRING_HERE, deployment().name)]"
The variable is then used as the deployment label for our Classic Cloud Service resources which includes the build number.
{
"apiVersion": "2015-12-01",
"type": "deploymentSlots",
"name": "staging",
"properties": {
"deploymentLabel": "[variables('myVariable')]",
...
},
...
}
Perhaps deployment().name can be set and not defined by Azure, but I haven't been able I haven't been able to find it.
However, the variable's value is different under Cloud Service Extended Support. This time the value is a long hash and the name of the Cloud Service resource, even thought the definition remains as shown above. The variable is used in a tag:
{
"apiVersion": "2021-03-01",
"type": "Microsoft.Compute/cloudServices",
"name": "RESOURCE_NAME",
"location": "[LOCATION]",
"tags": {
"DeploymentLabel": "[variables('myVariable')]",
...
},
...
}
So did the value of deployment().name template function change for deployments of Extended Support version of cloud service? If not, can it be set and how?
From the Azure Devops side, if you are running the deployment the task itself has the deployment name like deployment mode. if its not provided, automatically it gets generated
deploymentMode: 'Incremental'
deploymentName: 'deploymentname'
if its powershell then please check the link below
https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/deploy-cli#azure-deployment-template-name
you set the name when you deploy a resource:
{
"apiVersion": "2021-03-01",
"type": "Microsoft.Compute/cloudServices",
"NAME": "MYRESOURCE",
"location": "[LOCATION]",
"tags": {
"DeploymentLabel": "[variables('myVariable')]",
...
},
...
}
I am experimenting with Azure Management Groups Arm template.
As you can see in this link, I have this Arm template:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"mgName": {
"type": "string",
"defaultValue": "[concat('mg-', uniqueString(newGuid()))]"
}
},
"resources": [
{
"type": "Microsoft.Management/managementGroups",
"apiVersion": "2021-04-01",
"name": "[parameters('mgName')]",
"scope": "/",
"location": "eastus",
"properties": {}
}
],
"outputs": {
"output": {
"type": "string",
"value": "[parameters('mgName')]"
}
}
}
Saved as mg.json and it works fine.
Later I start experimenting with validating and testing Arm template using Test-AzTemplate (https://github.com/Azure/arm-ttk). When I run following command to test Arm Template:
Test-AzTemplate -TemplatePath .\mg.json
I get this test error:
[-] Resources Should Have Location (3 ms)
Resource [parameters('mgName')] Location must be an expression or 'global'
Now when I remove "location": "eastus", line form Arm template, the test does not fail and pass the test.
My Question:
Is this location in Management Group Arm required or not required? And why it is failing when it is part of Microsoft documentation! Any idea?
Location is not required in Management Group. As you can check this Azure Create Management Group REST API documentation, location is not needed here.
That's why in the template either you can remove the location or you can provide 'global' as the value, as the test command output specifies.
When I deploy in Azure DevOps the ARM template below I get an error due to an integer was expected, but a string was found. If I explicitly change the variables to values it will be properly picked up. Any idea what is going on here?
I have a Release Pipeline which deploys an ARM Template with parameters (not working, found string but integer was expected):
This works since I changed the variable values to explicit integers (working, but I want to use variable groups):
In the variable groups I have defined the name and values as:
FaultDomains 2
UpdateDomains 5
ARM Template:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "0.0.1.0",
"parameters": {
"AvailabilitySetName": {
"type": "string"
},
"FaultDomains": {
"type": "int"
},
"UpdateDomains": {
"type": "int"
}
},
"resources": [
{
"apiVersion": "2016-04-30-preview",
"type": "Microsoft.Compute/availabilitySets",
"name": "[parameters('AvailabilitySetName')]",
"location": "[resourceGroup().location]",
"properties": {
"platformUpdateDomainCount": "[parameters('UpdateDomains')]",
"platformFaultDomainCount": "[parameters('FaultDomains')]"
},
"sku": {
"name": "Aligned"
}
}
]
}
I tried to recreate the case and was able to deploy the availabilty set with given template using release pipeline,
Parameters
and make sure the parameteres are defined in the release variables.
NOTE: I used ARM TEMPLATE DEPLOYMENT task for deployment
deployment results
Not sure if it is supported in ARM. I could find power-shell references only.
You cannot currently deploy a dacpac with an ARM template. The link above uses PowerShell but not ARM. You can create however create a database from a source database as a copy using an ARM template.
A simple way to find an example template for any Azure action is to perform the action in the portal - in this case, copy a database - and then open the appropriate resource group blade in the portal, list the deployments, locate the deployment just submitted and open it. Then select ViewTemplate from the menu bar and examine both the Template tab and the Parameters tab. These show you the full template and the parameter values actually used. You can then download the template, with accompanying Powershell script.
For database copy, here is the template:
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"databaseName": {
"type": "string"
},
"serverName": {
"type": "string"
},
"location": {
"type": "string"
},
"createMode": {
"type": "string"
},
"sourceDatabaseId": {
"type": "string"
},
"requestedServiceObjectiveName": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2014-04-01-preview",
"location": "[parameters('location')]",
"name": "[concat(parameters('serverName'), '/', parameters('databaseName'))]",
"properties": {
"createMode": "[parameters('createMode')]",
"sourceDatabaseId": "[parameters('sourceDatabaseId')]",
"requestedServiceObjectiveName": "[parameters('requestedServiceObjectiveName')]"
},
"type": "Microsoft.Sql/servers/databases"
}
]
}
For database copy createMode = 'Copy'
And be sure to provide a fully qualified resourceId formatted as follows:
"/subscriptions/<sub-id>/resourceGroups/<resourceGroupName>/providers/Microsoft.Sql/Servers/<server-name>/databases/<database-name>"
Make sure the resource group name capitalization is correct and that the server name is all lower case.
You can use the sourceDatabaseId property to reference another database. Then you can specify various createModes depending on what type of database you would like to create:
{
"properties": {
"createMode": "OnlineSecondary",
"sourceDatabaseId": "[resourceId('Microsoft.Sql/servers/databases', variables('sql01Name'), 'databasename')]"
}
}
http://msdn.microsoft.com/en-us/library/azure/mt163685.aspx
The answer above from #Bill Gibson - MSFT works if you are using a Microsoft.Sql/servers resource, however if you're using a Microsoft.Sql/managedInstances resource you'll need to use the appropriate Microsoft.Sql/managedInstance/databases - ARM Template.
The following works for me to perform a PointInTimeRestore accessing a source database that lives in another resource group (the variables and parameters are left as an exercise to the reader):
{
"type": "Microsoft.Sql/managedInstances/databases",
"name": "[concat(variables('destinationSqlManagedInstanceName'), '/', 'AdventureWorks')]",
"apiVersion": "2021-11-01",
"location": "[parameters('location')]",
"properties": {
"createMode": "PointInTimeRestore",
"restorePointInTime": "2022-12-14T12:00:00Z",
"sourceDatabaseId": "[resourceId(variables('sourceResourceGroupName'), 'Microsoft.Sql/managedInstances/databases', variables('sourceSqlManagedInstanceName'), 'AdventureWorks')]"
}
}
The documentation is broken in a few ways:
When attempting to perform a PointInTimeRestore the properties referenced (SourceDatabaseName, SourceManagedInstanceName, PointInTime) do not exist. Rather the following properties are used: restorePointInTime and sourceDatabaseId which are documented in the documentation.
Additionally, the restorePointInTime indicates that the time should be in ISO8601 format, however this is not the same as what is returned by utcNow(). Testing has shown that you must provide it in this version of the ISO8601 format: yyyy-MM-ddTHH:mm:ssZ which can be done using utcNow('yyyy-MM-ddTHH:mm:ssZ').
I have created an issue to try and get the documentation fixed up here: https://github.com/MicrosoftDocs/azure-docs/issues/102717
I'm trying to add BingMaps to our resource template.
this is the template so far:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"mapsName": {
"type": "string"
}
},
"variables": {
"location": "[resourceGroup().location]"
},
"resources": [
{
"apiVersion": "2015-07-02",
"type": "Microsoft.BingMaps/mapApis",
"name": "[parameters('mapsName')]",
"location": "westus",
"plan": {
"publisher": "bingmaps",
"product": "mapapis",
"name": "myMapsTest",
"promotionCode": null
},
"properties": {
"provisioningState": "Succeeded"
}
}
],
"outputs": {
}
}
It gives this error message:
New-AzureRmResourceGroupDeployment : 14:22:50 - Resource
Microsoft.BingMaps/mapApis 'myMapsName' failed with message 'User
failed validation to purchase resources. Error message: 'Legal terms
have not been accepted for this item on this subscription. To accept
legal terms, please go to the Azure portal
(http://go.microsoft.com/fwlink/?LinkId=534873) and configure
programmatic deployment for the Marketplace item or create it there
for the first time''
How can I configure programmatic deployment for Azure Bing maps?
The current workaround is: create the marketplace item once under the very same subscription you are going to use for the programmatic deployment. It worked me like charm.. (although I am not happy this interactive hocus pocus at all)
The supposed correct solution is not working yet (issue), but hopefully will. See below:
Seems to be an Azure Subscription issue - what type of subscription do you have (pay as you go, free, EA?).
What location did you try to deploy to?
Also - are you able to provision "Bing Maps API for Enterprise" offering for the marketplace?