Getting the following error while deploying.
Error: Error waiting for CDN Endpoint "website-dev-appservice" (Profile "website-dev-eastus2-cdn" / Resource Group "website-dev-eastus2-rg") to finish creating: Code="BadRequest"
Message="{\"ErrorMessage\":\"Errors found in Model: OriginHostHeader must match the regex '(^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9_\\\\-]*[a-zA-Z0-9])\\\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\\\-]*[A-Za-z0-9])$)|((?:[:0-9A-Fa-f]+))'.\"}"
what could be the issue here?
Even though hashicorp doc says origin_host_header is an optional field but here Scripts needs origin_host_header to be specified which default value is the domain e.g origin_host_header = www.google.com
Just add origin_host_header, It should work.
Related
I was previously able to use terraform 0.11 with digitalocean. I have since updated the terraform version to 0.13.5 and updated the digitalocean provider. However, after this change, I am not able to provision any resource as I am getting a 401 error from digitalocean. I have even tried using a new authentication token but that produced the same result.
Error: Error creating droplet: POST https://api.digitalocean.com/v2/droplets: 401 Unable to authenticate you
I have modified the TF_LOG value but that has not provided any additional details to help debug the issue. Any ideas on how to troubleshoot this further?
The token is valid as I am able to use it with curl but not with terraform 0.13.5 and digitalocean provider 2.2.0.
What could be happening, is that after the upgrade, you are not loading the variable correctly.
So the terraform it's passing an empty token to the provider. The provider then tries to authenticate with an empty/wrong token and fails resulting in 401.
If you are providing a default value, to confirm the issue, try removing the default value, and make it ask you instead.
Try Following this example
#Set the variable value in *.tfvars file
# or using -var="do_token=..." CLI option
variable "do_token" {}
# Configure the DigitalOcean Provider
provider "digitalocean" {
token = var.do_token
}
# Create a web server
resource "digitalocean_droplet" "web" {
# ...
}
And make sure you name your file whatever.auto.tfvars (auto.tfvars is the key) with the toke like this:
do_token = ua0uhk0a0ka0k7a0o90ia0oekadho0eka9
And it should work, or ask you for a token.
To be noted: This is an API token, not your password. follow [this process]{https://docs.digitalocean.com/reference/api/create-personal-access-token/} if you have never created/used one.
I'm making Azure App Service Certificate and trying to import the certificate to key vault.
But when creating and selecting the key vault from the App service certificate, I got an error:
The parameter keyVaultCsmId has an invalid value.
Anyone knows how to resolve this problem?
I soloved this problem.
I had used Resource Group name using Japanese characters and then got an error.
I created new Resource Group named with alphabets and underscore. Then tried again, and succeeded.
I get the following error when I try to save an updated Azure WAF custom policy.
"Failed to update the WAF policy 'xxxxx'. Error: WebApplicationFirewallPolicy validation failed.
More information "Match Variable RemoteAddr must be used with Operator(s) IPMatch,GeoMatch"."
IP address is there then I have deny traffic. Update works but the error comes up and I hit save
I found out that if you have more than one and and if any of the rules have any error, you cannot save. If you get an error like this, you need to check all the rules. The other rule had an error and everything worked after I corrected it.
I am now using the current Azure Dev Pack (18.03). When following the tutorial for connection there is now the following error when trying to connect:
The problem is, that the tutorial is only mentioning the following dialog for connecting a storage:
where the ARM endpoint has to be set to "https://adminmanagement.local.azurestack.external".
But after this dialog another dialog is shown which is not mentioned in the documenation at all:
Here it is not clear what is meant by the "Sign in ressource id" or the "ARM resource id".
I found something, which might be at least the "ARM resource id":
So finally: What to insert for "Sign in resource id" and "ARM resource id"?
EDIT:
So after the answers below I requested these IDs manually:
But I still don't know exactly how to insert it. Doing it the following way:
still ends up in another error message:
EDIT 2:
So what I corrected was, that I again checked to use a base64 encoded Certificate. Further it appeared to be an issue that in above screenshot I had ARM Endpoint for "adminmanagement..." and the resource ids I requested were for "management...". So I altered the Rest call for the ID to (Invoke-RestMethod -Uri https://adminmanagement.local.azurestack.external/metadata/endpoints?api-version=1.0).authentication.audiences[0].
IT appears to be an improvement, because it ends up in a brand new error message:
Additional hint: If I now use a nonesense login not available at the stack, I get the Unable to sign in: access_denied: AADSTS65005: Invalid resource error message in the popup at the top border of the Azure explorer.
From an internal program manager, This seems to be caused by some known regression issue in Storage Explorer 0.9.6 version that Sign in resource id and ARM resource id aren’t fetched properly during sign-in.
As a workaround, user can execute the sample cmdlet for ASDK below and then input the returned value for these two resource ids.
For multi-node integrated system, the Azure Stack endpoint needs to be changed according to the environment configuration.
PowerShell:
Invoke-RestMethod -Uri (https://management.local.azurestack.external/metadata/endpoints?api-version=1.0 -Method Get).authentication.audiences[0]
There is also a new release of Storage Explorer to fix this bug soon.
Second Fix:
This issue could also happen when the incorrect certificate type is exported. The certificate must be exported in Base-64 x.509 format:
Try entering the invoke command like this:
(Invoke-RestMethod -Uri https://Adminmanagement.3171r06a.azcatcpec.com/metadata/endpoints?api-version=1.0).authentication.audiences[0]
or
(Invoke-RestMethod -Uri https://Adminmanagement.3171r06a.azcatcpec.com/metadata/endpoints?api-version=1.0).authentication
Returned results for me. Replace you region and dns with what you have deployed.
The problems have been solved together with Azure Storage Explorer v1.0.
I'm trying to set up the Bing Spell Check API on my Microsoft Azure account. The deployment, however, fails with the following error message:
OPERATION ID 492286237BA7FFEB
TRACKING ID 779d79cf-4b12-487f-ba97-c896bbdccb87
STATUS Conflict
PROVISIONING STATE Failed
TIMESTAMP 24/2/2017 09.55.58
DURATION 1 minute 22 seconds
TYPE Microsoft.CognitiveServices/accounts
RESOURCE ID /subscriptions/c68eec07-13e6-4f40-831c-c42f996fca89/resourceGroups/webis2/providers/Microsoft.CognitiveServices/accounts/webis
STATUSMESSAGE {
"error": {
"code": "RequestConflict",
"message": "Cannot replace resource with id 'webis'
because the resource entity tag has changed
while processing this request.
Please retry the request with the updated
resource."
}
}
RESOURCE webis
The STATUSMESSAGE suggests to simply retry the request, but this fails, too, with the same error message.
Otherwise, I'm not sure how to resolve the issue, since I obviously have no access to the provisioning process of the Bing Spell Check API.
Any help would be greatly appreciated.
We are investigating this. For now you should be able to work around the issue by deploying to an existing Resource Group instead of creating a new Resource Group during the API account creation.
Update: This issue has been resolved and new API account creation should work correctly.