I want to create VDI in azure but I'm facing the following issue while creating windows host pool
Deployment template validation failed: 'The provided value 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Common.Entities.TemplateGenericProperty`1[Newtonsoft.Json.Linq.JToken]' for the template parameter 'newOrExistingVnet' at line '152' and column '24' is not valid. The parameter value is not part of the allowed value(s): 'existing'.'.
This workaround assumes that you're getting this error in the portal:
First manually create the Resource Group and VNet.
Then within the VNet, add a service endpoint to e.g. Azure AD.
Next
rerun the wizard, this time choosing the Resource Group and VNet you
previously created. The template should validate successfully
Related
All I want is to copy/recreate all the existing resources which is under resource-grp1 from a Production environment to another resource-grp2.
What would be the very easiest way to re-create the same environment in another Resource Group in the same subscription? I tried to export the resource group and downloaded. The problem is that the file “parameters.json” includes hard coded references to the original resource group name. Is there an way to do this without using Azure CLI/Powershell, only use Azure Portal
resource-grp1 contains following resources
1. 2 app service plans
2. 10 app services
3. 8 azure sql database
4. 3 NSG & vnet
5. Application Insight
6. SendGrid
6. Storage account
7. VM
You can just navigate to your Resource group > Click on Export Template from side Panel
You'll have 3 options
Download
Add to Library
Deploy
When Downloaded, the ARM Template will be saved to the local machine. This will allow for the template to be manually changed or saved somewhere for it to be retrieved for later use.
When Saving, the ARM Template will be saved to a collection accessible from “Browse > Templates” within the Azure Portal. This allows for Resource Group configurations to be saved so they can easily be redeployed later.
When Deploying, the ARM Template will be deployed to a new Resource Group. This essentially allows for the Resource Group to be “copied.” This could be useful for easily cloning a Resource Group to easily spin up a separate hosting environment with identical settings.
enter image description here
I have Downloaded the template and Imported the template using Template Deployments.
Search for Template Deployments > Build your own template in editor > Load File (Add your downloaded template after unzipping) > Save > Create
enter image description here
enter image description here
enter image description here
you can refer this site for more
If you are facing issue with Export template "The problem is that the file “parameters.json” includes hard coded references to the original resource group name" try below.
Azure portal - > Resource group -> Export Template and download the template.
After download the templates (template.json and parameters.json) files find old resource group reference and change into new resource group reference.
Deploy into other resource group:
Search Template Deployment in Azure portal search bar and click on create.
Click on Build your own template in the editor
select parameter and add updated parameters.json file
&
select resources and add updated template.file and save it.
Add subscription and Resource group which you need to deploy.
Click Create it will deploy your resources in a new resource group.
I can't seem to authorize access to my Azure subscription in Azure DevOps to run a build whenever a commit is pushed to master. I keep getting the below error:
Also, when I click Authorize resources, it says the authorization was successful, but the next time I run the pipeline, I get the same exact error. I verified in Project settings -> Service connections that I have an active connection to the subscription.
How can I get around this issue? When I go to Deployment Center in Azure Functions and wire up the connection there, it creates a task-based pipeline, but I want to use yaml.
The above indicates the azureSubscription you specified in your azure function deployment task doesnot exist, or you didnot have the permission.
If the service connection is already correctly setup, but you still encounter above error. You can follow below to troubleshoot the issue.
1, Check your yaml pipeline.
The azure subscription is validated at compile time. If you use variables to reference the azure subscription yaml pipeline. You need to make sure the variable can be retrieved at compile time.
You can check out this thread.
2, Check the service connection security setting.
Go to project settings-->Service Connections under Pipelines--> Select your azure service connection --> More settings(3 dots)-->Security-->Try adding your pipeline to the Pipeline permissions list.
If the azure subscription service connection is not set up. You need to create an service connection of azure Resource Manager type to connect to your azure subscription. See below steps:
1, Go to project settings-->Service Connections under Pipelines--> New Service connection-->Select Azure Resource Manager--> Next
2, Then select the Authentication method. If your azure devops is connected to AAD. You can select Service principal (automatic) as Authentication method. This will automatically create a service principal in your Azure AD.
3, If you want to create new service principal. You can select Service principal (manual). See below document to create service principal in Azure
Use the portal to create an Azure Active Directory application and a service principal that can access resources
Use Azure PowerShell to create an Azure service principal with a certificate
Then enter the related information in the service connection configuration page.
After the your azure subscription service connection is created. You can use it in your yaml pipeline task by specify the service connection name. See below example:
- task: AzureFunctionApp#1
displayName: Azure Function App Deploy
inputs:
azureSubscription: myAzureSubscription
Note: You need to add the correct role assignment for above service principal to enable the service principal to deploy to your azure resources.
You must create a new connection from the task itself (you may need to use the advanced options to add an existing service principal).
under "Azure subscription" click the name of the subscription you wish to use
Click the drop down next to "Authorize" and open advanced options
Click " use the full version of the service connection dialog."
Enter all your credentials and hit save
I spent a while trying to figure out why I got the same problem. Compared my yaml to another yaml I had worked on previously and couldn't spot any problems, also verified the service connections.
But as #Levi Lu-MSFT mentions, verifying the yaml lead me to finding what caused my issue so I thought I'd share it here even though it's not 100% related:
My variables weren't indented correctly. I was a bit tired and thought DevOps was just goofing with me. So verify that your yaml is properly setup. Sometimes it can be really small things that causes these issues.
It's my first time trying out the Azure data factory so I hope this is not a bad question to ask.
So I'm using the Azure portal trying to create an on-demand hadoop cluster as one of the linked service in Azure Data Factory following the steps in the tutorial.
But whenever I click create, the following error message pops up.
Failed to save HDinisghtLinkedService. Error: An additional property 'subnetName' has been specified but additionalProperties is not active.The relevant property is 'HDInsightOnDemandLinkedServiceTypeProperties'.The error occurred at the location 'body/properties/typeProperties' in the request.;An additional property 'virtualNetworkId' has been specified but additionalProperties is not active.The relevant property is 'HDInsightOnDemandLinkedServiceTypeProperties'.The error occurred at the location 'body/properties/typeProperties' in the request.
I couldn't understand why it requires the 'subnetName' and 'virtualNetworkId'. But I tried putting values under Advanced Properties -> Chose Vnet and Subnet -> From Azure subscription -> and put in the existing vitrual network ID and subnet name. But the problem still present and the same error message shows up.
Other background information:
For the tutorial I posted above, I did not use its powershell code. I have existing resource group and created a new storage account on the Azure portal.
I also created a new app registration in Azure Active Directory and retrieve principal service application ID and authentication key following this link
Some parameters:
Type: On-demand HDInsight
Azure Storage Linked Service: the one listed in the connection
Cluster size: 1 (for testing)
Service principal id/service principal key: described above
Version: 3.6
...
Any thoughts or anything I might be doing wrong?
From the error message, it clearly states that “subnetName” is not active, which means it has not created at all.
Note: If you want to create on-demand cluster within your Vnet, then first create Vnet and Subnet and the pass the following values.
Advanced Properties are not mandatory to create a on-demand cluster.
Have you tried created on-demand cluster without passing the Vnet and Subnet?
Hope this helps. Do let us know if you any further queries.
I am working on Azure Kubernetes service. I am creating AKS through portal successfully. But, I need to do it through the ARM Templates.
How to create AKS with help of ARM Templates?
For this, I followed link
But, here am receiving an issue like:
Code : InvalidTemplate
Message : Deployment template validation failed: 'The template
resource
'AKSsubnet/Microsoft.Authorization/36985XXX-XXXX-XXXX-XXXX-5fb6b7ebXXXX'
for type
'Microsoft.Network/virtualNetworks/subnets/providers/roleAssignments'
at line '53' and column '9' has incorrect segment lengths. A
nested resource type must have identical number of segments as its resource name. A root resource type must have segment length
one greater than its resource name. Please see https://aka.ms/arm-template/#resources for usage details.'.
How to create AKS with help of ARM Templates?
One of the most direct methods, navigate to creating AKS page in the portal, fill the attributes, click Download a template for automation, then you will get the template.
You could test the template in the Custom deployment, it will work fine.
Old thread but here is why the AKS Advanced Networking ARM Template is not working for you.
One of the steps in the deployment assigns the SP as a contributor to the newly created AKS subnets so that the SP can work its advanced networking magic.
In order to assign a role in a RG one needs to have Owner permissions on that RG.
I suspect you have provided the incorrectly formatted string in the "name" field of the resource. It should follow the pattern like this- "{resource-name}/Microsoft.Authorization/{role-assign-GUID}"
More on this here- https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-template#resource
I have published an API app from Visual Studio to a new resource group, also created an App Service Plan, so after the deployment the resource group contains 2 items:
AppServicePlan1
AppService1
Now I am trying to deploy these items to another resource group as follows:
Select 'Automation script' in the resource group settings
Click 'Deploy'
Select 'Create new' resource group, enter its name
Enter 'Serverfarms_AppServicePlan1_name' parameter value (new app service plan name, e.g. AppServicePlan2)
Enter 'Sites_AppService1_name' parameter value (new app service name, e.g. AppService2)
Tick 'Agree to terms and conditions'
Click 'Puchase'
The process fails with the following error message:
"The host name AppService1.azurewebsites.net is already assigned to another Azure website: AppService1."
I have tried different things - deploying app service plan, logic apps, etc. from one resource group to another works fine, but deploying an app service fails as described above.
I have tried changing the hostNames property in the template file to ["AppService2.azurewebsites.net"] manually - I'm not getting the error then (although I'm not sure, maybe something else also needs to be changed, e.g. properties enabledHostNames, hostNameSslStates?) and the deployment seems to work, however the 'deployed' app service can't be used as it contains only 1 file - hostingstart.html.
What am I missing?
I think you have everything correct - as you noticed when you use the generated automation script it will create everything with the same properties that currently exist. We try to parameterize the correct value (like the web app name) but there are some details that can be overlooked (like host names). After changing all that it sounds like you got it to deploy.
The "code" however is not part of the automation script - only the infrastructure and configuration. So you still need to deploy your app to have it be identical. You can folder app deployment into the JSON template (using webdeploy or github) but since that requires access to external artifacts, that's not done automatically.
That help?