I have built a feature for grammar check and am trying it with some different AI APIs.
I am trying to get it to work with Bing API and am using dev.cognitive to test but am always getting permission denied: https://dev.cognitive.microsoft.com/docs/services/5f7d486e04d2430193e1ca8f760cd7ed/operations/56e73036cf5ff81048ee6727/console
These are the steps I took:
- Created a Resource and Cognitive Services service
- Copied the Key 1
- Accessed the link above to test it and I am getting:
Date: Mon, 18 Nov 2019 18:51:32 GMT
Content-Length: 224
{"error":{"code":"401","message":"Access denied due to invalid subscription key or wrong API endpoint. Make sure to provide a valid key for an active subscription and use a correct regional API endpoint for your resource."}}
The query parameters are:
mode: proof
mkt: en-us
I appreciate if someone can help.
Thanks!
Can you try replacing the resource Name with the resource you have created? I just tried with a new resource created and it works fine.
I had created a Cognive Services service as a multi-service resource and there they didn't make me specify I was using this for Bing Spell Check.
I created a new one but this time as a Single Service Resource: https://portal.azure.com/#create/Microsoft.CognitiveServicesBingSearch-v7
and selected the correct price tier for what I needed (either S1 or S2) and it now works.
My previous multiservice cognive service had an endpoint ending like this: .api.cognitive.microsoft.com/
and for this purpose, it will only work when you have an endpoint like this: .cognitiveservices.azure.com/bing/v7.0
Also wanted to give thanks to #Sajeetharan for giving me his time and helping me to get to my resolution.
Seems that the required header Ocp-Apim-Subscription-Key is not being passed or it contains the wrong value. You can find a full working sample in here: https://learn.microsoft.com/en-us/azure/cognitive-services/bing-spell-check/quickstarts/csharp
Related
I have recently added managed identity support to Azure Service Bus and struggling how to properly add the health check. Prior to using managed identity, the health check was working fine, but now I am facing issues. The code to add the health check is the following:
builder.AddAzureServiceBusQueue(
"myservicebus.servicebus.windows.net",
"myqueue",
new DefaultAzureCredential(),
name: $"Azure Service Bus Health Check");
With this code, I am receiving the following error:
Put token failed. status-code: 404, status-description: The messaging entity 'sb://myservicebus.servicebus.windows.net/myqueue/$management' could not be found. To know more visit https://aka.ms/sbResourceMgrExceptions. TrackingId:6bd6fac5-3fbd-4889-a89b-a4854b8299f9_G13, SystemTracker:myservicegus.servicebus.windows.net:myqueue/$management, Timestamp:2022-12-23T02:21:08. (MessagingEntityNotFound). For troubleshooting information, see https://aka.ms/azsdk/net/servicebus/exceptions/troubleshoot.
I am not sure what the $management is all about or why it is needed. I thought perhaps the role associated with managed identity was missing a capability. To test that, I granted the role "Azure Service Bus Data Owner" and "Owner" to the resource, but still receiving the above error.
Also, not sure if it matters, but I am using Rebus to handle the publishing and subscribing of events (with managed identity) and that is working fine.
Any help is appreciated.
Thanks,
Eric
This is not really an answer, but here's some hopefully helpful information for anyone running into a similar issue.
The main mistake I had made was specifiying an incorrect queue name. It seems that when trying to perform the operation that health check is performing, something like:
var receiver = client.CreateReceiver("the_invalid_queue");
_ = await receiver.PeekMessageAsync().ConfigureAwait(false);
And when the queue name specified does not exist, we get the error as described in the question, mentioning the missing entity.
So just need to make sure to specify an existing queue name and all should work OK.
Eric
I'm in the process of migrating from Cloud Service (classic) to Cloud Service (extended support) in Azure. Unfortunately, CS extended support documentation is very scarce and often inaccurate, so the process if very much not straight forward. At this point, I'm working on the deployment pipelines. With CS classic, we used management APIs to deploy/update/etc. The API for extended support is more straight forward, however, again, the documentation is lacking. The best I found was this page: Cloud Service - create or update. While this provides fairly good starting points, I'm struggling to find any info on the following points:
ServiceConfiguration element - what format is this in? Is it pure XML (encoded within JSON, of course) or something else? For classic API, service configuration was passed as a BASE64 encoded XML.
The request body (JSON) contains some of the same elements as in the service configuration - what happens if they don't match?
Package URL - what format is this in? The package is stored in an azure storage account - so how do I reference it? Also, for authentication, I can't grant the CS any permissions to the storage account, as it's not created yet (it doesn't exist!) - but it seemingly needs this permission in order to be created.
RDP extension - what format is "password" in? Is this really just a plain password? For classic, RDP password was encrypted using a certificate, which was separately uploaded into the service.
SSL certificate from the vault - how is authentication going to work? Again, the CS doesn't exist yet, so I can't grant it any permissions in the vault.
On authentication front, I managed to send the auth request and get the oauth2 token, which I would then use for this API - could this be enough? Of course, I can try this, but need to understand the other things first (i.e. format of some elements).
Note separately that deployment pipeline is executed from Jenkins and must stay that way - I don't have any control over that.
UPDATE: I tested this as best I could with service configuration being plain xml, with content matching the rest of json input, plain text password for RDP extension, and hoping for the auth to use bearer token. The response I received was 400, with the following details:
{
"error": {
"code": "InvalidParameter",
"message": "The value of parameter packageUrl is invalid."
}
}
So, back to my point 3 above - what is the format of package url?
UPDATE 2: After some experimenting, it did accept the package URL with the SAS token. Now I'm stuck with this error:
{
"error": {
"code": "StandardPublicIPAddressNotSupportedCloudService",
"message": "Standard public IP not supported for cloud services."
}
}
Web search for that string returns 0 matches. The template I'm using is copy/paste from MS documentation; the process I'm using is exactly per MS documentation. Any further help massively appreciated.
This isn't exactly what you're after, but I used the following article to help with generating a template.json and parameter.json file which then could be used through Powershell.
https://techcommunity.microsoft.com/t5/azure-paas-blog/how-to-use-azure-devops-to-publish-cloud-service-extended/ba-p/3675180
This is what my Powershell script eventually looked like:
New-AzResourceGroupDeployment -ResourceGroupName "cses-rg" -TemplateFile DeployArm.template.json -TemplateParameterFile DeployArm.parameter.json -packageSasUri $cspkg -configurationSasUri $cscfg -cloudServiceName cldcsestest -deploymentLabel myDeploymentLabel -publicIPName 'MyPublicReservedIp' -rdpPassword $rdpPassword
I only used the Powershell script locally for quicker testing, but my goal was to get it working with Azure Dev Ops.
I'm getting the below error during validation when trying to deploy an ARM template via private offer (cleansed):
{"code":"MarketplacePurchaseEligibilityFailed","details":[{"code":"BadRequest","message":"Offer with PublisherId: 'PUBLISHER', OfferId: 'OFFER' cannot be purchased due to validation errors. For more information see details. Correlation Id: 'ID' Sku 'SKU' of offer 'OFFER' by publisher 'PUBLISHER' is not available to you for deployment per the policy set by your IT Admin.
I went through powershell and accepted the terms but still having the issue. Microsoft's responses so far are based on the browser. I've tried in Firefox, Chrome, and Edge to no avail. The Azure environment is pretty basic with no specific policies for anything so I'm not sure why it's saying this. Any help would be greatly appreciated.
Thanks!
There could be multiple reasons why you are getting this validation failure.
These are:
Programmatic deployment for the Marketplace is not configured.
Undefined task failed while creating or updating the template deployment.
Offer with PublisherId, and OfferId is not found. Doesn't exist anymore. As example, publisher revoked it.
Marketplace purchase is not enabled.
Unknown payment instrument(s) is unsupported for offer with OfferId, PlanId.
Organization is in deleted state.
etc.
Based on your failure details "is not available to you for deployment per the policy set by your IT Admin.", it seems your subscription is not registered and approved to deploy this specific image.
I'd recommend to do the next steps to resolve the issue:
Go to https://learn.microsoft.com/he-il/marketplace/manage-private-azure-marketplace-powershell#add-an-offer-to-a-private-marketplace
Click on try me button next to Add an Offer the private marketplace.
Login to the relevant tenant.
Use PowerShell and run the commands:
(a) Install-Module -Name Az.Marketplace
(b) Get-AzMarketplacePrivateStore - to get the privateStore Id
(c) use the private store id from step b
`$Params = #{
privateStoreId = 'PrivateStoreId'
offerId = 'paloaltonetworks.vmseries-flex'
SpecificPlanIdsLimitation = #('byol')
}
Set-AzMarketplacePrivateStoreOffer #Params`
I look forward to your response. Please let me know if you have any questions.
When calling the latest (version 2020-01-01) azure tenants api (management.azure.com/tenants) I don't see the same properties in the response as I get when using the "Try it" feature on the "Tenants - List" page in the online Azure REST documentation.
The response that I get only contains the "id", "tenantId" and "tenantCategory" properties. So the cool stuff like countryCode, domains, displayName, etc. are missing. I was using an older api version before which only included the "id" and "tenantId" properties so I do see the additional "tenantCategory" property at least.
When calling the 2020-01-01 version of the subscriptions list API in my code I do get all the same properties that I see when I use the "Try it" feature.
Has anyone else experienced this issue or know what could be the cause?
Thanks in advance!
I tried with https://management.azure.com/tenants?api-version=2020-01-01 in Try it, it returned the properties. Try to use 2020-05-01, 2020-06-01 or 2020-07-01 versions. They all worked for me.
When using Postman to call the API:
So it turns out that if you request the token under user context and use that as bearer token in the authorization header of the API call you get all the properties in the response, i.e. the same properties as you see when using the "Try it" feature online. But in my app I'm requesting it under the application context and then the expected behaviour is to only return the "id", "tenantId" and "tenantCategory" properties. So the tenants api is a bit different than the others and it's supposed to be that way.
I am trying to export an Azure package using the GetPackage method of Service Management API.
I have tried both calling the REST API directly using a WebClient, and by using the Windows Azure Service Management Library package (I have posted the code I used as an answer to that question).
However, no matter the method I tried and how I constructed and/or encoded the container URI, I am always getting the following error:
400 Bad Request
Parameter value '...' specified for parameter 'ContainerUriString' is invalid.
The parameter in question is of the following form:
https://something.blob.core.windows.net/somecontainer
I verified that the storage account exists and is accessible (tried both public and private containers), even tried calling HttpUtility.UrlEncode() on the container URI (even though the SDK does it automatically).
Any ideas how to get this resolved?
Please ensure that the storage account where you want the files to be copied belong to the same subscription as that of Cloud Service.