Azure RM Template AutomationRunbookServiceUriIsNotValid - azure

I need to deploy a resource of type "microsoft.insights/actionGroups" with ARM Template and I am stuck on a problem. My Template :
{
"apiVersion": "2019-06-01",
"type": "microsoft.insights/actionGroups",
"location": "Global",
"name": "[variables('ActionGroupName')]",
"tags": {
"displayName": "MyActionGroupName"
},
"properties": {
"groupShortName": "variables('ActionGroupShortName')",
"enabled": true,
"automationRunbookReceivers": [
{
"name": "MyRunbookRecieverName",
"automationAccountId": "[resourceId('microsoft.insights/components', parameters('AzureTelemetryName'))]",
"runbookName": "MyRunbook",
"webhookResourceId": "[resourceId('Microsoft.Automation/automationAccounts/webhooks', parameters('AzureAutomationName'), 'WebHookName')]",
"isGlobalRunbook": false
}
]
}
}
But when I try to deploy I get this error:
New-AzureRmResourceGroupDeployment : 08:39:52 - Resource microsoft.insights/actionGroups 'ActionGroupName' failed with message '{
"Code": "AutomationRunbookServiceUriIsNotValid",
"Message": "AutomationRunbookServiceUriIsNotValid"
I look over template definition, and it is mentioned that WebhookReceiver.identifierUri is not mandatory.
What am I doing wrong?

I can reproduce your issue with the template, I add the serviceUri in the automationRunbookReceivers, then it works fine. You can refer to this link to create the webhook.
"automationRunbookReceivers": [
{
"name": "MyRunbookRecieverName",
"automationAccountId": "[resourceId('microsoft.insights/components', parameters('AzureTelemetryName'))]",
"runbookName": "MyRunbook",
"webhookResourceId": "[resourceId('Microsoft.Automation/automationAccounts/webhooks', parameters('AzureAutomationName'), 'WebHookName')]",
"isGlobalRunbook": false,
"serviceUri":"https://s16events.azure-automation.net/webhooks?token=xxxxxxxxxxxx"
}
]
To the serviceUri is not required issue, I am not sure if there is some mistake of the doc, just some test result for you to refer.(If I do something wrong, please correct me.)
In the doc, it appears like below. The name is No required, but if I deploy without it, I get the AutomationRunbookReceiverNameIsNullOrEmpty error. The useCommonAlertSchema is required, but if I deploy withou it, I will get no error. The same thing happens to the serviceUri.

Related

##[error]undefined: ValueType 'System.Boolean' cannot be null. (ARM Template deployment with DevOps)

Description
I received this strange error while deploying an Azure Function using ARM Templates. I was able to isolate that specific resource as the origin of the failure. I was unable to find information about this error in the Microsoft doc. D o you have any idea of what could be the root cause ?
Error
There were errors in your deployment. Error code: DeploymentFailed.
##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
##[error]Details:
##[error]undefined: ValueType 'System.Boolean' cannot be null.
##[error]Check out the troubleshooting guide to see if your issue is addressed: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
##[error]Task failed while creating or updating the template deployment.
Template
Note that the server farm already exists in another resource group.
{
// ...
"variables": {
// ...
"serverfarms_ASE_externalid": "[concat('/subscriptions/', variables('varSubscriptionId'), '/resourceGroups/ABC-123-rg/providers/Microsoft.Web/serverfarms/Medium-ASE01-Windows01')]",
// ...
},
"resources": [
// ...
{
"type": "Microsoft.Web/sites",
"apiVersion": "2019-08-01",
"name": "[variables('functionApp_name')]",
"location": "[parameters('infra').region.primaryName]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('storageAccount_name'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccount_name'))]"
],
"identity": {
"type": "SystemAssigned"
},
"kind": "functionapp",
"properties": {
"serverFarmId": "[variables('serverfarms_ASE_externalid')]",
"siteConfig": {
"appSettings": [
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('storageAccount_name'), ';AccountKey=', listKeys(variables('storageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "AzureWebJobsDashboard",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('storageAccount_name'), ';AccountKey=', listKeys(variables('storageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('storageAccount_name'), ';AccountKey=', listKeys(variables('storageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[toLower(variables('functionApp_name'))]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~3"
},
{
"name": "WEBSITE_NODE_DEFAULT_VERSION",
"value": "8.11.1"
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId('Microsoft.Insights/components', variables('appInsights_name')), '2014-04-01').InstrumentationKey]"
},
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "dotnet"
},
{
"name": "AzureWebJobsSecretStorageType",
"value": "files"
}
]
}
}
}
// ...
]
}
##[error]Details:
##[error]undefined: ValueType 'System.Boolean' cannot be null.
This is not a common azure deployment issue. Please check the common azure deployment issue
You can find the exact issue by using find error code
There are three types of errors that are related to a deployment:
Validation errors occur before a deployment begins and are caused by syntax errors in your file. Your editor can identify these errors.
Preflight validation errors occur when a deployment command is run but resources aren't deployed. These errors are found without starting the deployment. For example, if a parameter value is incorrect, the error is found in preflight validation.
Deployment errors occur during the deployment process and can only be found by assessing the deployment's progress.
All types of errors return an error code that you use to troubleshoot the deployment. Validation and preflight errors are shown in the activity log but don't appear in your deployment history. A Bicep file with syntax errors doesn't compile into JSON and isn't shown in the activity log.
To identify syntax errors, you can use Visual Studio Code with the latest Bicep extension or Azure Resource Manager Tools extension.

Microsoft.ApiManagement/service/diagnostics/loggers in Azure API Manager ARM template

This is how the chunk of the ARM template looks:
{
"type": "Microsoft.ApiManagement/service/diagnostics/loggers",
"apiVersion": "2018-01-01",
"name": "[concat(variables('gatewayName'), '/applicationinsights/', variables('gatewayName'))]",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service/diagnostics', variables('gatewayName'), 'applicationinsights')]",
"[resourceId('Microsoft.ApiManagement/service', variables('gatewayName'))]"
],
"properties": {
"loggerType": "applicationInsights",
"credentials": {
"instrumentationKey": "[reference(resourceId('Microsoft.Insights/components', variables('appInsights')), '2014-04-01').InstrumentationKey]"
},
"isBuffered": true,
"resourceId": "[variables('appInsights')]"
}
},
For two days our ARM template deployment is failing with the error:
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"MethodNotAllowedInPricingTier\",\r\n \"message\": \"Method not allowed in this pricing tier\",\r\n \"details\": null\r\n }\r\n}"}]}}
Although the error states the pricing tier, there were no changes in the template.
Verbatim google search result shows that the resource existed before as the first result item.
The documentation does not mention it anymore in the diagnostics section.
GitHub, though, remembers the resource but mentions different properties within the object:
"service_diagnostics_loggers": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2018-01-01"
]
},
"name": {
"oneOf": [
{
"type": "string",
"pattern": "(^[\\w]+$)|(^[\\w][\\w\\-]+[\\w]$)",
"maxLength": 80
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Logger identifier. Must be unique in the API Management service instance."
},
"type": {
"type": "string",
"enum": [
"Microsoft.ApiManagement/service/diagnostics/loggers"
]
}
},
"required": [
"apiVersion",
"name",
"type"
],
"description": "Microsoft.ApiManagement/service/diagnostics/loggers"
}
It looks like the resource was removed from the ARM template infrastructure silently. What is wrong my analysis?
diagnostics/loggers resource does exist in 2018-01-01 API version: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2018-01-01/apimdiagnostics.json
After that though it was removed and replaced by loggerId property on diagnostic entity itself: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2019-01-01/definitions.json#L1771
We'll check why older API version doesn't seem to work, meanwhile you could try migrating to a newer API version.

ARM Template - Creating a template for VirtualnetworkGateway combined in a single template

I have created a template which is meant to deploy a complete network solution, which includes 2-subnets, vnet, vnetgw and pubip. I am looking for a way to programmatically reference some of the resource id's such that it makes the template more dynamic and can be used as many times as possible. secondly, the templates generates an error on deployment which obviously is as a result of the the references i mentioned earlier. Pls see error below;
New-AzResourceGroupDeployment: Line | 3 |
New-AzResourceGroupDeployment -ResourceGroupName rg-vnet-dev -Templat
…
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 19:05:58 - Resource Microsoft.Network/virtualNetworkGateways 'rgvnetdev-vnetgw' failed with message '{ "error": {
"code": "InvalidTemplate",
"message": "Unable to process template language expressions for resource
'/subscriptions/77dd2569-6341-4c72-880d-ef59413db99e/resourceGroups/rg-vnet-dev/providers/Microsoft.Network/virtualNetworkGateways/rgvnetdev-vnetgw'
at line '279' and column '9'. 'Unable to evaluate template language
function 'resourceId': the type
'Microsoft.Network/virtualNetworks/subnets' requires '2' resource name
argument(s). Please see
https://aka.ms/arm-template-expressions/#resourceid for usage
details.'",
"additionalInfo": [
{
"type": "TemplateViolation",
"info": {
"lineNumber": 279,
"linePosition": 9,
"path": ""
}
}
] } }
I will be happy to share the code, if this would assist in resolving my issue. The error relates to referencing the vnet dependson for creating vnetgw.
From the error message, it seems that referenced subnet id is invalid. This function resourceId format is
resourceId([subscriptionId], [resourceGroupName], resourceType, resourceName1, [resourceName2], ...)
In this case, you probably lacks the VNet name at line '279', the referenced subnet id should be like this:
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworkName'), parameters('subnet1Name'))]"
},
{
"type": "Microsoft.Network/virtualNetworkGateways",
"apiVersion": "2019-12-01",
"name": "[variables('vnetgwname')]",
"location": "[parameters('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses',variables('pubIp'))]",
"[resourceId('Microsoft.Network/virtualNetworks',variables('VNetName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "vnetgatewayconfig",
"properties": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('pubIp'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',variables('VNetName'),variables('Uniquegwsubnet'))]"
},
"privateIPAllocationMethod": "[parameters('publicIPAllocationMethod')]"
}
}
],
"sku": {
"name": "[parameters('sku')]",
"tier": "[parameters('sku')]"
},
"gatewayType": "[parameters('gatewayType')]",
"vpnType": "[parameters('VpnType')]",
"activeActive": false,
"enableBgp": false,
"vpnGatewayGeneration": "[parameters('vpnGatewayGeneration')]"
}
},

How do I use Azure Key Vault secret in linked template

I'm trying to create automation variable off KeyVault secret. I assume I can probably do the same thing what is currently done in main template for retrieving windows password but it fails with non-descriptive error below. Not sure what shall be done next to troubleshoot.
Error
{
"code": "BadRequest",
"message": "{\"Message\":\"The request is invalid.\",\"ModelState\":{\"variable.properties.value\":[\"An error has occurred.\"]}}"
}
Template
{
"name": "mystring",
"type": "variables",
"apiVersion": "2015-10-31",
"dependsOn": [
"[concat('Microsoft.Automation/automationAccounts/', parameters('AutomationAccountName'))]"
],
"properties": {
"value": {
"reference": {
"keyVault": {
"id": "[resourceId(subscription().subscriptionId, 'Utility-RG', 'Microsoft.KeyVault/vaults', 'MyKeyVault')]"
},
"secretName": "WindowsPasswordSecret"
}
},
"description": "test var",
"isEncrypted": false
}
}
That error is indeed helpful, while I have no idea what went wrong there, I can tell you how to work around that, you need to pass the data from the KV to the template (as input parameter) not to the resource. And in the template use parameter to assign value to the object in question.
Reference: https://github.com/4c74356b41/bbbb-is-the-word/blob/master/_arm/parent.json#L151

ARM deployment fails with incorrect DSC extension template error

I have ARM deployment template, which contains VM resource with DSC extension
"resources": [
{
"name": "Microsoft.Powershell.DSC",
"type": "extensions",
"location": "[resourceGroup().location]",
"apiVersion": "2015-06-15",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('appVMName'))]"
],
"tags": {
"displayName": "appDSC"
},
"properties": {
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.9",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "[parameters('appDSCUpdateTagVersion')]",
"settings": {
"configuration": {
"url": "[parameters('dscArchiveUrl')]",
"script": "appDSC.ps1",
"function": "Main"
},
"configurationArguments": {
"nodeName": "[parameters('appVMName')]",
"webDeployPackage": "[parameters('appWebPackage')]",
"backgroundServicePackage": "[parameters('backgroundServicePackage')]"
}
}
}
}
]
I managed to make this work for the first time I executed it, but now it responds with error:
15:37:17 - Resource Microsoft.Compute/virtualMachines 'Unique-InApp' failed with message '{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "VMExtensionProvisioningError",
"message": "VM has reported a failure when processing extension 'Microsoft.Powershell.DSC'. Error message: \"The
DSC Extension received an incorrect input: Configuration.url requires that configuration.script is specified.\nPlease c
orrect the input and retry executing the extension.\"."
}
]
}
}'
As you can see, I obviously put script to configuration, but for some reason it is not recognized by ARM deployment script.
I suppose, this is just wrong error message and I have different problem, but without proper diagnostic information I am not able to understand it.
So what is the problem and how to fix it?
Looking at this example and at the schema seems like you are doing it wrong.
I don't see script or function properties for DSC extension, instead I see configurationFunction property, which supposedly takes a value similar to this:
ContosoWebsite.ps1\\ContosoWebsite
Second slash is used to escape the first one ;)

Resources