While trying to create azure budgets via Powreshell API ( New-AzureRmConsumptionBudget ).
When this is ran from Azure User context budget is created and alerts are coming. When ran from the context of a Azure AD Application budget is getting created but no alerts are coming.
Upon digging a bit I could see that there is an email address is mentioned at budget alert email. This email address intend is to contact to unsubscribe from alerts.
I'm not sure if that is the reason alerts are not coming.
Can some one help to clarify this
As per Azure blog
Calls to the budgets API enforce a user context. Due to this budgets won't be working as expected when created via powershell from an Azure AD application context.
Related
Days ago I onboarded a customer using Service Principal with an ARM template in our blob storage, then the client went to this URL:
https://portal.azure.com/#create/Microsoft.Template/uri/{Blob Url}, accepted us as their resource manager, and we could make connections and go-to resources but via PowerShell, why it doesn't show to us in our Azure Lighthouse Customers page?
I can work with the resources, make deployments, and such but doesn't show in the list, I want to know if it is because we need to be gold competency or an expert MSP because we don't want to make a public offer in the market, we just want to manage certain customers.
It should be displayed there. No special conditions are required such as the ones you've mentioned. Are you definitely signed in to your own partner/MSP tenant with an account that has delegated access to the customers? Does anything show up under delegations within the Azure Lighthouse section?
If you have access to the customer tenant, does your company show up under Service Providers within Azure Lighthouse on the Azure portal?
Case closed, the Service Principal itself doesn't have the privileges on the service provider's tenant to make your user a reader. So the solution for this was:
Remove the offer in the customer tenant.
Add new authorization in the ARM template for a user/group with "Reader" built-in role id. (In our case, we decided to use an AD group because people in the organization is temporary)
Upload the new ARM template and re-onboarded the client.
After a couple of hours, the client's subscription showed in the subscription list in the section: Directories + subscriptions, checked it, and saw all the resources from the service provider's tenant.
I found a solution for this issue.
The Azure Lighthouse->My customers list on the azure portal only shows subscriptions activated in the global directories and subscription filter.
Please go to the global directories and subscriptions filter (in the portal top navigation) and open the drop downs for directories and for subscriptions and check, if your customer subscription appears here.
If yes, select all entries in both drop downs.
After that go back to Azure Lighthouse->My customers
and check, if the customer subscription appears now.
I am a newbie in Azure Blockchain development. I have a corporate MSDN subscription. Now I trying to create a blockchain member in my Azure Portal.
After input all required values it shows a validation progress status. But after the successful validation 'Create' button not enabled. I have enough subscription amounts in my account.
Form offical website, I find azure blockchain will be retired.
And I try to create it on portal and also try to create it by azure cli, all failed.
In conclusion:
Azure recommends that users who have created a blockchain service provide the service and recommend that they migrate as soon as possible. For users who need to create this service, the service is not provided.
So this should be the willingness to fail to create success, you can raise a support ticket to confirm it.
We are actually looking to cover a solution from our jira platform.
We are using AZURE AD identitity management for handdling application catalog access.
Our goal is to automate the process of creating/adding a user into Azure AD from a Service Request issue from Jira Service Desk portal.
For exemple :
1- user submit a request from Jira Service Desk in order to have access to Confluence and RunDeck application
2 - The process should add automatically the user to the proper group in AD which then will have access to the application.
Does anyone have a solution how to approach this use case ?
Regards
Inbound Provisioning from Atlassian Jira to Azure AD is currently not supported. You can, however, voice your interest in such a feature or support similar ones in the Azure AD Feedback Forum.
Also, you can use the Graph API to automate user creation. Once a service request is complete, you can invoke the API for user creation from within Jira.
I have 6 bots I have built for clients on different directories/subscriptions that I need to migrate due to the recent change requiring bot services, so I've been trying to get a bot service in azure made on a number of different directories/subscriptions with no luck since 2 weeks ago. The previous error was something like "ajaxExtended not supported", but that error has gone away. Now I'm getting a "ServiceError" saying "Cannot create a v2 converged app."
The other method that is recommended is migration on the bot framework portal, but that doesn't work for me either and says "Failed to find any Azure subscriptions for the current user." I'm a part of a number of different directories and I need to migrate them to specific directories, but my primary directory doesn't have a subscription attached to it.
How can I accomplish migration to bot services given my situation?
For the first method, a possible reason you hit this error is that their Azure tenant admin has not allowed you to create AD apps. To resolve the issue please contact your Azure tenant admin and have them grant the proper access permissions.
Second, on the portal, as a workaround for this, you may be able to add another Email as a collaborator (in the Bot Framework portal) that is associated with the correct Azure subscription and try to migrate it using that email account in the portal. I have not tried this but it is probably worth giving a shot.
I am trying to learn how to use Azure's web app services to set up a custom domain, but I am getting a consistent issue with it think I don't have a paid subscription. I am on the "Shared" service level and have a Pay-As-You-Go subscription, yet when I try to click the "Buy Domains" button in the Web App dashboard for my application it automatically shows me a screen "To buy a custom domain, you must have a paid Azure subscription." I have been try to refresh and reconfigure all the options related to my subscription, but it won't seem to let me buy a domain. Are the subscriptions I have not sufficient to do this?
I experienced the same problem. I had just signed up for a new azure account and then converted my subscription from free-trial to pay-as-you-go. Somehow this doesn't propagate correctly because the subscription still showed the free trial credit. I filed a ticket with MS Support, and received an actual phone call back from a support person. They resolved it behind the scenes. Credit disappeared, but my subscription was successfully now showing pay-as-you-go in the portal.
Successfully buying a domain through the portal is another challenge though.
Are you the Service-Admin or Co-Admin?
It might be an operation only Service-Admin can execute.