Related
I'm trying to manage CA certificates in Azure APIM through ARM but everything I tried gave no positive result.
For visualization, this is what I'm talking about:
When I look at the schema Microsoft.ApiManagement/service, there's a section for certificates where I can set the storeName variable but without results.
For sanity, I tried to upload it though Powershell plus manually and both option worked but that CA Certificate got wiped from the APIM at each deployment of my ARM template even if I used the "Incremental" option.
First I tried to modify the APIM ARM template by adding that block to the "properties" section:
"certificates": [
{
"encodedCertificate": "[parameters('RootCertificateBase64Content')]",
"certificatePassword": "[parameters('RootCertificatePassword')]",
"storeName": "Root"
}]
Here's my first test snippet for complete traceability:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"apimName": {
"type": "string",
"metadata": {
"description": "Name of the apimanagement"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"sku": {
"type": "string",
"allowedValues": [
"Developer",
"Standard",
"Premium"
],
"defaultValue": "Developer",
"metadata": {
"description": "The pricing tier of this API Management service"
}
},
"skuCapacity": {
"type": "string",
"allowedValues": [
"1",
"2"
],
"defaultValue": "1",
"metadata": {
"description": "The instance size of this API Management service."
}
},
"subnetResourceId": {
"type": "string",
"metadata": {
"description": ""
}
},
"RootCertificateBase64Content": {
"type": "string",
"metadata": {
"description": "The Root certificate content"
}
},
"RootCertificatePassword": {
"type": "string",
"metadata": {
"description": "The Root certificate password"
}
}
},
"variables": {
"publisherEmail": "whatever#heyho.com",
"publisherName": "Whatever Team",
"notificationSenderEmail": "whatever#heygo.com"
},
"resources": [
{
"apiVersion": "2019-12-01",
"name": "[parameters('apimName')]",
"type": "Microsoft.ApiManagement/service",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('sku')]",
"capacity": "[parameters('skuCapacity')]"
},
"properties": {
"notificationSenderEmail": "[variables('notificationSenderEmail')]",
"publisherEmail": "[variables('publisherEmail')]",
"publisherName": "[variables('publisherName')]",
"virtualNetworkConfiguration": {
"subnetResourceId": "[parameters('subnetResourceId')]"
},
"virtualNetworkType": "Internal",
"certificates": [
{
"encodedCertificate": "[parameters('RootCertificateBase64Content')]",
"certificatePassword": "[parameters('RootCertificatePassword')]",
"storeName": "Root"
}]
},
"identity": {
"type": "SystemAssigned"
}
}
],
"outputs": {
"apiManagementPrivateHostIp": {
"type": "string",
"value": "[reference(concat(resourceId('Microsoft.ApiManagement/service', parameters('apimName')))).privateIPAddresses[0]]"
}
}
}
Second alternative I tried was to use the Microsoft.ApiManagement/service/certificates schema. There is no option there to specify the StoreName so I assumed it wasn't the right schema but I tried anyway. All attempts generated a certificate in the built-in Certificates store instead of the CA Certificates store.
Here's my second attempt's snippet:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"apimName": {
"type": "string",
"metadata": {
"description": "The parent APIM name"
}
},
"certificateName": {
"type": "string",
"metadata": {
"description": "The certificate name"
}
},
"CertificateBase64Content": {
"type": "string",
"metadata": {
"description": "The content of the certificate"
}
},
"CertificatePassword": {
"type": "string",
"metadata": {
"description": "The certificate password"
}
}
},
"resources": [
{
"name": "[concat(parameters('apimName'), '/Root/', parameters('certificateName'))]",
"type": "Microsoft.ApiManagement/service/certificates",
"apiVersion": "2019-01-01",
"properties": {
"data": "[parameters('CertificateBase64Content')]",
"password": "[parameters('CertificatePassword')]"
}
}
],
"outputs": {}
}
While looking at terraform documentation, it seems that it's possible to manage these certificates through the base schema and I confirmed that through the terraform azurerm provider source code (Unfortunately I cannot use Terraform and I MUST use ARM in that scenario).
Any clues on how to manage CA certificates in Azure APIM through ARM?
I assume you want to update CA certificate authority sections of already existing APIM? If yes then just provide all required properties for Microsoft.ApiManagement/service but for name use already existing APIM name that you want to update and choose the same resource group.
Thanks to this, it will just update existing APIM with properties you provided, instead of creating new APIM. The required properties are name, type, apiVersion, location, sku, properties. For properties you need to provide publisherEmail and publisherName, and of course certificates - this is what you want to update after all. So the absolute minimum for update will look like this:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters":{
"base64EncodedCertificate":{
"defaultValue":"base64 encoded certificate",
"type":"String"
},
"certificatePassword":{
"defaultValue":"certificate password",
"type":"String"
}
},
"variables": {},
"resources": [
{
"name": "existing-apim-name",
"type": "Microsoft.ApiManagement/service",
"apiVersion": "2021-01-01-preview",
"location": "West Europe",
"sku": {
"name": "Developer",
"capacity": 1
},
"properties": {
"publisherEmail": "publisher#gmail.com",
"publisherName": "Publisher Name",
"certificates": [
{
"encodedCertificate": "[parameters('base64EncodedCertificate')]",
"certificatePassword": "[parameters('certificatePassword')]",
"storeName": "Root"
}
]
}
}
]
}
Watch out. certificates array must contain all certificates that you want to have on this APIM. All existing CA certs that are not in this array will be deleted.
I am working on to create the alerts in azure for various azure resources using ARM templates. But I want to create custom alerts for Azure Data Factory by using below log analytics query:
"alertLogQuery": "ADFPipelineRun\r\n| where ResourceId has 'df-xxx-xxx-xxxx'\r\n| where TimeGenerated > ago(15m)\r\n| where Status has 'Queued'\r\n| where PipelineName in ('pl_xxx_Business_xxx_Check' , 'pl_xxx_xxxx_Date_Check')\r\n| summarize by PipelineName, TimeGenerated\n",
Template file:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"rgNameOfActionGroup": {
"type": "string",
"metadata": {
"description": "The resource group name of the action group"
}
},
"actionGroupName": {
"type": "string",
"metadata": {
"description": "The name of the action group"
}
},
"rgNameOfLogAnalyticsWorkspace": {
"type": "string",
"metadata": {
"description": "The resource group name of the log analytics workspace"
}
},
"logAnalyticsWorkspaceName": {
"type": "string",
"metadata": {
"description": "The name of the log analytics workspace"
}
},
"alertTypes": {
"type": "array",
"metadata": {
"description": "An array that contains objects with properties for the metric alerts."
}
}
},
"variables": {
"actionGroupResourceId": "[concat('/subscriptions/',subscription().subscriptionId, '/resourceGroups/', parameters('rgNameOfActionGroup'), '/providers/Microsoft.insights/actionGroups/', parameters('actionGroupName'))]",
"workspaceResourceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('rgNameOfLogAnalyticsWorkspace'), '/providers/Microsoft.OperationalInsights/workspaces/', parameters('logAnalyticsWorkspaceName'))]",
"copy": [
{
"name": "alertTypes",
"count": "[length(parameters('alertTypes'))]",
"input": "[parameters('alertTypes')[copyIndex('alertTypes')].alertName]"
}
],
"alertSource": {
"Type": "ResultCount"
},
"alertEvaluation": {
"Frequency": 15,
"Time": 15
},
"alertActions": {
"SuppressTimeinMin": 20
}
},
"resources": [
{
"copy": {
"name": "alertTypes",
"count": "[length(parameters('alertTypes'))]"
},
"name": "[parameters('alertTypes')[copyIndex('alertTypes')].alertName]",
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2018-04-16",
"location": "global",
"tags": {},
"properties": {
"description": "[parameters('alertTypes')[copyIndex('alertTypes')].alertDescription]",
"enabled": "[parameters('isEnabled')]",
"source": {
"query": "[parameters('alertTypes')[copyIndex('alertTypes')].alertLogQuery]",
"dataSourceId": "[variables('workspaceResourceId')]",
"queryType": "[variables('alertSource').Type]"
},
"schedule": {
"frequencyInMinutes": "[variables('alertEvaluation').Frequency]",
"timeWindowInMinutes": "[variables('alertEvaluation').Time]"
},
"action": {
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
"severity": "[parameters('alertTypes')[copyIndex('alertTypes')].alertSeverity]",
"throttlingInMin": "[variables('alertActions').SuppressTimeinMin]",
"aznsAction": {
"actionGroup": "[array(variables('actionGroupResourceId'))]",
"emailSubject": "[parameters('alertTypes')[copyIndex('alertTypes')].alertName]"
},
"trigger": {
"thresholdOperator": "[parameters('alertTypes')[copyIndex('alertTypes')].operator]",
"threshold": "[parameters('alertTypes')[copyIndex('alertTypes')].thresholdValue]",
"metricTrigger": {
"thresholdOperator": "[parameters('alertTypes')[copyIndex('alertTypes')].operator]",
"threshold": "[parameters('alertTypes')[copyIndex('alertTypes')].thresholdValue]",
"metricColumn": "Classification",
"metricTriggerType": "Consecutive"
}
}
}
}
}
],
"outputs": {
"alertNames": {
"type": "array",
"value": "[variables('alertTypes')]"
}
}
}
I'm getting the below error:
Template validation failed: The template resource 'df-xx-xx-xxx-Queued Demo ADF pipelines alert/report' for type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Common.Entities.TemplateGenericProperty`1[System.String]' at line '71' and column '60' has incorrect segment lengths. A nested resource type must have identical number of segments as its resource name. A root resource type must have segment length one greater than its resource name.
So, can anyone suggest me how to fix the above issue.
Please refer to this link. In the variables -> alertSource section, you can add your custom alert rule there:
"alertSource":{
"Query":"write your query here",
"SourceId": "xxxxx",
"Type":"xxxx"
},
Note that you need to escape some characters like "" in your query if it has.
I have VS2019 and trying to create Logic Apps which includes SQL connection.
I deploy this LogicApps with Azure DevOps and getting error. I do not what is purpose of sql_1_privacySetting and what are possible values I could use. Specially I'm wondering how to set values in ARM.
ERROR:
##[error]Deployment template validation failed: 'The provided value 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Common.Entities.TemplateGenericProperty`1[Newtonsoft.Json.Linq.JToken]' for the template parameter 'sql_1_privacySetting' at line '1' and column '1605' is not valid. The parameter value is not part of the allowed value(s): 'None,Private,Organizational,Public'.'.
LogicApp.parameters.json
"sql_1_encryptConnection": {
"value": false
},
"sql_1_privacySetting": {
"value": ""
},
LogicApp.json
{
"type": "MICROSOFT.WEB/CONNECTIONS",
"apiVersion": "2018-07-01-preview",
"name": "[parameters('sql_1_Connection_Name')]",
"location": "[parameters('logicAppLocation')]",
"properties": {
"api": {
"id": "[concat(subscription().id, '/providers/Microsoft.Web/locations/', parameters('logicAppLocation'), '/managedApis/', 'sql')]"
},
"displayName": "[parameters('sql_1_Connection_DisplayName')]",
"parameterValues": {
"server": "[parameters('sql_1_server')]",
"database": "[parameters('sql_1_database')]",
"username": "[parameters('sql_1_username')]",
"password": "[parameters('sql_1_password')]",
"encryptConnection": "[parameters('sql_1_encryptConnection')]",
"privacySetting": "[parameters('sql_1_privacySetting')]",
"sqlConnectionString": "[parameters('sql_1_sqlConnectionString')]"
}
}
}
In my LogicApp.json it has these as the possible privacySetting allowed values:
"sql_1_privacySetting": {
"type": "string",
"metadata": {
"description": "Privacy Setting"
},
"allowedValues": [
"None",
"Private",
"Organizational",
"Public"
]
},
Set the
values as follows if you want it blank
"sql_1_privacySetting": {
"value": "None"
}
Options are
"None",
"Private",
"Organizational",
"Public"
I am using below ARM template to create Application Gateway. When I deploy it for the first time everything works. When I redeploy it (as a part of continuous deployment in the same env) it fails and I see the Listeners get deleted which were present previously and the SSL certificate also gets deleted.
Is there any option I can update the sub-resources present in ARM template based on a criteria something like not to update the listener if SSL cert is already present. I am updating some of the properties like creating rules and probe after creation of application gateway and not using ARM template.
ARM Template for reference-
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"applicationgateway_platform": {
"defaultValue": "",
"type": "String",
"maxLength": 6
},
"applicationgateway_location_shortname": {
"defaultValue": "",
"type": "String",
"maxLength": 3
},
"applicationgateway_project": {
"defaultValue": "",
"type": "String",
"maxLength": 6
},
"applicationgateway_environment": {
"defaultValue": "",
"type": "String",
"maxLength": 7
},
"applicationgateway_uniqueid": {
"defaultValue": "1",
"type": "String",
"maxLength": "1"
},
"vnetName": {
"type": "string",
"metadata": {
"description": "Name of the Virtual Network"
}
},
"subnetName": {
"type": "string",
"metadata": {
"description": "Name of subnet"
}
},
"vnetResourceGroup": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "Name of Resource group where Vnet and subnet resides"
}
},
"applicationGatewayTier": {
"type": "string",
"allowedValues": [
"Standard_v2",
"WAF_v2"
],
"defaultValue": "WAF_v2",
"metadata": {
"description": "application gateway tier"
}
},
"frontendPort": {
"type": "int",
"defaultValue": 80,
"metadata": {
"description": "application gateway front end port"
}
},
"secureFrontendPort": {
"type": "int",
"defaultValue": 443,
"metadata": {
"description": "application gateway secure front end port"
}
},
"backendPort": {
"type": "int",
"defaultValue": 80,
"metadata": {
"description": "application gateway back end port"
}
},
"applicationGatewayAutoScaleMinimumCapacity": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "Minimum appgateway instance to be running always"
}
},
"applicationGatewayAutoScaleMaximumCapacity": {
"type": "int",
"defaultValue": 10,
"metadata": {
"description": "Maximum appgateway instance that it can scale up."
}
}
},
"variables": {
"basename": "[concat(parameters('applicationgateway_platform'), '-', parameters('applicationgateway_project'), '-', parameters('applicationgateway_location_shortname'), '-', parameters('applicationgateway_environment'))]",
"applicationGatewayName": "[concat(variables('basename'), '-ag-', parameters('applicationgateway_uniqueid'))]",
"publicIPAddressName": "[concat(variables('basename'),'-agip-',parameters('applicationgateway_uniqueid'))]",
"subnetRef": "[concat(resourceId(parameters('vnetResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('vnetName')), '/subnets/', parameters('subnetName'))]",
"publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
"webApplicationFirewallConfigurationProperties": {
"enabled": true,
"firewallMode": "Detection",
"ruleSetType": "OWASP",
"ruleSetVersion": "3.0"
},
"apiVersion": "2019-09-01"
},
"resources": [
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"sku": {
"name": "Standard"
},
"zones": [],
"properties": {
"publicIPAllocationMethod": "Static",
"dnsSettings": {
"domainNameLabel": "[variables('applicationGatewayName')]"
}
}
},
{
"apiVersion": "[variables('apiVersion')]",
"name": "[variables('applicationGatewayName')]",
"type": "Microsoft.Network/applicationGateways",
"location": "[resourceGroup().location]",
"dependsOn": [
"[variables('publicIPRef')]"
],
"properties": {
"sku": {
"name": "[parameters('applicationGatewayTier')]",
"tier": "[parameters('applicationGatewayTier')]"
},
"gatewayIPConfigurations": [
{
"name": "appGatewayIpConfig",
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"frontendIPConfigurations": [
{
"name": "appGatewayFrontendIP",
"properties": {
"PublicIPAddress": {
"id": "[variables('publicIPRef')]"
}
}
}
],
"frontendPorts": [
{
"name": "appGatewayFrontendPort",
"properties": {
"Port": "[parameters('frontendPort')]"
}
},
{
"name": "appGatewaySecurePort",
"properties": {
"Port": "[parameters('secureFrontendPort')]"
}
}
],
"backendAddressPools": [
{
"name": "appGatewayBackendPool",
"properties": {
"BackendAddresses": []
}
}
],
"backendHttpSettingsCollection": [
{
"name": "appGatewayBackendHttpSettings",
"properties": {
"Port": "[parameters('backendPort')]",
"Protocol": "Http",
"CookieBasedAffinity": "disabled",
"requestTimeout": 20
}
}
],
"httpListeners": [
{
"name": "appGatewayHttpListener",
"properties": {
"FrontendIpConfiguration": {
"Id": "[concat(resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName')), '/frontendIPConfigurations/appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName')), '/frontendPorts/appGatewayFrontendPort')]"
},
"Protocol": "Http",
"SslCertificate": null
}
}
],
"requestRoutingRules": [
{
"Name": "basicRule",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName')), '/httpListeners/appGatewayHttpListener')]"
},
"backendAddressPool": {
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName')), '/backendAddressPools/appGatewayBackendPool')]"
},
"backendHttpSettings": {
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName')), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]"
}
}
}
],
"enableHttp2": false,
"sslCertificates": [],
"probes": [],
"autoscaleConfiguration": {
"minCapacity": "[parameters('applicationGatewayAutoScaleMinimumCapacity')]",
"maxCapacity": "[parameters('applicationGatewayAutoScaleMaximumCapacity')]"
},
"webApplicationFirewallConfiguration": "[if(equals(toUpper(parameters('applicationGatewayTier')), 'WAF_V2'), variables('webApplicationFirewallConfigurationProperties'), json('null'))]"
}
}
]
}
By default, Resource Manager deployment uses incremental mode. In incremental mode, Resource Manager leaves unchanged resources that exist in the resource group but aren't specified in the template.
However, when redeploying an existing resource in incremental mode,
the outcome is different. Specify all properties for the resource,
not just the ones you're updating. A common misunderstanding is to
think properties that aren't specified are left unchanged. If you
don't specify certain properties, Resource Manager interprets the
update as overwriting those values.
So, if you want some properties to leave unchanged when redeploying the template, you can specify certain properties (listeners for HTTPS, rules for HTTPS, SSL certificate) in your template. Here is a quickstart template for an end to end SSL with an application gateway that you can refer to.
To update a resource in an Azure Resource Manager template, you could follow the link for more details.
First, you must reference the resource once in the template to create
it and then reference the resource by the same name to update it
later. However, if two resources have the same name in a template,
Resource Manager throws an exception. To avoid this error, specify the
updated resource in a second template that's either linked or included
as a subtemplate using the Microsoft.Resources/deployments resource
type.
Second, you must either specify the name of the existing property to
change or a new name for a property to add in the nested template. You
must also specify the original properties and their original values.
If you fail to provide the original properties and values, Resource
Manager assumes you want to create a new resource and deletes the
original resource.
I'm attempting to deploy to a new resource group containing an existing app service plan in Azure using an ARM script. If I run the deployment through the Azure Portal UI, it is successful. The issue happens when I try to download the template ARM script for the deployment and use that.
I'm attempting to create a Web app and associated application insights instance.
Here is my template.json
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"type": "string"
},
"name": {
"type": "string"
},
"location": {
"type": "string"
},
"hostingEnvironment": {
"type": "string"
},
"hostingPlanName": {
"type": "string"
},
"serverFarmResourceGroup": {
"type": "string"
},
"alwaysOn": {
"type": "bool"
},
"currentStack": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"location": "[parameters('location')]",
"tags": {},
"dependsOn": [
"microsoft.insights/components/LicensingService-API"
],
"properties": {
"name": "[parameters('name')]",
"siteConfig": {
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference('microsoft.insights/components/LicensingService-API', '2015-05-01').InstrumentationKey]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "XDT_MicrosoftApplicationInsights_Mode",
"value": "default"
},
{
"name": "DiagnosticServices_EXTENSION_VERSION",
"value": "disabled"
},
{
"name": "APPINSIGHTS_PROFILERFEATURE_VERSION",
"value": "disabled"
},
{
"name": "APPINSIGHTS_SNAPSHOTFEATURE_VERSION",
"value": "disabled"
},
{
"name": "InstrumentationEngine_EXTENSION_VERSION",
"value": "disabled"
},
{
"name": "SnapshotDebugger_EXTENSION_VERSION",
"value": "disabled"
},
{
"name": "XDT_MicrosoftApplicationInsights_BaseExtensions",
"value": "disabled"
}
],
"metadata": [
{
"name": "CURRENT_STACK",
"value": "[parameters('currentStack')]"
}
],
"alwaysOn": "[parameters('alwaysOn')]"
},
"serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', parameters('serverFarmResourceGroup'), '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"hostingEnvironment": "[parameters('hostingEnvironment')]",
"clientAffinityEnabled": true
}
},
{
"apiVersion": "2015-05-01",
"name": "LicensingService-API",
"type": "microsoft.insights/components",
"location": "westus2",
"tags": {},
"properties": {
"ApplicationId": "[parameters('name')]",
"Request_Source": "IbizaWebAppExtensionCreate"
}
}
]
}
And my parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"value": "REMOVED"
},
"name": {
"value": "LicensingService-API"
},
"location": {
"value": "West US 2"
},
"hostingEnvironment": {
"value": ""
},
"hostingPlanName": {
"value": "LicensingServiceProductionAppServicePlan"
},
"serverFarmResourceGroup": {
"value": "LicensingServicePROD"
},
"alwaysOn": {
"value": true
},
"currentStack": {
"value": "dotnetcore"
}
}
}
There is one particular parameter that I'm having issues with. It is the "hostingEnvironment" parameter. I am unable to determine what should be placed in that field, as the default template provided by Azure leaves this blank. If I enter a value here (LicensingServiceProductionAppServicePlan for example), I get an error on the deployment of the web app that reads:
{
"Code": "NotFound",
"Message": "Cannot find Stamp with name LicensingServiceProductionAppServicePlan.",
"Target": null,
"Details": [
{
"Message": "Cannot find Stamp with name LicensingServiceProductionAppServicePlan."
},
{
"Code": "NotFound"
},
{
"ErrorEntity": {
"ExtendedCode": "51004",
"MessageTemplate": "Cannot find {0} with name {1}.",
"Parameters": [
"Stamp",
"LicensingServiceProductionAppServicePlan"
],
"Code": "NotFound",
"Message": "Cannot find Stamp with name LicensingServiceProductionAppServicePlan."
}
}
],
"Innererror": null
}
If I instead remove the parameter from both the template and the parameters files, as suggested in this answer, I get a BadRequest error that reads:
{
"error": {
"code": "InvalidTemplate",
"message": "Unable to process template language expressions for resource '/subscriptions/REMOVED/resourceGroups/LicensingServicePROD/providers/Microsoft.Web/serverfarms/LicensingServicePROD' at line '151' and column '9'. 'The template parameter 'hostingEnvironment' is not found. Please see https://aka.ms/arm-template/#parameters for usage details.'",
"additionalInfo": [
{
"type": "TemplateViolation",
"info": {
"lineNumber": 151,
"linePosition": 9,
"path": ""
}
}
]
}
}
Likely this is because I can see that the "hostingEnvironment" parameter is used in the template script.
So I'm left wondering why this works when done through the Azure UI but not from the script generated from the UI. My final question that I'm looking to solve is what is the value that should be provided for the "hostingEnvironment" parameter?
First hostingEnvironment is not required. It is required if you have an App Service Environment and you want to deploy the site on it.
You can leave it empty the value or remove it from the template.
See the details from the template reference site Web Site template reference
The solution is to make the following changes:
template.json:
"hostingEnvironment": {
"type": "string",
"defaultValue": ""
},
parameters.json
"hostingEnvironment": {
"value": ""
},