I had been using the line below to grab the value of the internalIpAddress property from an ILB App Service Environment in Azure:
az resource show `
--ids "/subscriptions/$subscription_id/resourceGroups/$ilbase_rg_name/providers/Microsoft.Web/hostingEnvironments/$ilbase_name/capacities/virtualip" `
--query "internalIpAddress"
The format of the virtualip resource was:
{
"internalIpAddress": "10.30.0.139",
"outboundIpAddresses": [
"13.72.76.135"
],
"serviceIpAddress": "13.72.76.135",
"vipMappings": []
}
Seems like in the past day or so, the format of the virtualip resource has now changed to this:
{
"additionalProperties": {
"internalIpAddress": "10.30.0.139",
"outboundIpAddresses": [
"13.72.76.135"
],
"serviceIpAddress": "13.72.76.135",
"vipMappings": []
},
"id": null,
"identity": null,
"kind": null,
"location": null,
"managedBy": null,
"name": null,
"plan": null,
"properties": null,
"sku": null,
"tags": null,
"type": null
}
And now my command no longer works...it returns nothing. I can modify my command to get the entire additionalProperties object but I then don't know how to parse thru it to get just the value of the internalIpAddress property.
Another interesting note on this is, if you go to the Azure Resource Explorer and navigate to the virtualip resource, it still shows it in the same old format. If you try the PowerShell code the Azure Resource Explorer gives you to query the resource, it returns nothing.
Here is the PowerShell the Azure Resource Explorer said to use:
Get-AzureRmResource -ResourceGroupName MyRG -ResourceType Microsoft.Web/hostingEnvironments/capacities -ResourceName "myilbase/virtualip" -ApiVersion 2018-02-01
Looking for some help on how to parse the nested internalIpAddress property from the additionalProperties object
just traverse the object like you normally would:
--query "additionalProperties.internalIpAddress"
Related
I am trying get the properties of an Azure Disk Resource. When I run the command in my subscription
$R=Get-AzResource -Name <ResourceName>
It provides a list of properties given here I am specifically interested getting the Properties PSobject. However running the following command:
$R.Properties -eq $null
does returns true. When I look at this resource from Azure Portal (Same user principal as in Powershell command) in Json format I am given a selection of schemas to choose from and lots of properties are provided. Below is a sample:
"properties": {
"osType": "Linux",
"hyperVGeneration": "V2",
"supportsHibernation": true,
"supportedCapabilities": {
"acceleratedNetwork": true,
"architecture": "x64"
},
"creationData": {
"createOption": "FromImage",
"imageReference": {
"id": "xxx"
}
},
"diskSizeGB": 30,
"diskIOPSReadWrite": 500,
"diskMBpsReadWrite": 60,
"encryption": {
"type": "EncryptionAtRestWithPlatformKey"
},
"networkAccessPolicy": "AllowAll",
"publicNetworkAccess": "Enabled",
"timeCreated": "2023-01-09T13:38:24.500223+00:00",
"provisioningState": "Succeeded",
"diskState": "Attached",
"diskSizeBytes": 32213303296,
"uniqueId": "xxx"
What is the proper command to get this information using PowerShell?
You should set the ExpandProperties switch
https://learn.microsoft.com/en-us/powershell/module/az.resources/get-azresource?view=azps-9.3.0#-expandproperties
$resourceWithProperties = Get-AzResource -Name <ResourceName> -ExpandProperties
You can the access the properties with
$resourceWithProperties.Properties
You can get all properties using -ExapandProperties command and Alternative way of getting all properties is by using below commands:
Connect-AzAccount
$disk = Get-AzResource -ResourceId "/subscriptions/<subscriptionId>/resourceGroups/<Rg name>/providers/Microsoft.Compute/disks/<Diskname>"
$disk.Properties | Format-List *
Output:
When...
creating a new service principal using something like az ad sp create-for-rbac -n 'test' --sdk-auth
...then...
listing the new service principal attributes using !az role assignment list --assignee 'serv_princ_obj_id'
[
{
"canDelegate": null,
"id": "/subscriptions/redact/providers/Microsoft.Authorization/roleAssignments/redact",
"name": "redact",
"principalId": "redact",
"principalName": "http://test",
"principalType": "ServicePrincipal",
"roleDefinitionId": "/subscriptions/redact/providers/Microsoft.Authorization/roleDefinitions/redact",
"roleDefinitionName": "Contributor",
"scope": "/subscriptions/redact",
"type": "Microsoft.Authorization/roleAssignments"
}
]
...or assigning a system-assigned managed identity...
using az functionapp identity assign -g MyResourceGroup -n MyUniqueApp)...
There is often a --scope option. I can't find a list of these scopes and descriptions anywhere.
Looking for something like az account list-locations --query [].displayName but substitute [].scopes instead.
Does anyone know where these can be found?
In "az ad sp" command '--scopes' parameter refers to the target resource(with Subscription, Resource Group details) to which you want to attach the Service Principle.
Ex: az ad sp create-for-rbac -n "test" --role contributor
--scopes /subscriptions/{SubID}/resourceGroups/{ResourceGroupName}
So listing of scopes mean, you need to list resources within subscriptions you have access to. Below command might help:
az resource list --subscription --resource-group
Please refer this azure cli page.
Thank you #megh-6789. To expand on your answer, after running az resource list --subscription $sub_id, I can see the id for the resource matches the --scopes syntax I was looking for.
Example:
{
"id": "/subscriptions/redact/resourceGroups/redact/providers/Microsoft.Maps/accounts/redact",
"identity": null,
"kind": null,
"location": "global",
"managedBy": null,
"name": "redact",
"plan": null,
"properties": null,
"resourceGroup": "redact",
"sku": {
"capacity": null,
"family": null,
"model": null,
"name": "s1",
"size": null,
"tier": "Standard"
},
"tags": null,
"type": "Microsoft.Maps/accounts"
}
It looks like its possible to set scope to a subscription, resource group or resource-level.
As you can see below, I create a group, and then try and create a k8s cluster in this group, getting an error that 'default' doesn't exist. If i then wait another 15 minutes, the error changes. The 'DefaultResourceGroup-CCA' exists immediately, but not as 'defaultresourcegroup-cca', is this case sensitive?
Do you have a suggestion for either of these two errors?
If i delete the '--enable-addons monitoring', the 2nd error goes away, and it works (as long as I have waited ~15 minutes after the group create).
$ az group create --name socks --location canadacentral
{
"id": "/subscriptions/187362fc-9705-4173-9056-6bd387695cf0/resourceGroups/socks",
"location": "canadacentral",
"managedBy": null,
"name": "socks",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
don#cube:~/src-ag/corp-tools/gitlab-runner$ az group list
[
{
"id": "/subscriptions/187362fc-9705-4173-9056-6bd387695cf0/resourceGroups/DefaultResourceGroup-CCA",
"location": "canadacentral",
"managedBy": null,
"name": "DefaultResourceGroup-CCA",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
},
{
"id": "/subscriptions/187362fc-9705-4173-9056-6bd387695cf0/resourceGroups/socks",
"location": "canadacentral",
"managedBy": null,
"name": "socks",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
]
don#cube:~/src-ag/corp-tools/gitlab-runner$ az aks create --resource-group socks --name sock-shop --node-count 1 --node-vm-size Standard_F4s_v2 --enable-addons monitoring --generate-ssh-keys
Resource group 'defaultresourcegroup-cca' could not be found.
don#cube:~/src-ag/corp-tools/gitlab-runner$ az aks create --resource-group socks --name sock-shop --node-count 1 --node-vm-size Standard_F4s_v2 --enable-addons monitoring --generate-ssh-keys
Operation failed with status: 'Bad Request'. Details: Unable to get log analytics workspace info. Resource ID: /subscriptions/187362fc-9705-4173-9056-6bd387695cf0/resourcegroups/defaultresourcegroup-cca/providers/microsoft.operationalinsights/workspaces/defaultworkspace-187362fc-9705-4173-9056-6bd387695cf0-cca. Detail: operationalinsights.WorkspacesClient#GetSharedKeys: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The Resource 'Microsoft.OperationalInsights/workspaces/defaultworkspace-187362fc-9705-4173-9056-6bd387695cf0-cca' under resource group 'defaultresourcegroup-cca' was not found."
We are currently experiencing an outage in South Central US that is affecting ARM
https://azure.microsoft.com/en-us/status/
You will want to monitor the Azure Status Page for further updates. Unfortunately we cannot do anything until the problem has been mitigated by engineering.
I am using the following JSON input file to create a new notification hub in PowerShell:
"Name": "my-tester",
"Location": "West US",
"Tags": {
"tag1": "tag"
},
"Properties": {
"ApnsCredential": {
"Properties": {
"KeyId": "xxx",
"Token": "xxx",
"AppName": "xxx",
"AppId": "xxx",
"Endpoint":"https://api.push.apple.com:443/3/device"
}
},
"GcmCredential": {
"Properties": {
"GoogleApiKey": "yyyy"
}
}
}
}
The PowerShell command is:
$newHub = New-AzureRmNotificationHub -Namespace $nameSpace -ResourceGroup $resourceGroup -InputFile ".\$newHubName-HubProps.json"
The command does create the hub ...but the PNS credentials are empty (I also verified from the portal). So when I inspect the
newly created hub using this PowerShell, I get nothing. Here is the PowerShell command:
$newHubPnsCreds = Get-AzureRmNotificationHubPNSCredentials -Namespace $nameSpace -ResourceGroup $resourceGroup -NotificationHub $newHubName
# This returns nothing:
$newHubPnsCreds.GcmCredential
Any help is appreciated.
Regards
From a resource group with a tag defined named tag1 (did it through the portal), I have the following deployment template in Visual Studio:
{
"name": "appsettings",
"type": "config",
"apiVersion": "2015-08-01",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('websiteName'))]"
],
"tags": {
"displayName": "website AppSettings"
},
"properties": {
"Setting1": "[resourceGroup().tags.tag1]",
"Setting2": "[parameters('param2')]"
}
}
I get the this error:
... 'The language expression property 'tags' doesn't exist, available properties are 'id, name, location, properties'...
But using https://resources.azure.com I can see that resource group has the tag property indeed:
{
"id": "/subscriptions/{someguid}/resourceGroups/resourceGroup1",
"name": "resourceGroup1",
"location": "brazilsouth",
"tags": {
"tag1": "test"
},
"properties": {
"provisioningState": "Succeeded"
}
}
Is there any way to get the resource group tags inside the deployment template?
Update
As #juvchan pointed out, tags must exist or this error happens. I created the tag, but when deploying the template from VisualStudio tags are deleted, when deploying from the portal tags are kept. This lead to different issue and question.
Reason for this is the visual studio project has a PowerShell script with this line:
#Create or update the resource group using the specified template file and template parameters file
New-AzureRmResourceGroup -Name $ResourceGroupName -Location $ResourceGroupLocation -Verbose -Force -ErrorAction Stop
But the New-AzureRmResourceGroup cmdlet does not keep existing tags. Be aware. Solution: modify script to not run the cmdlet if resource group already exist.
Your ARM template syntax to get the resource group tag below is correct.
"[resourceGroup().tags.tag1]"
You need to make sure your resource group has the above mentioned tags created before deploy your ARM template in order to get the specific tag's value.
"tags": { "tag1": "test" },
I am able to reproduce your exact error when I try to deploy the ARM template to get the resource group tag which is not yet created.
I am also able to get the resource group tag value as expected in my ARM template deployment when I created the tag to resource group before the deployment.
{
"id": "/subscriptions/{id}/resourceGroups/ResourceGroupwithTag",
"name": "ResourceGroupwithTag",
"location": "southeastasia",
"tags": {
"displayName": "test"
},
"properties": {
"provisioningState": "Succeeded"
}
}
Output section of my ARM template to display the resource group tag.
"outputs": {
"rgTag": {
"type": "String",
"value": "[resourceGroup().tags.displayName]"
}
}
Hope this helps!