I am deploying an new metric alert to Azure with an ARM template.
I am following the exact same way of Microsoft doc.
With the only change that I deploy just 1 metric to an Automation account and not to an storage account
Template file
"variables": {
"criterion1": "[array(parameters('criterion1'))]",
"criteria": "[concat(variables('criterion1'))]"
},
"resources": [
{
"name": "[parameters('alertName')]",
"type": "Microsoft.Insights/metricAlerts",
"location": "global",
"apiVersion": "2018-03-01",
"tags": {},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria",
"allOf": "[variables('criteria')]"
},
"actions": [
{}
]
}
}
]
parameter file
"criterion1": {
"value": {
"name": "1st criterion",
"metricName": "TotalJob",
"dimensions": [
{
"name": "Status",
"operator": "Include",
"values": [
"Failed"
]
},
{
"name": "Status",
"operator": "Include",
"values": [
"Completed"
]
}
],
"operator": "GreaterThan",
"threshold": "5",
"timeAggregation": "Total"
}
}
But when i deploy this to Azure my Powershell command get stuck without giving any errors even with -DeploymentDebugLogLevel All parameter on it. In Azure portal I got the error "Internal server error" without any context. The json log gives me following logs:
{
"authorization": {
"action": "Microsoft.Insights/metricAlerts/write",
"scope": "/subscriptions/xxxxxx/resourcegroups/bilalachahbar/providers/Microsoft.Insights/metricAlerts/New Metric Alert"
},
"caller": "xxxx",
"channels": "Operation",
"claims": {
"aud": "https://management.azure.com/",
"iss": "https://sts.windows.net/17b5a1d-057c-4ac-a15a-08758f7a7064/",
"iat": "15596014",
"nbf": "15596014",
"exp": "15599914",
"aio": "42RgYDgypS7rfe/Of0l1R+q3TbCgA=",
"appid": "0e4a093a-c6fd-4fba-b4e5-f07ba479f203",
"appidacr": "1",
"http://schemas.microsoft.com/identity/claims/identityprovider": "https://sts.windows.net/17xxxxxc5-a15a-08758f7a7064/",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "a3db39bf-8c65-4b84-b049-d7af99bfb3e",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "a3db39bf-8c65-4b84-b049-d7af99bfb3e",
"http://schemas.microsoft.com/identity/claims/tenantid": "1xxxxxx057c-4ac5-a15a-087f7a7064",
"uti": "SCkIk235EScz0Hst20AA",
"ver": "1.0"
},
"correlationId": "8013b5-9788-41ed-afcf-0dbd8276349c",
"description": "",
"eventDataId": "e39509-0837-4435-af7a-02ba1462055f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"category": {
"value": "Administrative",
"localizedValue": "Administrative"
},
"eventTimestamp": "2018-12-27T14:11:48.1462445Z",
"id": "/subscriptions/xxxxx/resourcegroups/xxxxxx/providers/Microsoft.Insights/metricAlerts/New+Metric+Alert/events/e39509-0837-4435-af7a-02ba1462055f/ticks/815167081462445",
"level": "Error",
"operationId": "e390389-ecc1-4a2-8c2-d94ea635cb",
"operationName": {
"value": "Microsoft.Insights/metricAlerts/write",
"localizedValue": "Create or update metric alert"
},
"resourceGroupName": "xxxxx",
"resourceProviderName": {
"value": "Microsoft.Insights",
"localizedValue": "Microsoft Insights"
},
"resourceType": {
"value": "Microsoft.Insights/metricAlerts",
"localizedValue": "Microsoft.Insights/metricAlerts"
},
"resourceId": "/subscriptions/xxxxxx/resourcegroups/bilalachahbar/providers/Microsoft.Insights/metricAlerts/New Metric Alert",
"status": {
"value": "Failed",
"localizedValue": "Failed"
},
"subStatus": {
"value": "InternalServerError",
"localizedValue": "Internal Server Error (HTTP Status Code: 500)"
},
"submissionTimestamp": "2018-12-27T14:12:05.0719055Z",
"subscriptionId": "xxxxxx",
"properties": {
"statusCode": "InternalServerError",
"serviceRequestId": "8613b5-9788-41d-afcf-0dbd27639c",
"statusMessage": "{\"error\":{\"code\":\"InternalServerError\",\"message\":\"The server encountered an internal error, please retry. If the problem persists, contact support.\"}}"
},
"relatedEvents": []
}
An other stack overflow question got an sort of same question.
He got the problem when using an resource that is not supported anymore but I guess that is not the case with me because the official MS documentation is from september this year. I got the same issues when I use the exact same arm template that is provided in the documentation
I found my own error
Action groups are required when you want to deploy metric alerts.
As you can see in the documentation they provide an action ID, and I didn't. As I thought that it wasn't necessary it actually is.
I know this is obvious but unfortunately I did not saw this in the documentation or in the error. After some debugging and looking in the Resource Explorer I've noticed this.
SO future reader I hope this will solve your issue
One little feedback is that there is no depends on value ATM so I can not create an action group resource first in the same arm template
Related
I have an ARM template with these two monitoring types:
Microsoft.Insights/alertrules
microsoft.insights/metricAlerts
The Microsoft.Insights/alertrules looks like this:
{
"apiVersion": "2014-04-01",
"name": "[concat('CPUHigh ', parameters('hostingPlanName'))]",
"type": "Microsoft.Insights/alertrules",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]"
],
"tags": {
"[concat('hidden-link:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]": "Resource",
"displayName": "CPUHighAlertRule"
},
"properties": {
"name": "[concat('CPUHigh ', parameters('hostingPlanName'))]",
"description": "[concat('The average CPU is high across all the instances of ', parameters('hostingPlanName'))]",
"isEnabled": true,
"condition": {
"odata.type": "Microsoft.Azure.Management.Insights.Models.ThresholdRuleCondition",
"dataSource": {
"odata.type": "Microsoft.Azure.Management.Insights.Models.RuleMetricDataSource",
"resourceUri": "[concat(resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"metricName": "CpuPercentage"
},
"operator": "GreaterThan",
"threshold": 90,
"windowSize": "PT15M"
},
"action": {
"odata.type": "Microsoft.Azure.Management.Insights.Models.RuleEmailAction",
"sendToServiceOwners": true,
"customEmails": []
}
}
}
And the microsoft.insights/metricAlerts looks like this
{
"type": "microsoft.insights/metricAlerts",
"apiVersion": "2018-03-01",
"name": "CreatedThisFromARM",
"location": "global",
"properties": {
"description": "Created this from ARM. Does it show up or not?",
"severity": 3,
"enabled": true,
"scopes": [
"/subscriptions/4ec6f523-de5f-4e8a-a6e7-45e4f53170df/resourceGroups/AzureResourceGroup4/providers/Microsoft.Web/serverFarms/plantestmonitor"
],
"evaluationFrequency": "PT1M",
"windowSize": "PT5M",
"criteria": {
"allOf": [
{
"criterionType": "StaticThresholdCriterion",
"name": "MemoryFromARM",
"metricName": "MemoryPercentage",
"dimensions": [],
"operator": "GreaterThan",
"threshold": 90,
"timeAggregation": "Average"
}
],
"odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria"
},
"actions": []
}
}
When I enter my monitor tab I can see microsoft.insights/metricAlerts but not the Microsoft.Insights/alertrules. I would expect to see both. If I go to the Insights (preview) tab under the Monitoring menu of the resource group, I can see both.
I am wrong in my opinion that i should see both types under the Monitor --> Alerts? Or?
Maybe I am not understanding the difference between the two clearly enough (and my google foo hasn't been able to bring me to some doc that describe it for me). Maybe I am misunderstanding the two concepts?
After a while the alertRule is appearing in the classic alerts section that is referred to when entering "Alerts" in monitor. So I can see both from the Monitor. You just have to wait a bit.
As I can see the "Alerts(Classic) will be retired on August 31st. Use the voluntary migration tool to upgrade to the faster, simpler, and more scalable metric alerts platform", so the classic alerts must be Microsoft.Insights/alertrules. So metricAlerts is the future of Azure monitoring. Please correct me if I am wrong.
I have an Azure resource manager template that quite often, but now always, give me a strange error when I try to deploy it. My gut feeling is that this started a few days ago, but I’m not sure what the reason is. The deployments most of the times end with the error message:
"error": {
"code": "properties.search.query is not a valid log or metric query.An error occurred while sending the request.",
"message": {
"lang": "en-US",
"value": "properties.search.query is not a valid log or metric query.An error occurred while sending the request."
},
"innererror": {
"stacktrace": "System.ArgumentException: properties.search.query is not a valid log or metric query.An error occurred while sending the request.\r\n at Microsoft.AppInsights.Nexus.ResourceProvider.Validation.Ensure.IsTrue(Boolean value, String message)…
This doesn’t say me much :-( I have noticed that they deployment works fine if I remove this section from my template:
{
"name": "[concat('ExceptionOccured ', variables('insightsNames')[copyIndex()])]",
"apiVersion": "2018-04-16",
"type": "Microsoft.Insights/scheduledQueryRules",
"location": "East US",
"tags": {
"[concat('hidden-link:', resourceId('microsoft.insights/components', variables('insightsNames')[copyIndex()]))]": "Resource"
},
"properties": {
"description": "Some exception has been logged.",
"enabled": "true",
"source": {
"query": "exceptions",
"authorizedResources": [],
"dataSourceId": "[resourceId('microsoft.insights/components', variables('insightsNames')[copyIndex()])]",
"queryType": "ResultCount"
},
"schedule": {
"frequencyInMinutes": 60,
"timeWindowInMinutes": 60
},
"action": {
"severity": "1",
"status": "Active",
"aznsAction": {
"actionGroup": [
"[resourceId('microsoft.insights/actionGroups', variables('alertGroupName'))]"
]
},
"trigger": {
"thresholdOperator": "GreaterThan",
"threshold": 0,
"consecutiveBreach": 1
},
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction"
}
},
"dependsOn": [
"[resourceId('microsoft.insights/components', variables('insightsNames')[copyIndex()])]",
"[resourceId('microsoft.insights/actionGroups', variables('alertGroupName'))]"
],
"copy": {
"name": "insightscopy",
"count": "[length(variables('insightsNames'))]"
},
"condition": "[greater(length(parameters('alertEmail')), 0)]"
},
This is a loop to setup alerts for some application insights projects. Is there some error in this section?
I started getting this yesterday too. Same alerting structure, same error. I tried ~30mins later and it worked fine. Not what you wanted to hear, but I couldnt't find the reason why either.
i'm having continual trouble keeping a triggered webjob up and running on Azure, after digging around in some logs i located one for the 'start' webjob it looks to me there is an authorisation on the service which is specifically scoped for the triggered webjob.
what i'm thinking is the authentication is expiring and not auto-renewing so the triggered webjob fails and moves to an aborted state.
we have already tried setting the configuration setting for the webjob to 12 months (in seconds) and we have applied a heartbeat, service still shuts down though.
log details below;
also does anybody know what e_exp is?
that roughly equates to 3 days in seconds
{
"authorization": {
"action": "Microsoft.Web/sites/TriggeredWebJobs/run/action",
"scope": "/subscriptions/some GUID/resourceGroups/.../providers/Microsoft.Web/sites/.../TriggeredWebJobs/Processing"
},
"caller": "some GUID",
"channels": "Operation",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/some GUID/",
"iat": "1537204596",
"nbf": "1537204596",
"exp": "1537208496",
"aio": "numbers and letters",
"appid": "some GUID",
"appidacr": "1",
"e_exp": "262800",
"http://schemas.microsoft.com/identity/claims/identityprovider": "https://sts.windows.net/some GUID/",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "some GUID",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "some GUID",
"http://schemas.microsoft.com/identity/claims/tenantid": "some GUID",
"uti": "numbers and letters",
"ver": "1.0"
},
"correlationId": "some GUID",
"description": "",
"eventDataId": "some GUID",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"category": {
"value": "Administrative",
"localizedValue": "Administrative"
},
"eventTimestamp": "2018-09-17T17:21:50.2300614Z",
"id": "/subscriptions/some GUID/resourceGroups/qcp-ghs-prd/providers/Microsoft.Web/sites/.../TriggeredWebJobs/Processing/events/some GUID/ticks/...",
"level": "Informational",
"operationId": "some GUID",
"operationName": {
"value": "Microsoft.Web/sites/TriggeredWebJobs/run/action",
"localizedValue": "Run Web Apps Triggered WebJobs"
},
"resourceGroupName": "...",
"resourceProviderName": {
"value": "Microsoft.Web",
"localizedValue": "Azure Web Sites"
},
"resourceType": {
"value": "Microsoft.Web/sites/TriggeredWebJobs",
"localizedValue": "Microsoft.Web/sites/TriggeredWebJobs"
},
"resourceId": "/subscriptions/some GUID/resourceGroups/.../providers/Microsoft.Web/sites/qcp-ghs-prd-ase/TriggeredWebJobs/Processing",
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "OK",
"localizedValue": "OK (HTTP Status Code: 200)"
},
"submissionTimestamp": "2018-09-17T17:22:18.6120141Z",
"subscriptionId": "some GUID",
"properties": {
"statusCode": "OK",
"serviceRequestId": "some GUID"
},
"relatedEvents": []
}
I am trying to update AppRoles of my Azure AD app through MS Graph Explorer. The App is for setup SSO with our AWS account.
The URI looks like below. GET query returns all the properties of the Service Principal correctly.
https://graph.microsoft.com/beta/servicePrincipals/2141b14a-096a-4f26-a73f-4175a4f475f7
But when trying to "PATCH" the section of "appRoles", I received the error below:
{
"error": {
"code": "Request_BadRequest",
"message": "One or more properties on the service principal does not match the application object.",
"innerError": {
"request-id": "0408c2a3-1f1c-4dd6-aacf-6c2c1cca8b98",
"date": "2018-08-10T01:13:40"
}
}
}
The Request Body is as below (The code is slightly modified for masking)
{ "appRoles": [
{
"allowedMemberTypes": [
"User"
],
"displayName": "AWS Developers",
"id": "7dfd756e-8c17-4472-b2b7-38c17fc5de79",
"isEnabled": true,
"description": "Developers",
"value": "arn:aws:iam::12345678910:role/developers-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "AWS Admins",
"id": "7dfd756e-8c27-4412-b1b7-38c17fc1de83",
"isEnabled": true,
"description": "AWS-Admins-SAML-AzureAD",
"value": "arn:aws:iam::12345678910:role/Admins-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "IT MGMT",
"id": "7dfd756e-8c17-4172-b1b7-38c11fc1de81",
"isEnabled": true,
"description": "ITS-MGMT-SAML-AzureAD",
"value": "arn:aws:iam::12345678910:role/ITMGMT-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "S3 Bucket Admins",
"id": "7dfd756e-8c17-4412-b1b1-31c17fc1de18",
"isEnabled": true,
"description": "AWS-S3-Admins-SAML-AzureAD",
"value": "arn:aws:iam::12345678910:role/AWS-S3-Admins-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "EC2 Admins",
"id": "7d1d756e-8c27-4471-12b7-38c17fc5de78",
"isEnabled": true,
"description": "AWS-EC2-Admins-SAML-AzureAD",
"value": "arn:aws:iam::12345678910:role/AWS-EC2Admins-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "Network Admins",
"id": "1dfd756e-8c27-4472-b2b7-38c11fc5de67",
"isEnabled": true,
"description": "AWS-Network-Admins-SAML-AzureAD",
"value": "arn:aws:iam::12345678910:role/Network-Admins-SAML-AzureAD,arn:aws:iam::12345678910:saml-provider/AzureAD"
},
{
"allowedMemberTypes": [
"User"
],
"displayName": "msiam_access",
"id": "7dfd756e-8c21-1471-b1b7-11c27fc5de5e",
"isEnabled": true,
"description": "msiam_access",
"value": null
}]}
I validated the JSON codes but MS Graph Explorer still tells me things are missing.
I tried to run the PATCH query with all properties of the Azure AD App, but received the same error.
Did anyone encounter this before? What is your fix?
We are working on an app that allows our Azure administrator to monitor Azure Resource requests by people in organization.
There is a requirement where I want to get list of all possible SKUs and SKU capacities through some API if available. I could have hard coded the values but considering the frequency of changes being brought by Microsoft to Azure subscription plans, I wanted to make it more generic and dog feed by Azure itself.
I could not find any API endpoint under Azure Rest API that provides us list of SKUs and Capacities for requested resource type.
Has anyone figured it out already? if not, what is the alternative and better approach?
Rahul.
The pattern for the Azure SKUs API in Azure Resource Manager is HTTP GET {resourceId}/skus?api-version=...
As others have indicated, there doesn't seem to be a good way to discover which ARM resource types have implemented the SKUs API. If you are looking for a generic option today, I would consider the following approach --
1) Gather a list of ARM resource ids in the subscription(s). You can use the ARM resources API to get this list.
2) For each resource id, call the following to retrieve the SKUs: GET {resourceId}/skus?api-version=...
3) Keep track of which ARM resource types return non-2xx status codes. These resource types do not implement the SKUs API and your code should ignore these resource types today.
Here are a few examples of the SKUs API for two common ARM resource types:
armclient get /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachineScaleSets/{name}/skus?api-version=2017-03-30
armclient get /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Web/serverFarms/{name}/skus?api-version=2014-04-01
As 4c74356b41 mentioned some might have that feature and some not. We can get the Azure REST API from the official document. And we can get some List SKU REST APIs, detail please refer to screenshot. You also can give your feedback to the Azure team.
Looks like Azure has made this REST API available now:
Resource Skus - List
Get all the resources in a subscription.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Compute/skus?api-version=2021-07-01
Sample Response:
{
"value": [
{
"resourceType": "virtualMachines",
"locations": [
"westus"
],
"capabilities": [
{
"name": "MaxResourceVolumeMB",
"value": "20480"
},
{
"name": "OSVhdSizeMB",
"value": "1047552"
},
{
"name": "vCPUs",
"value": "1"
},
{
"name": "HyperVGenerations",
"value": "V1"
},
{
"name": "MemoryGB",
"value": "0.75"
},
{
"name": "MaxDataDiskCount",
"value": "1"
},
{
"name": "LowPriorityCapable",
"value": "False"
},
{
"name": "PremiumIO",
"value": "False"
},
{
"name": "vCPUsAvailable",
"value": "1"
},
{
"name": "ACUs",
"value": "50"
},
{
"name": "vCPUsPerCore",
"value": "1"
},
{
"name": "EphemeralOSDiskSupported",
"value": "False"
},
{
"name": "AcceleratedNetworkingEnabled",
"value": "False"
},
{
"name": "RdmaEnabled",
"value": "False"
},
{
"name": "MaxNetworkInterfaces",
"value": "2"
}
],
"locationInfo": [
{
"location": "westus",
"zones": [
"2",
"1"
],
"zoneDetails": [
{
"name": [
"2"
],
"capabilities": [
{
"name": "UltraSSDAvailable",
"value": "True"
}
]
}
]
}
],
"name": "Standard_A0",
"tier": "Standard",
"size": "A0",
"family": "standardA0_A7Family"
},
{
"resourceType": "virtualMachines",
"locations": [
"westus"
],
"capabilities": [
{
"name": "MaxResourceVolumeMB",
"value": "71680"
},
{
"name": "OSVhdSizeMB",
"value": "1047552"
},
{
"name": "vCPUs",
"value": "1"
},
{
"name": "HyperVGenerations",
"value": "V1"
},
{
"name": "MemoryGB",
"value": "1.75"
},
{
"name": "MaxDataDiskCount",
"value": "2"
},
{
"name": "LowPriorityCapable",
"value": "True"
},
{
"name": "PremiumIO",
"value": "False"
},
{
"name": "vCPUsAvailable",
"value": "1"
},
{
"name": "ACUs",
"value": "100"
},
{
"name": "vCPUsPerCore",
"value": "1"
},
{
"name": "EphemeralOSDiskSupported",
"value": "False"
},
{
"name": "AcceleratedNetworkingEnabled",
"value": "False"
},
{
"name": "RdmaEnabled",
"value": "False"
},
{
"name": "MaxNetworkInterfaces",
"value": "2"
}
],
"locationInfo": [
{
"location": "westus",
"zones": [
"1",
"2",
"3"
]
}
],
"name": "Standard_A1",
"tier": "Standard",
"size": "A1",
"family": "standardA0_A7Family"
}
],
"nextLink": null
}