I have a requirement to deploy the azure resource group implemented at DEV to UAT/PROD.
I have found that after downloading the template.json of the resource group by using the "Automation Script", we cannot see the code of the function available in the resource group.
So, is there any other way to download the Resource group ARM template with the function code?
I need the function code to the same ARM template JSON file to resolve the dependency of the function code into the used LOGIC apps available in the same resource group.
Can anyone share the proper ARM deployment procedure steps which contain the Function APPS, Function CODE, Logic APPS (dependent on the function code), Storage Account etc...?
Any help would much be appreciated.
Related
I am using Terraform to provision my Azure resources which works great, however, for some resources such as Logic Apps, doing this natively doesn't really work so I am using the Logic Apps ARM template and doing a Terraform "azurerm_resource_group_template_deployment" in order to provision. I know doing an ARM template deployment within Terraform is a bit of a last resort. It works ok though and deploys fine but I have a Service Bus connection defined and that is of type "securestring". By default, these are not saved as part of ARM deployment so everytime Terraform runs in my pipeline, even if the Logic App ARM template has not changed, it still does the deployment as the top level deployment state Terraform knows about previously did not have the value saved so will always see it as new. Is there any way around this other than changing the "securestring" to "string" which I obviously do not want to do given the endpoint contains the SAS key etc?
Hit same issues today - really limits what is viable. Managed to work around my two scenario's.
For things like keys and connection strings you can use the listkeys function inside of the ARM template - some examples here. I had this exact issue trying to get a log analytics workspace key in to the template - https://github.com/Azure/azure-quickstart-templates/blob/master/demos/arm-template-retrieve-azure-storage-access-keys/azuredeploy.json - Get connection strings in ARM
Another scenario I had was wanting to pass a service principal secret from TF to template as securestring, to get around this I ended up getting the secret from keyvault inside of the ARM template instead.
I have already installed my azure environment with a VM, a storage account and a data base server, and it works fine, but now i want to export the ARM template in order to automate the whole proccess to my customers. The problem is that when exporting this message shows up:
error
So the question is how do i export an ARM template correctly from Azure with all my resources without having to do much fixing my final template?
that is expected. some resource types cannot be exported. you'd have to take a look at the api definition and use that to export those (say at resources.azure.com)
Simple: use bicep. Azure Resource Manager's transpiler (it's a sweeter syntax that solves your needs)
In Bicep the directive you're looking for in your Azure Resource Manager "ARM" template is keyword "existing"
https://github.com/Azure/bicep/blob/main/docs/tutorial/05-loops-conditions-existing.md
keyword "existing" lets you reference a resource without a complete definition.
Otherwise you need to provide the entire ARM definition for the object.
Export failures per resource type occur when a given resource types schema is not available. We are looking into how we can autogenerate schemas for Azure resource providers and onboarding them to this new process, improving the overall success of the Export Template API.
I am testing a build/release of a very simple ADF (just one activity), the build, repository, arm template export all seem ok until when I run the release task, the error shows up in the final step, that says:
"error": {
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.DataFactory/factories/htTestDF' under resource group 'xxx-rg' was not found."
}
I watched several tutorials and microsoft web sites, and tried exporting the ARM template several times, the same error occurs. Any ideas will be greatly appreciated.
Thanks for your details clarifies in comments. Now, the error message you met caused by using a different target resource group as this ARM template deploy to.
To make this more clear, I reproduce the issue based on the details you provided. Fortunately, got the same error with you. Now, let's focus on its log, then get why it cause the Not Found error.(Please set debug=true)
As I mentioned in the above pic, it is the api that this task used at first step while the template begin to apply into the corresponding resource group and deployment. For more cleared, please refer to this REST API doc firstly: Deployments - Create Or Update.
The logic of this task is compile parameters from ARM template file, pack them and use it as request body for this PUT api call. See its api doc, you can get that for this API call, its resourceGroupName and deploymentName need to be specified firstly. In another words, if you specified another target resource group, it would not find the correct target place that can apply this template definition. Because, you can see that this ARM template is preparing to applying activities SetVariable into your Data Factory HTDF3 and the defined pipelines name is HTPipe1. But these should all not exists in your target Resource Group. Thus it caused the error like this:
"error": {
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.DataFactory/factories/Merlin-1003' under resource group 'Merlin-ARM-deploy' was not found."
}
In my sample, Merlin-ARM-deploy is my target resource group.
If you want to deploy this into your target resource group, you need to create one data factory manually, or use another ARM Template to create a new one same factory in the target resource group. If you choose the previous method, just then modify the template.json file, to let its parameters correspond to the actual target resource group. But if use the second method, do not operate anything. Just apply them with task.
The ARM template generated by ADF(publish) cannot be deployed directly to a new RG.
Solution
Create RG(optional, assuming it is IAC(infra as code))
Run a powershell script task in pipeline to create an empty ADF(do not use empty ARM instead). Since it is not ARM you would need to put an optional condition to check if it already exists)
Set-AzDataFactoryV2 -ResourceGroupName "RG" -Name "ADF" -Location "North Europe"
Now we can execute the ARM template from publish folder (the one you had given)
Errors in ADF publish system.
The ARM template need to be generated in such a way that it is
idempotent(should also create afresh if not present). But it is not
at the moment. It expects an ADF to be present already(strangely).
When an empty ARM template created in another RG is used to create a fresh empty ADF in this RG(newly created), it fails. Well, it creates empty ADF but we cannot put adf_publish(default publish folder for ADF) on top of it because we get 'resource not found error'.
But when we manually create an ADF and run the adf_publish template
then it works! But ofcourse, this is not what we want.
Why does manual & powershell work(empty + publish) but not ARM template? It could be that the ARM Template has wrong location/region mentioned in it but that was not the case.(really puzzling to me)
I am trying to replicate an existing Azure resource group using arm templates from the automation script section but running into a warning message about 10 resources types cannot be exported yet. One being Azure data factory. After searching online I found that templates for some resource types are not yet available. While looking at the Deployment section in my resource group, I am able to see a deployment details download link for each resource.
Can those be used to recreate each resource into a new resource group? Or is my best bet downloading the template from the automation script section and manually adding the resources for which the template are not yet available?
Any help would be appreciated.
Some of the warnings I got:
ResourceTypeSchemaNotFound:
***The schema of resource type 'Microsoft.DataFactory/dataFactories' is not available. Resources of this type will not be exported to the
template. (Code: ResourceTypeSchemaNotFound, Target:
Microsoft.DataFactory/dataFactories
ExportTemplateProviderError: all related to sql server
***Could not get resources of the type 'Microsoft.Sql/servers/connectionPolicies'. Resources of this type
will not be exported. (Code: ExportTemplateProviderError, Target:
Microsoft.Sql/servers/connectionPolicies)
***Could not get resources of the type 'Microsoft.Sql/servers/backupLongTermRetentionVaults'
***Could not get resources of the type 'Microsoft.Sql/servers/extendedAuditingSettings'.
The Azure resource group ARM templates from the automation script section are not as comprehensive as they should probably be. For example, it is quite possible to deploy a Data Factory instance from ARM. It provides a reasonable starting point but you will find resources that don't deploy as well as a lot of superfluous cruft.
The approach I take is to start from a clean template in Visual Studio and then construct a project from a blank template or quick-start, then refer to the template documentation and build up from scratch, using your exported ARM template from your resource group to help work out how it should look. This results in a nice clean reusable template project.
Unfortunately I have not found an better way yet.
How can you get the Azure automation script for just a single service?
In this case I've selected an App Service Plan, but when I click on it's "Automation script" in the Azure Portal, I get the script for everything (minus the various resource types "that cannot be exported yet" )
Unfortunately, export function only allows to export everything in the resource group, so you get an ARM template that represents the resource group.
If you want to get an ARM template solely for that resource, please deploy it into it's own resource group and then use the Automation script option.
Alternatively, you can use armviz to get a visual representation. When you click on a particular element, it will take you directly to that object in the arm template. Not exactly what you are looking for, but might give you enough.
You can't export just a single resource if there are multiple resources in the resource group, but maybe visual studio can help.
If you export the template and load it in VS as an arm template project, you can easily delete the other resources from the sidebar and leave just the one you need. You might also need to clean up the vars/params though.