We have set up for over a year automated deployment to azure to do different steps. which has been working great last week one specific step has been failing. It is setting the partition size based on a variable.
this is the PS Code:
$secpasswd = ConvertTo-SecureString $OctopusParameters["AzureSearch.Admin.Password"] -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential ($OctopusParameters["AzureSearch.Admin.User"], $secpasswd)
Add-AzureRmAccount -Credential $creds
$Resource = Get-AzureRmResource -ResourceType "Microsoft.Search/searchServices" -ResourceGroupName $OctopusParameters["Azure.ResourceGroup"] -ResourceName $OctopusParameters["AzureSearch.SearchServiceName"]
$Resource.Properties.partitionCount = $OctopusParameters["AzureSearch.PartitionCount"]
$Resource | Set-AzureRmResource -Force
this is what the error message is now:
$Resource = Get-AzureRmResource -ResourceType "Microsoft.Search/searc ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : CloseError: (:) [Get-AzureRmResource], ErrorResponseMessageException
FullyQualifiedErrorId : DisallowedOperation,Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.GetAzureResourceCmdlet
is there some changes in Azure that caused this as of last week?
Not sure about the error, but you could use this command Set-AzureRmSearchService to set PartitionCount.
Note: You need to install AzureRM.Search powershell module, run this command Install-Module -Name AzureRM.Search -AllowPrerelease as admin in your powershell, more details see this link.
Command sample:
Set-AzureRmSearchService -ResourceGroupName "<ResourceGroupName>" -Name "<AzureSearchName>" -PartitionCount 2 -ReplicaCount 2
Result:
Related
I have a subscription I want to pause/resume with a PowerShell script (Azure Analysis Services). I use this exact same script to pause my Embedded Capacity and that works fine, but when I run my script for my new subscription it wont work. This is the script I use:
$userPassword = "myappsecret"
$userPassword2 = ConvertTo-SecureString -String $userPassword -AsPlainText -Force
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "appid", $userPassword2
Connect-AzAccount -ServicePrincipal -TenantId "tenantid" -Credential $Credential
Select-AzSubscription -SubscriptionId "subscriptionname here"
Get-AzPowerBIEmbeddedCapacity -ResourceGroupName "groupnamehere" -Name "namehere"
Suspend-AzPowerBIEmbeddedCapacity -Name "namehere" -ResourceGroupName "groupnamehere" -PassThru
To check why this won't work I tried to simply use Get-AzSubscription to see if something was wrong and it wont show any subscription.
If I try the same for my Embedded Capacity it works just fine.
What could be wrong?
To get the list of all Azure Ad subscriptions by using Get-AzSubscription, make sure that you have owner/admin role.
You can make use of the below command to get Azure Ad subscriptions for a specific tenant:
Make sure to connect-azaccount with Administrator details.
Get-AzSubscription -TenantId "your_tenant_id"
Get-AzContext command list the information of the Azure Subscription that is currently selected.
To use a specific subscription, you can make use of below command:
Get-AzSubscription -SubscriptionId "xxxx-xxxx-xxxx-xxxx" -TenantId "yyyy-yyyy-yyyy-yyyy" | Set-AzContext
Or please modify your code by adding the below snippet:
$subscriptionId = 'Your_Subscription_ID';
Select-AzSubscription -SubscriptionId $subscriptionId
You can check the Subscription Id via Azure Portal too.
Reference:
Get-AzSubscription (Az.Accounts) | Microsoft Docs
I need help on this scenario. we have a cert in azure key vault which needs to be download to a windows VM for our .net application to run on iis. I am able to upload the cert to Azure keyvault with out issues. I am running a azure devops powershell tasks inline powershell script.
it will connect to azure using conenct-azaccount with appropriate login creds.enter code here
we run invoke-azvmssruncommand and specific the script path and variable which needs to be passed as parameters.
in the PowerShell script we have script to get the cert from azure keyvualt once its connected to azure vm
below is the error
error: an error occurred while sending request. need your thoughts on it.
Invoke-AzVmssVMRunCommand -VMScaleSetName dev-CTUS -ResourceGroupName RG -InstanceId $instanceid -CommandId 'RunPowerShellScript'-ScriptPath "path"\downloadcertfromkeyvault.ps1" -Parameter #{"vaultname"= "keyvault name";"certname"="app-DEV";"password"= "jdksjkdjalksd";"said"="";"sapuserid"; password"="password";"devSubscriptionId"="ZXXXXXXXXXX"} -Debug
this is the command which i used in azure devops powershell inline script .
inside powershell script
$SecurePassword = "$sapassword" | ConvertTo-SecureString -AsPlainText -Force
$Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $said, $SecurePassword
Connect-AzAccount -Credential $Credential -Tenant "XXXXXXXXXXXX-a68c-41e5-XXXXXXXX"
Write-log "setting subscription to retrive certs"
Set-AzContext $devSubscriptionId
$password = "$password"
$password = ConvertTo-SecureString -String "$password" -AsPlainText -Force
$cert = Get-AzKeyVaultCertificate -VaultName $vaultname -Name $certname
$secret = Get-AzKeyVaultSecret -VaultName $vaultname -Name $cert.Name
$pfxpath = [System.Environment]::GetFolderPath("Desktop")
$secretByte = [Convert]::FromBase64String($secret.SecretValueText)
$x509Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($secretByte, "", "Exportable,PersistKeySet")
$type = [System.Security.Cryptography.X509Certificates.X509ContentType]::Pfx
$pfxFileByte = $x509Cert.Export($type, $password)
# Write to a file
[System.IO.File]::WriteAllBytes("$pfxpath\$certname.pfx", $pfxFileByte)
$certificate= Get-ChildItem -path cert:\LocalMachine\My` `
Write-Log $certificate
I am working on this official tutorial from MS Azure team to run a PowerShell Workflow runbook to start a VM. But when I start the following runbook (from step 6 of the tutorial), I get the error shown below. Question: What I may be missing, and how can we resolve the issue?
Remark: Start-AzVM is from Az.Compute module that I have already imported.
runbook code:
workflow MyFirstRunbook-Workflow
{
# Ensures that you do not inherit an AzContext in your runbook
Disable-AzContextAutosave –Scope Process
$Conn = Get-AutomationConnection -Name AzureRunAsConnection
Connect-AzAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint
$AzureContext = Get-AzSubscription -SubscriptionId $Conn.SubscriptionID
Start-AzVM -Name 'vm-cs-web01' -ResourceGroupName 'rg-cs-ansible1' -AzContext $AzureContext
}
Error:
Start-AzVM : Cannot bind parameter 'DefaultProfile'. Cannot convert the "a76c7e8f-210d-45e5-8f5e-525015b1c881" value of
type "Deserialized.Microsoft.Azure.Commands.Profile.Models.PSAzureSubscription" to type
"Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer".
At MyFirstRunbook-Workflow:11 char:11
+
+ CategoryInfo : InvalidArgument: (:) [Start-AzVM], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Azure.Commands.Compute.StartAzureVMCommand
Looks like it is a mistake in the doc, in this scenario, it should use Set-AzContext to set the subscription instead of using Get-AzSubscription to get the subscription, change the command like below, it will work fine.
workflow MyFirstRunbook-Workflow
{
# Ensures that you do not inherit an AzContext in your runbook
Disable-AzContextAutosave –Scope Process
$Conn = Get-AutomationConnection -Name AzureRunAsConnection
Connect-AzAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint
$AzureContext = Set-AzContext -SubscriptionId $Conn.SubscriptionID
Start-AzVM -Name 'vm-cs-web01' -ResourceGroupName 'rg-cs-ansible1' -AzContext $AzureContext
}
I have the following powershell code for suspending azure d/w
$TenantId = "<>"
$SubscriptionId = "<>"
# Get the service principal credentials connected to the automation account.
$SPCredential = Get-AutomationPSCredential -Name "psvar"
# Login to Azure ($null is to prevent output, since Out-Null doesn't work in Azure)
Write-Output "Login to Azure using automation account 'psvar'."
$null = Login-AzureRmAccount -TenantId $TenantId -SubscriptionId $SubscriptionId -Credential $SPCredential
Write-Output "Login Status "
# Select the correct subscription
Write-Output "Selecting subscription '$($SubscriptionId)'."
$null = Select-AzureRmSubscription -SubscriptionID $SubscriptionId
$ResourceGroupName = '<>'
$ServerName = '<>'
$DatabaseName = '<>'
Write-Output "Suspending $($DatabaseName)..."
$null = Suspend-AzureRmSqlDatabase `
-ResourceGroupName $ResourceGroupName`
-DatabaseName $DatabaseName`
-ServerName $ServerName
Write-Output "Done"
Suspend azure rm sqldatabase works fine in PowerShell Azure Command line interface
But in runbook automation it fails with
Suspend-AzureRmSqlDatabase : Run Login-AzureRmAccount to login.
At line:33 char:9
+ $null = Suspend-AzureRmSqlDatabase `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Suspend-AzureRmSqlDatabase], PSInvalidOperationException
+ FullyQualifiedErrorId :
InvalidOperation,Microsoft.Azure.Commands.Sql.DatabaseActivation.Cmdlet.SuspendAzureSqlDatabase
Any idea what could be wrong. Appreciate any pointers regarding this
I test your script, it works in the runbook.
Navigate to the automation account -> Credentials, make sure your user account name and password are correct.
If it still not work, you could try my solution here, it works.
For Azure Synapse analytics we need to use
Update-AzSynapseSqlPool -WorkspaceName <wsname>-Name <dbname> -Pause
When I run the Remove-AzureRmStorageAccount command in the Azure PowerShell task I get this error:
2019-01-24T13:07:29.0148404Z ==============================================================================
2019-01-24T13:07:29.0148533Z Task : Azure PowerShell
2019-01-24T13:07:29.0148602Z Description : Run a PowerShell script within an Azure environment
2019-01-24T13:07:29.0148688Z Version : 3.1.18
2019-01-24T13:07:29.0148847Z Author : Microsoft Corporation
2019-01-24T13:07:29.0148947Z Help : [More Information](https://go.microsoft.com/fwlink/?LinkID=613749)
2019-01-24T13:07:29.0149050Z ==============================================================================
2019-01-24T13:07:30.2233628Z ##[command]Import-Module -Name C:\Program Files\WindowsPowerShell\Modules\AzureRM\6.13.1\AzureRM.psd1 -Global
2019-01-24T13:07:42.1447157Z ##[command]Clear-AzureRmContext -Scope Process
2019-01-24T13:07:42.7204663Z ##[command]Disable-AzureRmContextAutosave -ErrorAction SilentlyContinue
2019-01-24T13:07:43.0466903Z ##[command]Add-AzureRMAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzureCloud #processScope
2019-01-24T13:07:44.1568578Z ##[command] Select-AzureRMSubscription -SubscriptionId XXXXX -TenantId ***
2019-01-24T13:07:44.5546953Z ##[command]& 'D:\a\_temp\XXXXX.ps1'
2019-01-24T13:07:44.6950579Z ##[command]Disconnect-AzureRmAccount -Scope Process
2019-01-24T13:07:45.1149833Z ##[command]Clear-AzureRmContext -Scope Process
2019-01-24T13:07:45.5569262Z ##[error]Windows PowerShell is in NonInteractive mode. Read and Prompt functionality is not available.
This is the script I run:
Remove-AzureRmStorageAccount `
-ResourceGroupName "myResourceGroupName" `
-AccountName "mystorageaccountname"
-Force
Note that I can create the storage account and the blob container in the same way without errors. This script works without any errors:
if(Get-AzureRmStorageAccountNameAvailability -Name "mystorageaccountname")
{
New-AzureRmStorageAccount `
-ResourceGroupName "myResourceGroupName" `
-AccountName "mystorageaccountname" `
-Location "West Europe" `
-SkuName "Standard_LRS"
New-AzureRmStorageContainer `
-ResourceGroupName "myResourceGroupName" `
-AccountName "mystorageaccountname" `
-ContainerName "my-blob-container" `
-PublicAccess "Blob"
}
How do I get the remove to work without errors through the Azure DevOps pipeline?
that happens because its asking to confirm deletion (##[error]Windows PowerShell is in NonInteractive mode. Read and Prompt functionality is not available), you are missing: `.
Remove-AzureRmStorageAccount `
-ResourceGroupName "myResourceGroupName" `
-AccountName "mystorageaccountname" ` <<<<< here
-Force
just retested it, it works without prompts if you supply -Force