Recently I had issues to deploy an IoT Hub. I used an Azure Resource Manager (ARM) template that worked so far but then resulted in the error Default eventHub endpoint 'operationsMonitoringEvents' is missing. Below what you have to add to achieve a successfull deployment.
You must have to add the following section in IoT Hub ARM Template :
"operationsMonitoringEvents": {
"retentionTimeInDays": "[parameters('retentionDays')]",
"partitionCount": "[parameters('partitionCount')]"
}
The above section is not required to add in ARM Template when creating new IoT Hub but if it is not added in ARM Template and deploy to portal, it will add the above section at time of deployment.
So when we do the incremental deployment with the same ARM Template(Which does not contain the above section), it will compare with the existing ARM Template deployed on portal and with the current deploying one which cause to the above error.
So we also face this error in past and resolved by adding the above code in ARM Template.
You need to add the eventHub endpoint 'operationsMonitoringEvents'
"operationsMonitoringEvents": {
"retentionTimeInDays": "[parameters('opMonRetentionTimeInDays')]",
"partitionCount": "[parameters('opMonPartitionCount')]",
"path": "[concat(parameters('iotHubName'),'-operationmonitoring')]",
"endpoint": "[parameters('opMonEndpoint')]"
}
The endpoint can be found e.g. via the portal here
Additionally you can configure operations monitoring e.g. via
"operationsMonitoringProperties": {
"events": {
"None": "None",
"Connections": "None",
"DeviceTelemetry": "None",
"C2DCommands": "None",
"DeviceIdentityOperations": "None",
"FileUploadOperations": "None",
"Routes": "None"
}
}
Edit: as mentioned by Dipti Mamidala it is also enough to add only
"operationsMonitoringEvents": {
"retentionTimeInDays": "[parameters('opMonRetentionTimeInDays')]",
"partitionCount": "[parameters('opMonPartitionCount')]"
}
Related
I am able to enable audit diagnostic settings for aks using arm(below snippet inside arm )but the same way have enable the same in all resources in node resource group like network security group and vitual machine scale set.
"resources": [
{
"condition": "[parameters('audit_enable')]",
"type": "Microsoft.ContainerService/managedClusters/providers/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "[clustername]",
"dependsOn": [
"[resourceId('Microsoft.ContainerService/managedClusters', clutername)]"
],
"properties": {
"storageAccountId": "[variables('storageAccountId')]",
"logs": [
{
"categoryGroup": "allLogs",
"enabled": true,
"retentionPolicy": {
"days": 30,
"enabled": true
}
}
],
"metrics": [
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"days": 30,
"enabled": true
}
}
]
}
}
]
Below statements are based on our observations & Azure Documentations. We have tested in our local environment by creating a virtual machine scale set & tried enabling the diagnostic setting for it Unfortunately we dont have diagnostics setting feature for virtual machine scale sets.
Here is the output screenshot for reference:
As per the Azure documentation, Azure Diagnostics agent is available for virtual Machine only.
Azure Diagnostics extension collects monitoring data from the guest operating system and workloads of Azure virtual machines and other compute resources. It primarily collects data into Azure Storage but also allows you to define data sinks to also send data to other destinations such as Azure Monitor Metrics and Azure Event Hubs.
Here is the reference documentation to create the diagnostics setting for a virtual machine using arm template.
We tried searching for sample arm templates to create the diagnosticsetting for network security group unfortunately we didnt found any Would suggest you to go this documentation of basic arm template to create the diagnostic settings & make the changes accordingly to your requirement.
You can also refer the ARM templates samples for diagnostic settings in Azure monitor.
I have requirement to update a ADF linked service configuration by API(or any other way through code, except using UI). I need to add 'init scripts' in the job cluster configuration of a linked service.
I got some Microsoft documentation on this, but it is only for creating a linked service, not for editing it.
Please let me know if you have any leads on this.
You can update ADF linked Service configuration by API.
Sample Request
PUT https://management.azure.com/subscriptions/12345678-1234-1234-1234-12345678abc/resourceGroups/exampleResourceGroup/providers/Microsoft.DataFactory/factories/exampleFactoryName/linkedservices/exampleLinkedService?api-version=2018-06-01
Request body
{
"properties": {
"type": "AzureStorage",
"typeProperties": {
"connectionString": {
"type": "SecureString",
"value": "DefaultEndpointsProtocol=https;AccountName=examplestorageaccount;AccountKey=<storage key>"
}
},
"description": "Example description"
}
}
In this link Sample Request and Request body are given.
For example, If you want to update AzureBlobStorage LinkedService, You can update configurations given here
We use a PowerShell module azure.datafactory.tools for deployments of ADF components.
It can replace a Linked Service with a new definition. Furthermore, you can test the deployed Linked Service with the module.
Assume we have a Checkpoint Firewall Template created on Azure Portal. Is there a way to test the Template within Azure? Also if the Template is modified, is there a way to Test that new modified Template within Azure?
You can test an ARM Template by using it in a deployment. You can also use the what-if setting to produce hypothetical output without actually deploying anything.
Microsoft Azure Docs for What-If
To create a What-If deployment you can proceed a number of ways; Azure CLI, PowerShell, REST, etc. Here is an example using REST (Postman).
Use the endpoint
POST https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Resources/deployments/{deploymentName}/whatIf?api-version=2020-06-01
Provide a body payload:
{
"location": "westus2",
"properties": {
"mode": "Incremental",
"parameters": {},
"template": {}
}
}
Add your template and parameters. Supply a bearer token for authentication and deploy.
You can check the Azure What-If REST API docs here.
I have generated template from existing Azure API management resource, modified it a bit, and tried to deploy using Azure CLI. But I'm getting the following error:
Deployment failed. Correlation ID: 7561a68f-54d1-4370-bf6a-175fd93a4b99. {
"error": {
"code": "MethodNotAllowed",
"message": "System group membership cannot be changed",
"details": null
}
}
But all the APIs are getting created and working fine. Can anyone help me solve the error. This is the command I tried to deploy in my ubuntu machine:
az group deployment create -g XXXX --template-file azuredeploy.json --parameters #param.json
Service Group Template:
{
"type": "Microsoft.ApiManagement/service/groups",
"apiVersion": "2018-06-01-preview",
"name": "[concat(parameters('service_name'), '/administrators')]",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', parameters('service_name'))]"
],
"properties": {
"displayName": "Administrators",
"description": "Administrators is a built-in group. Its membership is managed by the system. Microsoft Azure subscription administrators fall into this group.",
"type": "system"
}
}
You have several options if you want to copy an API Management instance to a new instance. Using the template is not listed here.
Use the backup and restore function in API Management. For more information, see How to implement disaster recovery by using service backup and restore in Azure API Management.
Create your own backup and restore feature by using the API Management REST API. Use the REST API to save and restore the entities from the service instance that you want.
Download the service configuration by using Git, and then upload it to a new instance. For more information, see How to save and configure your API Management service configuration by using Git.
Update:
I have Confirmed with Microsoft engineer that ARM template deployment for APIM failed is an known issue and is planning to fix it.(5/7/2019)
Basically after adding the "dnsNameLabel" value for my arm template for azure container instances, i got this message:
2018-07-03T14:31:14.8518944Z ##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.
2018-07-03T14:31:14.8571875Z ##[error]Details:
2018-07-03T14:31:14.8616789Z ##[error]BadRequest: {
"error": {
"code": "DnsNameLabelNotSupported",
"message": "DNS name label for container group is not supported before version '2018-02-01-preview'."
}
}
Excerpt from the arm-template.json
...
"osType": "[variables('osType')]",
"ipAddress": {
"type": "Public",
"dnsNameLabel": "rabbitmq",
"ports": [
{
"protocol": "tcp",
"port": "15672"
}
]
},
...
P.S. I'm deploying using VSTS's Azure Resource Group Deployment task.
The problem was caused by the "apiVersion" key in the arm template file. It had to be updated to match a newer version of the api. Navigating to github arm templates repo
you could see which is the latest version.
Updating it to latest solved the problem.
Another suggestion is to use JSON schema validator for making sure the contents of the .json file matches the schema.