I have a set of resources and want to deploy them using Template Deployment feature in Azure portal. In my parameters file, I have few references to parameters in Key Vault as mentioned here. When deploying the template in Azure portal (clicking on Deploy a custom template) and supplying these values, the portal still asks for these parameters explicitly which I definitely cannot provide in plain text.
When using the same resources.json and parameters.json file in powershell, it works fine.Is the feature of KeyVault references currently not supported in Template Deployment done through portal ?
Yes, this is the case, but you can workaround that by wrapping you template with another template and that template will "get" the reference and pass it to the actual template.
reference: https://github.com/4c74356b41/bbbb-is-the-word/blob/master/_arm/parent.json#L151
Related
For a project I'm working on, I need to define an entire Azure APIM in Bicep.
Now I want to define the request/response definitions for the developer portal, see the attached screenhot.
I've tried looking through the Azure documentation but found nothing to define these using Bicep. I have also tried exporting the APIM to ARM JSON, converting it to Bicep using az bicep decompile --file template.json, and reverse-engineering the definitions but the contents of the field Schema aren't included in the export output.
Does anyone know how to define the definitions in Bicep?
First define an schema sub-resource as defined here: https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/service/apis/schemas then use the schema’s resourceID in operations’ schemaId property.
I am trying to save ARM Template of VM into the Templates in Azure but I am getting the following error:
The client 'admin#xxxx.onmicrosoft.com' with object id '1550f813-ee2g-492e-b353-8885c1f85746' does not have authorization to perform action 'Microsoft.Gallery/register/action' over scope '/providers/Microsoft.Gallery' or the scope is invalid. If access was recently granted, please refresh your credentials.
There are two possible solutions for the above :
You can use Template Specs feature instead of Templates feature.
You can ask your Azure Active Directory tenant admin to create the first
gallery template to turn on the ability to create templates for all users under
the same tenant.
Steps to Create Template Spec:
Go to Template Specs in portal.
Select Create template spec.
Fill in the form and create .
Note: Templates with the same name will be overridden by the latest version.
Reference:
Convert portal template to template spec - Azure Resource Manager | Microsoft Docs
Azure Templates - Failed to save template - Microsoft Q&A
I have an ARM template, which I will be using it to deploy resources (Mentioned as in Azure Portal) via Azure DevOps Pipeline. These ARM templates were created using my Dev Subscription. If I need to use this same ARM template to move to production, I need to manually update the subscription id etc in the ARM template and then run the respective pipelines. Is there any way to automate this manual updation process in ARM template.
I have tried using File Transform Agent job available under Azure DevOps Release pipeline. But since the values are available inside nested loops of ARM templates, it failed. Is there any PowerShell script that will be suitable for this process of updating values.
I don't want to manually update the ids under the ARM Template. Instead, I want to update it automatically.
Set Json Property task might help to set the property with specific value.
First in the marketplace search for "set Json property" task and install it for your organization.
Then you can set the property path and the value accordingly. check here for detail usage
Instead of hard coding in ARM templates you can use parameters file. For dev and prod you can have separate files and while deploying pass ARM Template along with parameter file whichever is required.
You can use AKV (Azure Key Vault) to access your subscription details in parameter file
subscription().subscriptionid will get you the details
I have created a Function App for Containers using ARM template deployment using Azure DevOps Pipeline job (Azure Resource Group Deployment).
After deployment added additional configurations other than default configurations for Function App through portal.
For adding new resources, I have updated my 'template.json' and redeployed again. But this removes all my manual configuration of the existing Function App and set it to the default config settings in the template file. :( . Anyone please tell me a way for sort this problem.
Is there any property that helps to retain the resources and its configuration unchanged while deployment using ARM ? I used the property
"mode":
"Incremental" .
But this didn't work for me. It removes the existing configurations that I have created manually. Please suggest a best way to deploy and manage a resource using ARM. Is there any property or 'key : value' for adding additional settings to site config other than remove the site config and recreate it as inside the template default.
I think your only option is to set those configurations into the ARM template. ARM templates are not always incremental but are some time declarative as in this case.
You can switch to bicep, which has the ability to merge app settings. However, I don't have the details at the moment.
bicep wouldn't be a valid path to take. Except you can generate bicep from your source arm templates if they are 2019 or newer. That way the arm temples still drives the pipeline.
I wonder if terraform has the same options?
I'm deploying an Azure Functions App using an ARM template and want to disable ftp/ftps access.
The setting is easy to find in the portal:
How do I find the property or app setting for this so I can configure it in the json ARM template?
I've already tried
Reviewing Microsoft documentation
Running PowerShell commands Get-AzureRmResource and Get-AzureRmWebApp to explore the returned site objects
Searching for the property in the Azure Resource Explorer
Guessing the property name and testing deployments--trial and error
I would expect the setting to exist along with similar settings in the siteConfig:
The property you are looking for is ftpsState. Here are the possible values:
AllAllowed (that's the default)
FtpsOnly
Disabled