Unable to build string in ARM template - azure

I am currently working on building a few templates for some of the basic deployments that I use daily and have them working except for the last piece. The issue is that i am using t-shirt sizing to choose a specific vhd as I am deploying and I can not see to get the syntax correct for the uri string.
I know the syntax to call the variable on its own but when I add it into the uri string, it fails.
[variables(‘vhd’)[parameters('version')]]
Parameter:
"version": {
"type": "string",
"defaultValue": "10.5",
"allowedValues": [
"10.3.1",
"10.4.1",
"10.5"
],
Variable:
"vhd": {
"10.3.1": "20170524144905.vhd",
"10.4.1": "20170524144656.vhd",
"10.5": "20170524133408.vhd"
},
String:
"vhd": {
"uri": "[concat(concat(reference(resourceId(parameters('virtualMachineName'), 'Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2015-06-15').primaryEndpoints['blob'], 'vhds/'), parameters('virtualMachineName'), '20170524133408.vhd')]"
},

Related

How to reference Keyvault Secret Tags from ARM template

I have an ARM template which syncs secret value from source Keyvault into Destination one.
I also want to sync secret tags, but ARM reference that I use for 'sourceKV.secret.tags' retrieval does not work
[reference(resourceId('subscriptionId', 'resourceGroup', 'Microsoft.KeyVault/vaults/secrets', 'SourceKV', 'Secret'), '2021-04-01-preview', 'Full').tags.tagName]
any ideas what can be the issue, or what is the correct form to retrieve tags during ARM template deployment?
These work for me:
"outputs": {
"tags": {
"type": "string",
"value": "[reference('/subscriptions/xxxx/resourceGroups/yyyy/providers/Microsoft.KeyVault/vaults/zzzz/secrets/mysecret', '2022-07-01', 'Full').tags]"
},
"tagValue": {
"type": "string",
"value": "[reference('/subscriptions/xxxx/resourceGroups/yyyy/providers/Microsoft.KeyVault/vaults/zzzz/secrets/mysecret', '2022-07-01', 'Full').tags.hello]"
},
"tagValue2": {
"type": "string",
"value": "[reference(resourceId(subscription().subscriptionId, resourceGroup().name, 'Microsoft.KeyVault/vaults/secrets', 'xxxx', 'mysecret'), '2021-04-01-preview', 'Full').tags.hello]"
}
}
Will result in:
"outputs": {
"tagValue": {
"type": "String",
"value": "world"
},
"tagValue2": {
"type": "String",
"value": "world"
},
"tags": {
"type": "Object",
"value": {
"hello": "world"
}
}
}
Also works with the API version you used. It is important that you use 'Full', otherwise you won't get the tags. Note that you can use this syntax anywhere in your template. I just used it in the outputs because it is good for testing.
As I found out it is not possible to use Reference function for setting tags property value for keyvault as valid usages state
reference func only works if it is used inside properties block or for outputs; but as tags are not part of properties instead of returning value reference fun returns just string "reference(resource...)"

microsoft.insights/components/ProactiveDetectionConfigs in arm template force to multiple deploy

I'm deploying an ARM template that take care of creating an app service plan.
I've exported the template from the existing plan and parametrized for our needs.
sometimes we get several errors on deplying
microsoft.insights/components/ProactiveDetectionConfigs
the errors are of
Value cannot be null. Parameter name: componentEnv
if we retry many times the operations until all the ProactiveDetectionConfigs resources are deployed we can finally complete the deployment.
Currently we have the following resources
microsoft.insights/components
microsoft.insights/webtests
Microsoft.Portal/dashboards
Microsoft.Web/serverfarms
microsoft.insights/components/ProactiveDetectionConfigs
Microsoft.Web/sites
I cannot figure out if i'm not considering some dependencies (currently is dependent on microsoft.insights/components and Microsoft.Web/sites) or if that kind of resource is necessary at all
thanks
To deploy the ProactiveDetectionConfigs into ARM template use the below code in your template
{
"type": "Microsoft.Insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "string",
"location": "string",
"properties": {
"CustomEmails": [ "string" ],
"Enabled": "bool",
"RuleDefinitions": {
"Description": "string",
"DisplayName": "string",
"HelpUrl": "string",
"IsEnabledByDefault": "bool",
"IsHidden": "bool",
"IsInPreview": "bool",
"Name": "string",
"SupportsEmailNotifications": "bool"
},
"SendEmailsToSubscriptionOwners": "bool"
}
}
Check the ProactiveDetectionConfigs link for more information.
I had the same issue and it was transient. It worked fine in the next several deployments with no other changes.

Azure: Cannot pass or execute a custom data to VM

I want to deploy an Azure Ubuntu 18.04-LTS VM with a custom data file during an automation test, using tmplate.json and parameters.json files.
Although, the VM was deployed successfully, It seem that the custom data execution have failed and I do not understand why...
According to this link, cloud-init is available in the image that I use.
My template.json file contain:
"parameters": {
...
"customData": {
"type": "string"
}
...
},
"resources": [
...
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2020-06-01",
"name": "[parameters('virtualMachineName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', parameters('networkInterfaceName'))]"
],
"properties": {
...
"osProfile": {
"computerName": "[parameters('virtualMachineComputerName')]",
"adminUsername": "[parameters('adminUsername')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
"keyData": "[parameters('adminPublicKey')]"
}
]
}
},
"customData": "[parameters('customData')]"
},
...
}
]
Also, I have a parameters.json file which contain:
"parameters": {
...
"customData": {
"value": "I2Nsb3VkLWNvbmZpZ1xucGFja2FnZV91cGdyYWRlOiB0cnVlXG5wYWNrYWdlczpcbiAgLSBpcGVyZlxuICAtIHRjcHJlcGxheVxuICAtIG5ldHBlcmY="
}
}
The value is YAML base64 encoded, and it's decoded text is:
#cloud-config\npackage_upgrade: true\npackages:\n - iperf\n - tcpreplay\n - netperf
(*) the above template.json and parameters.json files are partial - I omitted what seems to be not related to my problem.
I also checked the file /var/log/waagent.log and I did not found anything suspicious..
However, after I deployed the ubuntu VM manually and pasted the above YAML in the custom data section (in the advance setting page) every worked fine ('iperf', 'netperf' and 'tcpreplay' commands were found)
Any help will be appreciated!!
According to my experience, the problem is that the value for the custom data is not right. I check the VM that the cloud-init provision successfully, the code does not match yours. You can check the file /var/lib/waagent/ovf-env.xml yourself. Do not change the text yourself into a string. You can encode the text online.

arm template virtualNetworkName creation appendix issue

I am trying to get a arm template running and have hit an issue with the virtualnetwork creation.
azuredeploy.json
"virtualNetworkName": {
"type": "string",
"metadata": {
"description": "Name of virtual network to be created"
},
"defaultValue": "autohav2VNET"
},
vnet-net.json
"resources": [
{
"name": "[parameters('virtualNetworkName')]",
"type": "Microsoft.Network/virtualNetworks",
"location": "[parameters('location')]",
"apiVersion": "2015-06-15",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('virtualNetworkAddressRange')]"
]
},
"subnets": "[parameters('subnets')]"
}
}
]
The issue I am getting is that the vnet gets created with an appendix such as this: autohav2VNETl5g
So when this gets used to create a loadblancer, the names doe not match the defined parameter and the creation fails.
..../virtualNetworks/AUTOHAV2VNET referenced by resource .... /Microsoft.Network/loadBalancers/sqlLoadBalancer was not found.
Any suggestions?
with the data given it impossible to be sure why this is happening. you are probably passing in a value to the parameter virtualNetworkName. because if you wouldn't, than the vnet name would be: autohav2VNET.
ARM templates do not append anything anywhere just because they are arm templates. they only do what you designed them to do.
to help with debugging: how you are invoking the template and full template + full parameters file.

How to Copy Azure SQL Database using ARM Template

Not sure if it is supported in ARM. I could find power-shell references only.
You cannot currently deploy a dacpac with an ARM template. The link above uses PowerShell but not ARM. You can create however create a database from a source database as a copy using an ARM template.
A simple way to find an example template for any Azure action is to perform the action in the portal - in this case, copy a database - and then open the appropriate resource group blade in the portal, list the deployments, locate the deployment just submitted and open it. Then select ViewTemplate from the menu bar and examine both the Template tab and the Parameters tab. These show you the full template and the parameter values actually used. You can then download the template, with accompanying Powershell script.
For database copy, here is the template:
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"databaseName": {
"type": "string"
},
"serverName": {
"type": "string"
},
"location": {
"type": "string"
},
"createMode": {
"type": "string"
},
"sourceDatabaseId": {
"type": "string"
},
"requestedServiceObjectiveName": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2014-04-01-preview",
"location": "[parameters('location')]",
"name": "[concat(parameters('serverName'), '/', parameters('databaseName'))]",
"properties": {
"createMode": "[parameters('createMode')]",
"sourceDatabaseId": "[parameters('sourceDatabaseId')]",
"requestedServiceObjectiveName": "[parameters('requestedServiceObjectiveName')]"
},
"type": "Microsoft.Sql/servers/databases"
}
]
}
For database copy createMode = 'Copy'
And be sure to provide a fully qualified resourceId formatted as follows:
"/subscriptions/<sub-id>/resourceGroups/<resourceGroupName>/providers/Microsoft.Sql/Servers/<server-name>/databases/<database-name>"
Make sure the resource group name capitalization is correct and that the server name is all lower case.
You can use the sourceDatabaseId property to reference another database. Then you can specify various createModes depending on what type of database you would like to create:
{
"properties": {
"createMode": "OnlineSecondary",
"sourceDatabaseId": "[resourceId('Microsoft.Sql/servers/databases', variables('sql01Name'), 'databasename')]"
}
}
http://msdn.microsoft.com/en-us/library/azure/mt163685.aspx
The answer above from #Bill Gibson - MSFT works if you are using a Microsoft.Sql/servers resource, however if you're using a Microsoft.Sql/managedInstances resource you'll need to use the appropriate Microsoft.Sql/managedInstance/databases - ARM Template.
The following works for me to perform a PointInTimeRestore accessing a source database that lives in another resource group (the variables and parameters are left as an exercise to the reader):
{
"type": "Microsoft.Sql/managedInstances/databases",
"name": "[concat(variables('destinationSqlManagedInstanceName'), '/', 'AdventureWorks')]",
"apiVersion": "2021-11-01",
"location": "[parameters('location')]",
"properties": {
"createMode": "PointInTimeRestore",
"restorePointInTime": "2022-12-14T12:00:00Z",
"sourceDatabaseId": "[resourceId(variables('sourceResourceGroupName'), 'Microsoft.Sql/managedInstances/databases', variables('sourceSqlManagedInstanceName'), 'AdventureWorks')]"
}
}
The documentation is broken in a few ways:
When attempting to perform a PointInTimeRestore the properties referenced (SourceDatabaseName, SourceManagedInstanceName, PointInTime) do not exist. Rather the following properties are used: restorePointInTime and sourceDatabaseId which are documented in the documentation.
Additionally, the restorePointInTime indicates that the time should be in ISO8601 format, however this is not the same as what is returned by utcNow(). Testing has shown that you must provide it in this version of the ISO8601 format: yyyy-MM-ddTHH:mm:ssZ which can be done using utcNow('yyyy-MM-ddTHH:mm:ssZ').
I have created an issue to try and get the documentation fixed up here: https://github.com/MicrosoftDocs/azure-docs/issues/102717

Resources