Cannot create Hybrid Connection in Azure Portal - azure

We are trying to set up a Hybrid Connection from an App Service and the Azure Portal behavior is quite odd. We have done this previously from another subscription; this subscription is part of a CSP (so we can't even try doing it from the old/classic portal).
Blade prompts us to create a new resource group even though the one it defaulted to already exists. (Like it can't populate existing resource groups?)
No locations are provided when navigating to the Location pane, there's a cutoff error message:
"There are no locations available. You may not h..."
We have "owner" role on the subscription.

his subscription is part of a CSA (so we can't even try doing it from the old/classic portal).
Do you mean CSP there, as in Cloud Solution Provider? If so, the resource provider Microsoft.BizTalkServices is not yet available in CSP.
Yes, the error message and how the UI flow is handled could use some improvement.
See this for more:
https://blogs.technet.microsoft.com/hybridcloudbp/2016/06/29/list-of-azure-services-in-csp/

Related

What are the minimum resource providers assigned/needed by Azure on a new subscription?

I'm working on an application that deploys and configures resources in Azure. This application will be run by clients and I have no way of knowing whether they'll create new subscriptions, or re-use older ones. Accordingly, I'm registering a set of Resource Providers (RPs) before trying to deploy anything.
As part of my testing, I've found all sorts of RPs that seems to be registered by default. Some of them (e.g. "Microsoft.Authorization" or "Microsoft.Portal") seem crucial to the smooth running of a subscription, so I am loath to start messing about with them. There are others that seem more cryptic (e.g. "Microsoft.Features").
Here's the full list I get when creating a new subscription in Azure today:
Microsoft.ADHybridHealthService
Microsoft.Advisor
Microsoft.AlertsManagement
Microsoft.Authorization
Microsoft.Billing
Microsoft.Cdn
Microsoft.ClassicSubscription
Microsoft.Commerce
Microsoft.Consumption
Microsoft.ContainerRegistry
Microsoft.CostManagement
Microsoft.DocumentDB
Microsoft.Features
Microsoft.GuestConfiguration
microsoft.insights (NB: it has this casing in the portal too)
Microsoft.MarketplaceOrdering
Microsoft.PolicyInsights
Microsoft.Portal
Microsoft.ResourceGraph
Microsoft.ResourceHealth
Microsoft.Resources
Microsoft.Security
Microsoft.SerialConsole
Microsoft.ServiceBus
Microsoft.Sql
Microsoft.Storage
microsoft.support (NB: another with odd casing)
Microsoft.Web
I've no idea if this is standard or can be relied upon. Does it change, for instance, depending on the type of subscription? Or where I'm based?
And which ones are needed? I'm pretty certain my subscription will continue to function without the Service Bus, but what about Billing? (I presume it won't make things free...)
To save me having to do a load of trial and error, is there a definitive, canonical list anywhere of the RPs needed for Azure to work properly? Or even just a canonical list of those included on a new subscription by default.
When ever a new Azure Subscription account is created , list of few Resource providers are available by default.
Some are Registered and some are NotRegistered
I have checked with free and pay-as-you-go Azure Subscriptions, the list of Registered Providers are different for each subscription
Ex: I can see the Microsoft.ServiceBus as Registered in Pay-as-you-go Subscription and as NotRegistered in Free Azure Subscription
In Pay-as-you-go Subscription
In Free Trial Subscription
To list out the available Resource Providers have a look at Available Resource providers
Also refer How to Enable Azure Resource Providers and Azure Resource Providers for more information

Apply NSG/ASG by default on new subnets (Azure)

We manage an Azure subscription operated by several countries. Each of them is quite independant about they can do (create/edit/remove resources). A guide of good practices has been sent to them, but we (security team) would like to ensure a set of NSG is systematically applied for every new subnet/vnet created.
Giving a look to Azure Triggers, I am not sure that subnet creation belongs to the auditable events. I also was told to give a look to Azure policy, but once again I am not sure this will match our expectations which are : For every new vnet/subnet, automatically apply a set of predefined NSG.
Do you have any idea about a solution for our need ?
I have done work like this in the past (not this exact issue) and the way I solved it was with an Azure Function that walked the subscription and looked for these kinds of issues. You could have the code run as a Managed Identity with Reader rights on the subscription to report issues, or as a Contributor to update the setting. Here's some code that shows how you could do this with PowerShell https://github.com/Azure/azure-policy/tree/master/samples/Network/enforce-nsg-on-subnet
You could consider using a Policy that has a DeployIfNotExists Action, to deploy an ARM template that contains all the data for the NSG. https://learn.microsoft.com/en-us/azure/governance/policy/samples/pattern-deploy-resources
You can get the ARM template by creating the NSG and getting the template:
GettingNSGTemplate
Note also that creating a subnet is audited, you can see it in the Activity Log for the VNet. See the screen shot.
AddingASubnet

Creating site in Azure using free subscription - The service is unavailable

I am new to azure and i am exploring it now, as first step i created a free azure account and in that i created a Resource group and an App service to that resource group.
When i try to access the Url https://azurehome.azurewebsites.net/ its giving an error 'The service is unavailable.'
any help on this ?
Please follow this document to troubleshoot:
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-http-502-http-503
By the way, this problem may be caused by the region you choose, trying to change the region may be effective. I'm using Central US and it works fine.
If it still doesn't resolve, please provide more information.
If you need support, you can click this link:
https://azure.microsoft.com/en-us/support/options/

How to know the origin resource group of a App Service Plan?

I have an Azure App Service Plan and a Web App. I want to move them to another subscription. There is a limitation that app service plan and app service must be moved together from the origin resource group of the app service plan. Someone had moved the resources from their origin resource group and deleted the resource group. Now, how can I find the name of the origin resource group ?
In some cases it can be found in the WebSpace property of app service plan. For example [ "webSpace": "RG-SK-MarkIII-CentralUSwebspace" ], RG-SK-MarkIII is the origin resource group of the app plan. But in my case the webSpace is like this ["webSpace": "AustraliaEastwebspace" ]. Is there any other way to find it through CloudShell ?
You can look up the actions taken by a particular user, even for a resource group that no longer exists.
az monitor activity-log list -g ExampleGroup --caller someone#contoso.com --offset 5d
Kindly try these steps:
If you don't remember the original resource group, you can find it through diagnostics.
For your web app, select Diagnose and solve problems.
Then, select Configuration and Management.
Select Migration Options.
Select the option for recommended steps to move the web app.
You see the recommended actions to take before moving the resources. The information includes the original resource group for the web app.
- I understand you're referring to RG deletion scenario, kindly try this and let me know how it goes.
Reference document move across subscription.
Furthermore, you can only change to a plan that was created in the same "webspace" as your original app. Webspace is an internal concept that's not exposed, but you can verify whether your source and destination plans are in the same webspace or not.
To verify, do the following:
https://resources.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/serverfarms/{serverFarmName}
Confirm whether the webSpace property of your source plan matches the webSpace property of your new plan

"There are no locations available." when trying to create an Azure Redis Cache

When I try to create a new Azure Redis Cache and choose a location I just get a "There are no locations available." message.1 Setting everything else first still results in the same error. Refreshing the page doesn't resolve the issue. The problem occurs in both IE and Chrome.
Thanks for reporting this. It seems to be a bug in the portal. I can reproduce it if I click "Location" immediately after the "New Redis Cache" blade opens. However, if I wait a few seconds before clicking "Location", it doesn't repro.
As a workaround, if you close and reopen the "Location" blade it should populate correctly.
We will also work on fixing this in the portal.
Finally, for any issues with Azure Redis Cache you can contact us via email at azurecache#microsoft.com.
After working with the Azure team via email we were able to narrow down the problem and find a workaround.
There are 3 problems at work here that result in my symptoms:
The various New blades in the portal will default you to a disabled subscription. I believe they currently default to the first subscription (oldest) which may not be an active subscription. This results in the default behavior upon choosing a blade to be that of no-subscription.
The New Redis Cache blade will only show locations if you have selected a valid (not disabled) subscription. This behavior differs from the other New blades (such as Create VM) which will show you locations even if you have a disabled subscription selected.
Changing the resource group will automatically change the subscription and lock it, but changing the subscription in this way will not trigger an update to the blade. This means that the locations don't get updated for the new subscription because the subscription-changed-event (made up name) was not fired. In my case, I was always changing the subscription by way of changing the resource group, so I was never able to set the location.
The workaround:
Simply change to an active subscription before choosing a resource group. This will cause the locations list to be updated, and you can then choose a resource group after.

Resources