I have ARM deployment template, which contains VM resource with DSC extension
"resources": [
{
"name": "Microsoft.Powershell.DSC",
"type": "extensions",
"location": "[resourceGroup().location]",
"apiVersion": "2015-06-15",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('appVMName'))]"
],
"tags": {
"displayName": "appDSC"
},
"properties": {
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.9",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "[parameters('appDSCUpdateTagVersion')]",
"settings": {
"configuration": {
"url": "[parameters('dscArchiveUrl')]",
"script": "appDSC.ps1",
"function": "Main"
},
"configurationArguments": {
"nodeName": "[parameters('appVMName')]",
"webDeployPackage": "[parameters('appWebPackage')]",
"backgroundServicePackage": "[parameters('backgroundServicePackage')]"
}
}
}
}
]
I managed to make this work for the first time I executed it, but now it responds with error:
15:37:17 - Resource Microsoft.Compute/virtualMachines 'Unique-InApp' failed with message '{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "VMExtensionProvisioningError",
"message": "VM has reported a failure when processing extension 'Microsoft.Powershell.DSC'. Error message: \"The
DSC Extension received an incorrect input: Configuration.url requires that configuration.script is specified.\nPlease c
orrect the input and retry executing the extension.\"."
}
]
}
}'
As you can see, I obviously put script to configuration, but for some reason it is not recognized by ARM deployment script.
I suppose, this is just wrong error message and I have different problem, but without proper diagnostic information I am not able to understand it.
So what is the problem and how to fix it?
Looking at this example and at the schema seems like you are doing it wrong.
I don't see script or function properties for DSC extension, instead I see configurationFunction property, which supposedly takes a value similar to this:
ContosoWebsite.ps1\\ContosoWebsite
Second slash is used to escape the first one ;)
Related
This is how the chunk of the ARM template looks:
{
"type": "Microsoft.ApiManagement/service/diagnostics/loggers",
"apiVersion": "2018-01-01",
"name": "[concat(variables('gatewayName'), '/applicationinsights/', variables('gatewayName'))]",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service/diagnostics', variables('gatewayName'), 'applicationinsights')]",
"[resourceId('Microsoft.ApiManagement/service', variables('gatewayName'))]"
],
"properties": {
"loggerType": "applicationInsights",
"credentials": {
"instrumentationKey": "[reference(resourceId('Microsoft.Insights/components', variables('appInsights')), '2014-04-01').InstrumentationKey]"
},
"isBuffered": true,
"resourceId": "[variables('appInsights')]"
}
},
For two days our ARM template deployment is failing with the error:
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"MethodNotAllowedInPricingTier\",\r\n \"message\": \"Method not allowed in this pricing tier\",\r\n \"details\": null\r\n }\r\n}"}]}}
Although the error states the pricing tier, there were no changes in the template.
Verbatim google search result shows that the resource existed before as the first result item.
The documentation does not mention it anymore in the diagnostics section.
GitHub, though, remembers the resource but mentions different properties within the object:
"service_diagnostics_loggers": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2018-01-01"
]
},
"name": {
"oneOf": [
{
"type": "string",
"pattern": "(^[\\w]+$)|(^[\\w][\\w\\-]+[\\w]$)",
"maxLength": 80
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Logger identifier. Must be unique in the API Management service instance."
},
"type": {
"type": "string",
"enum": [
"Microsoft.ApiManagement/service/diagnostics/loggers"
]
}
},
"required": [
"apiVersion",
"name",
"type"
],
"description": "Microsoft.ApiManagement/service/diagnostics/loggers"
}
It looks like the resource was removed from the ARM template infrastructure silently. What is wrong my analysis?
diagnostics/loggers resource does exist in 2018-01-01 API version: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2018-01-01/apimdiagnostics.json
After that though it was removed and replaced by loggerId property on diagnostic entity itself: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2019-01-01/definitions.json#L1771
We'll check why older API version doesn't seem to work, meanwhile you could try migrating to a newer API version.
I have created a template which is meant to deploy a complete network solution, which includes 2-subnets, vnet, vnetgw and pubip. I am looking for a way to programmatically reference some of the resource id's such that it makes the template more dynamic and can be used as many times as possible. secondly, the templates generates an error on deployment which obviously is as a result of the the references i mentioned earlier. Pls see error below;
New-AzResourceGroupDeployment: Line | 3 |
New-AzResourceGroupDeployment -ResourceGroupName rg-vnet-dev -Templat
…
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 19:05:58 - Resource Microsoft.Network/virtualNetworkGateways 'rgvnetdev-vnetgw' failed with message '{ "error": {
"code": "InvalidTemplate",
"message": "Unable to process template language expressions for resource
'/subscriptions/77dd2569-6341-4c72-880d-ef59413db99e/resourceGroups/rg-vnet-dev/providers/Microsoft.Network/virtualNetworkGateways/rgvnetdev-vnetgw'
at line '279' and column '9'. 'Unable to evaluate template language
function 'resourceId': the type
'Microsoft.Network/virtualNetworks/subnets' requires '2' resource name
argument(s). Please see
https://aka.ms/arm-template-expressions/#resourceid for usage
details.'",
"additionalInfo": [
{
"type": "TemplateViolation",
"info": {
"lineNumber": 279,
"linePosition": 9,
"path": ""
}
}
] } }
I will be happy to share the code, if this would assist in resolving my issue. The error relates to referencing the vnet dependson for creating vnetgw.
From the error message, it seems that referenced subnet id is invalid. This function resourceId format is
resourceId([subscriptionId], [resourceGroupName], resourceType, resourceName1, [resourceName2], ...)
In this case, you probably lacks the VNet name at line '279', the referenced subnet id should be like this:
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworkName'), parameters('subnet1Name'))]"
},
{
"type": "Microsoft.Network/virtualNetworkGateways",
"apiVersion": "2019-12-01",
"name": "[variables('vnetgwname')]",
"location": "[parameters('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses',variables('pubIp'))]",
"[resourceId('Microsoft.Network/virtualNetworks',variables('VNetName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "vnetgatewayconfig",
"properties": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('pubIp'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',variables('VNetName'),variables('Uniquegwsubnet'))]"
},
"privateIPAllocationMethod": "[parameters('publicIPAllocationMethod')]"
}
}
],
"sku": {
"name": "[parameters('sku')]",
"tier": "[parameters('sku')]"
},
"gatewayType": "[parameters('gatewayType')]",
"vpnType": "[parameters('VpnType')]",
"activeActive": false,
"enableBgp": false,
"vpnGatewayGeneration": "[parameters('vpnGatewayGeneration')]"
}
},
As part of my ARM Template, I need to execute PowerShell script to install Failover cluster windows feature. However, the script run for at least 10 min then fails with following error.
new-azResourceGroupDeployment : 11:18:03 - Resource
Microsoft.Compute/virtualMachines/extensions
'DI-ukwest-DB1/extensions' failed with message '{ "status":
"Failed", "error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "VMExtensionProvisioningError",
"message": "VM has reported a failure when processing extension 'extensions'. Error message: \"Failed to download all
specified files. Exiting. Error Message: The remote server returned an
error: (400) Bad Request.\"."
}
] } }'
My script is
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(variables('varnodeNamePrefix'),copyindex(1),'/extensions')]",
"apiVersion": "2017-03-30",
"location": "[variables('varlocation')]",
"dependsOn": [
"[concat(variables('varnodeNamePrefix'),copyindex(1))]"
],
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.8",
"autoUpgradeMinorVersion": true,
"settings": {
"fileUris": [
"https://XXXXXarmtemplets.file.core.windows.net/powershellscripts/sqlcluster/InstallWindowsFeaturs.ps1"
]
},
"protectedSettings": {
"commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -InstallWindowsFeaturs.ps1",
"storageAccountName": "XXXXXarmtemplets",
"storageAccountKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
},
"copy": {
"name": "WinFeatures",
"count":"[variables('varvmCount')]"
}
}
Thanks
That error is pretty reliable - the ps1 file can't be downloaded by the extension. I noticed you have "file" .core.windows.net instead of "blob" which is the common use case - so one thing to check...
Also, you can log onto the VM and check the logs, see:
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows#troubleshoot-and-support
I am trying to setup an output EventHub for a Stream Analytics Job defined as a JSON template. Without the output bit the template is successfully deployed, however when adding the output definition it fails with:
Deployment failed. Correlation ID: <SOME_UUID>. {
"code": "BadRequest",
"message": "The JSON provided in the request body is invalid. Property 'eventHubName' value 'parameters('eh_name')' is not acceptable.",
"details": {
"code": "400",
"message": "The JSON provided in the request body is invalid. Property 'eventHubName' value 'parameters('eh_name')' is not acceptable.",
"correlationId": "<SOME_UUID>",
"requestId": "<SOME_UUID>"
}
}
I've defined the ARM template as:
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "westeurope"
},
"hubName": {
"type": "string",
"defaultValue": "fooIotHub"
},
"eh_name": {
"defaultValue": "fooEhName",
"type": "String"
},
"eh_namespace": {
"defaultValue": "fooEhNamespace",
"type": "String"
},
"streamAnalyticsJobName": {
"type": "string",
"defaultValue": "fooStreamAnalyticsJobName"
}
},
"resources": [{
"type": "Microsoft.StreamAnalytics/StreamingJobs",
"apiVersion": "2016-03-01",
"name": "[parameters('streamAnalyticsJobName')]",
"location": "[resourceGroup().location]",
"properties": {
"sku": {
"name": "standard"
},
"outputErrorPolicy": "Drop",
"eventsOutOfOrderPolicy": "adjust",
"eventsOutOfOrderMaxDelayInSeconds": 0,
"eventsLateArrivalMaxDelayInSeconds": 86400,
"inputs": [{
"Name": "IoTHubInputLable",
"Properties": {
"DataSource": {
"Properties": {
"iotHubNamespace": "[parameters('hubName')]",
"sharedAccessPolicyKey": "[listkeys(resourceId('Microsoft.Devices/IotHubs/IotHubKeys',parameters('hubName'), 'iothubowner'),'2016-02-03').primaryKey]",
"sharedAccessPolicyName": "iothubowner",
"endpoint": "messages/events"
},
"Type": "Microsoft.Devices/IotHubs"
},
"Serialization": {
"Properties": {
"Encoding": "UTF8"
},
"Type": "Json"
},
"Type": "Stream"
}
}],
"transformation": {
"name": "Transformation",
"properties": {
"streamingUnits": 1,
"query": "<THE SQL-LIKE CODE FOR THE JOB QUERY>"
}
},
"outputs": [{
"name": "EventHubOutputLable",
"properties": {
"dataSource": {
"type": "Microsoft.ServiceBus/EventHub",
"properties": {
"eventHubName": "parameters('eh_name')",
"serviceBusNamespace": "parameters('eh_namespace')",
"sharedAccessPolicyName": "RootManageSharedAccessKey"
}
},
"serialization": {
"Properties": {
"Encoding": "UTF8"
}
}
}
}]
}
}]
}
Checking here https://learn.microsoft.com/en-us/azure/templates/microsoft.streamanalytics/streamingjobs
it looks like the structure of the JSON for the output is as the expected one (with the properties field along with the type).
I've figured out those "Event Hub properties" from the Chrome browser using Developer Tools and checking the details of the HTTP request "GetOutputs", otherwise I am not sure where I could see how to specify those properties? The structure looks quite similar to the one for the input IoT Hub (which is working), in that case using different lables for the properties related to the IoT Hub details.
Checking this blog post https://blogs.msdn.microsoft.com/david/2017/07/20/building-azure-stream-analytics-resources-via-arm-templates-part-2-the-template/
the output part is related to PowerBI and it looks like a different structure is used for the properties: outputPowerBISource, so I've tried to use for the Event Hub the field outputEventHubSource (from the checks using Chrome Developer Tools) instead of properties, but then I get this error:
Deployment failed. Correlation ID: <SOME_UUID>. {
"code": "BadRequest",
"message": "The JSON provided in the request body is invalid. Required property 'properties' not found in JSON. Path '', line 1, position 1419.",
"details": {
"code": "400",
"message": "The JSON provided in the request body is invalid. Required property 'properties' not found in JSON. Path '', line 1, position 1419.",
"correlationId": "<SOME_UUID>",
"requestId": "<SOME_UUID>"
}
}
The command I am using to deploy this template is the Azure CLI (from a Linux Debian machine):
az group deployment create \
--name "deployStreamAnalyticsJobs" \
--resource-group "MyRGName" \
--template-file ./templates/stream-analytics-jobs.json
How do I specify an output in an Azure Resource Manager (ARM) template for a Stream Analytics Job?
Any property that contains a parameter (or any expression that needs to be evaluated must contain square brackets, e.g.
"eventHubName": "[parameters('eh_name')]",
"serviceBusNamespace": "[parameters('eh_namespace')]",
Otherwise the literal value in the quotes is used.
That help?
I found out all parameters need to be wrapped in square brakets (as pointed out in the other answer to this question).
Also to dynamically retrieve the shared access policy key (or any other parameter for an existing resource like the Event Hub) a combination of functions like listKeys and resourceId etc must be used, see below for a full example of an Event Hub described as an output for a Stream Analytics Job.
In details:
the parameters defined for eventHubName and serviceBusNamespace must be evaluated using square brackets (see how I defined those parameters in the JSON example in the body of the question I asked above),
the shared access policy could be either an hardcoded string (or a parameter as before) like sharedAccessPolicyName or dynamically retrieved using "sharedAccessPolicyKey": "[listKeys(resourceId('Microsoft.EventHub/namespaces/eventhubs/authorizationRules', parameters('eh_namespace'), parameters('eh_name'), 'RootManageSharedAccessKey'),'2017-04-01').primaryKey]" for the sharedAccessPolicyKey (this is sensitive data and it should be protected avoiding hardcoding information as a plain string)
The following JSON configuration shows an existing Event Hub defined as an output defined for the Stream Analytics Job:
"outputs": [{
"Name": "EventHubOutputLable",
"Properties": {
"DataSource": {
"Type": "Microsoft.ServiceBus/EventHub",
"Properties": {
"eventHubName": "[parameters('eh_name')]",
"serviceBusNamespace": "[parameters('eh_namespace')]",
"sharedAccessPolicyKey": "[listKeys(resourceId('Microsoft.EventHub/namespaces/eventhubs/authorizationRules', parameters('eh_namespace'), parameters('eh_name'), 'RootManageSharedAccessKey'),'2017-04-01').primaryKey]",
"sharedAccessPolicyName": "RootManageSharedAccessKey"
}
},
"Serialization": {
"Properties": {
"Encoding": "UTF8"
},
"Type": "Json"
}
}
}]
I'm trying to create automation variable off KeyVault secret. I assume I can probably do the same thing what is currently done in main template for retrieving windows password but it fails with non-descriptive error below. Not sure what shall be done next to troubleshoot.
Error
{
"code": "BadRequest",
"message": "{\"Message\":\"The request is invalid.\",\"ModelState\":{\"variable.properties.value\":[\"An error has occurred.\"]}}"
}
Template
{
"name": "mystring",
"type": "variables",
"apiVersion": "2015-10-31",
"dependsOn": [
"[concat('Microsoft.Automation/automationAccounts/', parameters('AutomationAccountName'))]"
],
"properties": {
"value": {
"reference": {
"keyVault": {
"id": "[resourceId(subscription().subscriptionId, 'Utility-RG', 'Microsoft.KeyVault/vaults', 'MyKeyVault')]"
},
"secretName": "WindowsPasswordSecret"
}
},
"description": "test var",
"isEncrypted": false
}
}
That error is indeed helpful, while I have no idea what went wrong there, I can tell you how to work around that, you need to pass the data from the KV to the template (as input parameter) not to the resource. And in the template use parameter to assign value to the object in question.
Reference: https://github.com/4c74356b41/bbbb-is-the-word/blob/master/_arm/parent.json#L151