I created a VM in Windows Azure and some networking people are asking me for the deployment id. I cannot see this property anywhere on the portal. How can I get the deployment id of a Windows Azure VM? I just created the VM through the portal.
One way is to:
Go to https://resources.azure.com and log in
Search for the name of your VM and click to open details. It should return JSON information about the VM.
In the JSON data, search for deploymentId (it should be under the hardwareProfile section in the JSON)
You can see the deployment ID in the virtual machine's Dashboard tab. Refer to the screenshot-
Here's how you can do it via Powershell:
First log in to azure:
login-AzureRmAccount
Then get a reference to the virtual machine. In my case, I have a virtual machine called malcolms-dad in the resource group breaking-bad:
$vm = (Get-AzureRmResource -ResourceGroupName breaking-bad -ResourceName malcolms-dad -ResourceType MicrosoftClassicComputer/virtualMachines)
Now you have the reference, you can query for the deployment id property:
$vm.Properties.HardwareProfile.DeploymentId
Note that we had to pass in the -ResourceType parameter into the Get-AzureRmResource query. This might seem superfluous, but if you omit the parameter the command returns an object without the Properties field.
Related
I am trying to use the New-AzApplicationInsightsContinuousExport in the powershell since the Continuous Export feature is currently not available unless we migrate the current resource for application insight in workspace-based application resource. Unfortunately we do not have the authority to do it for now so thats why we are using the alternative method through powershell. I followed the instructions and created the sample storage creation found in the document of microsoft. Then after that used the sample command "New-AzApplicationInsightsContinuousExport". Did change the value based on the settings we have and execute it. But I encountered an error which is "Can not perform requested operation on nested resource. Parent resource". Been trying to find how to solve but unfortunately, I am stuck. Would someone help or direct me what should I do on this? Thanks! I posted the image of the command i executed.
enter image description here
enter image description here
I tried different approach of values that on the parameters that I think might work but its not working also. I also checked the "appinsighttest1" storage account configuration that was created by checking the settings, network, keys and other that might enable/visible for the command to work. My idea is the reason that it is not found maybe i have to enable something the storage account configuration. But right now i cant get it to work.
Error result using New-AzApplicationInsightsContinuousExport - Can not perform requested operation on nested resource. Parent resource:
"Parent resource 'test' not found: It means that no application insight resource with the name "test" has been created in Azure. You must first create an application insight in Azure Portal before using New-AzApplicationInsightContinuousexport.
I created in my environment as shown:
Using MSDoc as a reference, I tried in my environment with few modifications and successfully enabled continuous export with the respective command.
Script to run:
$context = $context = New-AzStorageContext -StorageAccountName "xxxstorageaccountname" -StorageAccountKey "xxxStorageaccountkey=="
$sastn = New-AzStorageContainerSASToken -Name <container> -Context $context -ExpiryTime (Get-Date).AddYears(50) -Permission w
$SASuri = "https://<storageaccount>.blob.core.windows.net/<containername>" + $sastn
New-AzApplicationInsightsContinuousExport -ResourceGroupName "<ResourceGroupName>" -Name "<applicationinsightname>" -DocumentType "Request","Trace", "Custom Event" -StorageAccountId "/subscriptions/<subscriptionID>/resourcegroups/<ResourceGroupName>/providers/Microsoft.Storage/storageAccounts/<storageaccount>" -StorageLocation EastUS -StorageSASUri $SASuri -DestinationType Blob
Output:
Note: This error might occur when you do not have enough right (access) to give/modify the permissions or roles. Assign "Storage Blob Data Owner" role for the storage account.
I have a web application in azure and I want to make sure that only my build server (or any other VM on the same subnet) are the only ones which are able to access the SCM site. I thought the most obvious thing would be to create an access restriction rule and in fact that works, I am able to create it from the portal with no issue whatsoever.
The problem, however, happens when I try to automate this using powershell. My build server subnet is located on a subscription different from the one where my web application is.
I am executing the following powershell script:
$subnetId = "/subscriptions/$VNETSubscriptionId/resourceGroups/$VNETResourceGroup/providers/Microsoft.Network/virtualNetworks/$buildServerVNET/subnets/$buildServerSubNet"
Add-AzWebAppAccessRestrictionRule -ResourceGroup $webAppRg -WebAppName $webAppname -Name VNETAccess -Priority 1000 -Action Allow -SubnetId $subnetId
And I get the following error:
Add-AzWebAppAccessRestrictionRule : The client '{{my user credential}}' with object id '81fa4eb1-5553-4daa-af44-3c717b19eda2' does not have authorization to perform action 'Microsoft.Network/virtualNetworks/subnets/read' over scope '/subscriptions/{{websiteSubscriptionId}}/resour
ceGroups/{{VNETResourceGroup}}/providers/Microsoft.Network/virtualNetworks/{{buildServerVNET}}/subnets/{{buildServerSubNet}}' or
the scope is invalid. If access was recently granted, please refresh your credentials.
The error seems to indicate that the cmdlet is searching for the subnet on the same subscription id than the website instead of the subscription where the subnet is located, since the resourceId string that is being returned on the error messsage has the wrong subscription Id. It is using the one where the website is instead of using the one where the build server is.
What else needs to be done in order to create this rule through powershell?
The error message is confused.
In fact, after my validation, you need to add the -IgnoreMissingServiceEndpoint parameter when adding a subnet from a different subscription. Read this GitHub case WebApp:Add-AzWebAppAccessRestrictionRule.md - incorrect use of subscription context over SubnetId param
When using a subnet from a different subscription, we cannot validate
the subnet to see if the correct service endpoint (Microsoft.Web) has
been set. If you use -IgnoreMissingServiceEndpoint the rule can be
added.
I am creating an ARM template for the Azure Log Analytics workspace.it has some queries which use azure VM's VMUUID. Is there is any way to fetch the azure VM's VMUUID inside the ARM template or any other way to fetch azure VMUUID?
ARM Template I just need to get the values of VMUUID of all VM's in that subscription.
You can also get this information programmatically from the Azure Instance Metadata Service (IMDS). It provides information about currently running virtual machine instances. You can use IMDS to manage and configure your virtual machines. This information includes the SKU, storage, network configurations, and upcoming maintenance events. For a complete list of the data available, see the Endpoint Categories Summary.
IMDS is a REST API that's available at a well-known, non-routable IP address 169.254.169.254. You can only access it from within the VM. Communication between the VM and IMDS never leaves the host.
https://learn.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service
Try Azure Resource Explorer
You could easily find it in the Azure Resource Explorer.
//One more extra reference: What is Azure Resource Explorer?
Just navigate to the Microsoft.Compute => virtualMachines view:
There is one more way to find it, but for me seems more complicated as you need to connect to the VM:
https://azure.microsoft.com/en-us/blog/accessing-and-using-azure-vm-unique-id/
Update: Try PowerShell
The simple PowerShell script below returns a list of all VMUUIDs in the specified subscription:
Get-AzSubscription
Select-AzSubscription -SubscriptionId "Olga's Subscription"
$GetVM = Get-AzVM
Foreach ($vm in $GetVM)
{
$vmId =""
$vmId = $vm.vmid
$vmIdList +=$vmId + "`r`n"
}
Write-Output $vmIdList
Please let me know if above answers your question.
I'm trying to create an Application Insights resource following the directions provided here: https://learn.microsoft.com/en-us/azure/azure-monitor/app/powershell
However, when I execute the command from the docs:
New-AzResourceGroupDeployment -ResourceGroupName Fabrikam -TemplateFile .\template1.json -appName myNewApp
Replacing Fabrikam my Resource Group Name, it throws ResourceGroupNotFound. If I list the Resource Groups with:
az group list
I can clearly see the Resource Group in the list, so I know I'm in the right subscription context.
Any thing obvious that I'm missing?
I've uploaded my version of template1.json already to the CLI storage.
I can clearly see the Resource Group in the list, so I know I'm in the right subscription context.
No, if you can use az group list to see the group, it just means the azure CLI context is in the right subscription. The New-AzResourceGroupDeployment is azure powershell, they are different, you need to use Get-AzResourceGroup to list groups.
To check if you are in the correct subscription, just use Get-AzContext. If you want to set the subscription for the powershell context, just use Set-AzContext -Subscription "<subscription-id>".
I've uploaded my version of template1.json already to the CLI storage.
I suppose you mean you upload the template to the azure storage. If so, you could not use this parameter -TemplateFile, you need to use -TemplateUri and -TemplateParameterUri, you need to generate the SAS urls for your template files(if your container is not public), then specify the two parameters, see this link.
Actually, you can use New-AzResource to create the app insight directly, no need to use the template in the doc.
Sample:
New-AzResource -ResourceName "<appinsight-name>" -ResourceGroupName <resourcegroup-name> -ResourceType "Microsoft.Insights/components" -Location "East US" -PropertyObject #{"Application_Type"="web"}
I have a bizsparkplus subscription. I followed the below link but could not find the capture button:
https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-classic-capture-image/#next-steps
Any suggestions?
Until yesterday, I found nothing in Azure's new portal that can help capture an image from a VM,
but today, out of the blue, I found a "Capture" button right inside the VM's Overview tab :) (will appear only for VMs with "Managed Disks")
It is super easy to capture an image (takes like a minute), but you have to connect ssh on the VM first & run this command (which will delete user's home folder) as per this official article:
sudo waagent -deprovision+user -force
then you can use the button.
-- Warning --
Capturing an image from your VM will stop it and mark it as generalized which won't let you start this VM ever again, because being generalized is an irreversible process "by design"! .. the Sh***y thing is, they didn't even put a warning on the button!, so be careful with that!
This feature is not available yet in the new Azure Portal. You have to options : Azure Resource explorer or PowerShell.
Here is an example in powershell. In this example the custom image will be saved in the VM storage account. The vm custom image will be stored in the following location "System/Microsoft.Compute/Images/templates/***.vhd". :
$vmResourceGroup = "iaas-rg";
$vmName = "ubuntu";
$destinationContainerName = "templates";
$vhdNamePrefix = "template";
$sampleOutupTemplatePath = "C:\Templates\ImagesGeneralized\sampleOutputTemplateUbuntu.json";
Login-AzureRmAccount
#Dellocate the VM
Stop-AzureRmVM -ResourceGroupName $vmResourceGroup -Name $vmName
#Generalize the vm
Set-AzureRmVM -ResourceGroupName $vmResourceGroup -Name $vmName -Generalized
# Save the custom vm Image
Save-AzureRmVMImage -ResourceGroupName $vmResourceGroup -VMName $vmName -DestinationContainerName $destinationContainerName -VHDNamePrefix $vhdNamePrefix -Path $sampleOutupTemplatePath
The second option is to use Azure Resource Explorer, you can execute the operations manually * :
*To execute those operations, the mode "read/write" must be selected in Azure Resource Explorer.
Regards,
You can able to capture the classic virtual machines in new portal. There is an option for capturing. attaching is the screenshot.
In case anyone else looking for this topic, I was researching it and found some azure docs here:
Create a managed image of a generalized VM in Azure
which explains generalizing is a one way operation (and why)
and how to deal with that by creating a VM copy first
Create a Windows VM from a specialized disk by using PowerShell
Using the option 3 in the article.