Azure manage compute API is failing with InvalidAPIVersion error - azure

I am trying to use Azure resource manager and Azure Compute Management APIs to get list of virtual machines in a resource group and all of virtual machine properties. It's failing with InvalidAPIVersion error even though I have updated to latest version. As per the error it expects older version no but i don't see any old library with such a version. Can someone please suggest what am I missing?
VirtualMachineGetResponse vm = m_computeClient.VirtualMachines.Get("/subscriptions/1f94c869-####-####-####-055e8ae15be3/resourceGroups/TestGroup", "TestMachine");
m_computeClint is an object of ComputeManagementClient class in name space Microsoft.Azure.Management.Compute
Is this because resource provider is Microsoft.ClassicCompute?
Error message:
InvalidApiVersionParameter: The api-version '2015-05-01-preview' is invalid. The supported versions are '2015-01-01,2014-04-01-preview,2014-04-01,2014-01-01,2013-03-01,2014-02-26,2014-04'.

If you're using the resource group management api, you're definitely going to get an invalidapiversionparameter using ClassicCompute. The resource management compute provider is "Microsoft.Compute"; ClassicCompute exists only to view VMs that were already created using the service management API.
Right now, you should keep the two APIs and resources separate. Did you create the VM using the preview portal (portal.azure.com) or using PowerShell? If the former, it has almost (but not quite) converted over to using the resource management api. Try following these steps: https://azure.microsoft.com/en-us/documentation/articles/resource-group-template-deploy/.
Hope that helps.

Related

How to connect a "azurerm_windows_web_app" resource in Terrafrom with a Virtual Network

I am using the "azurerm_windows_web_app" resource type in terraform to create an app service. I am using this resource because the "azurerm_app_service" is being deprecated as indicated by the docs.
I need to setup the outbound traffic section of the app service to use a virtual network like below. I already have the virtual network being created successfully, so I just need to find a way to link it to the app service via terraform.
I cannot see any property on the resource that allows me to achieve this. On the "azurerm_app_service" resource I can see a "azurerm_app_service_virtual_network_swift_connection" which I think might achieve this, but I cannot see a corresponding resource for a "azurerm_windows_web_app" resource to connect it to a virtual network.
Does anybody know if there is currently a way to achieve this?
app_service_virtual_network_swift_connection should still be the right one. The app services resources have been split up with the latest 3.0 TF provider release but I believe the swift resource will cover both, Windows and Linux app services.

Creating site in Azure using free subscription - The service is unavailable

I am new to azure and i am exploring it now, as first step i created a free azure account and in that i created a Resource group and an App service to that resource group.
When i try to access the Url https://azurehome.azurewebsites.net/ its giving an error 'The service is unavailable.'
any help on this ?
Please follow this document to troubleshoot:
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-http-502-http-503
By the way, this problem may be caused by the region you choose, trying to change the region may be effective. I'm using Central US and it works fine.
If it still doesn't resolve, please provide more information.
If you need support, you can click this link:
https://azure.microsoft.com/en-us/support/options/

Accessing Azure Storage Blob from an AKS cluster

A little context: I'm having to migrate a project from AWS, where I'm currently using ECS, to Azure, where I'll be using AKS since their ACS (ECS equivalent) is deprecated.
This is a regular Django app, with its configuration variables being fetched from a server-config.json hosted on a private S3 bucket, the EC2 instance has the correct role with S3FullAccess,
I've been looking into reproducing that same behavior but with Azure Blob Storage instead, having achieved no success whatsoever :-(.
I tried using the Service Principal concept and adding it to the AKS Cluster with Storage Blob Data Owner roles, but that doesn't seem to work. Overall it's been quite the frustrating experience - maybe I'm just having a hard time grasping the right way to use the permissions/scopes. The fact that the AKS Cluster creates its own resource group is something unfathomable - but I've attempted attaching the policies to it as well, to no avail. I then moved onto a solution indicated by Microsoft.
I managed to bind my AKS pods with the correct User Managed Identity through their indicated solution aad-pod-identity, but I feel like I'm missing something. I assigned Storage Blob Data Owner/Contributor to the identity, but still, when I enter the pods and try to access a Blob (using the python sdk), I get a resource not found message.
Is what I'm trying to achieve possible at all? Or will I have to change to a solution using Azure Keyvault/something along those lines?
first off all, you can use AKS Engine which is more or less ACS for Kubernetes now.
As for the access to the blob storage, you dont have to use Managed Service Identity, you can just use account name\key ( which is a bit less secure, but a lot less error prone and more examples exist ). The fact that you are getting resource not found error most likely means your auth part is fine, you just dont have access to the resource, according to this storage blob contributor should be fine if you assigned it at a proper scope. For this to work 100% just give your identity contributor access at subscription level, this way its guaranteed to work.
I've found an example of using python with MSI (here). You should start with that (and grant your identity contributor access) and verify you can list resource groups. when that works making reading blobs working should be trivial.

Find the app which created a VM using python azure-sdk

How can i find the app, whose credentials were used to launch a vm in azure. I am able to use the compute client to get admin_username attached to a VM but it does not solve my use case as a user can give any username while launching it.
compute_client = ComputeManagementClient(credentials, subscription_id)
vm_details = compute_client.virtual_machines.get(resource_group_name= <resource_group>, vm_name=<vm_name>, expand='instanceView')
username = vm_details.os_profile.admin_username
Is the app_name stored as a vm property anywhere that can be accessed via azure-sdk for python?
First, please clarify "launch". Do you mean initial deployment, or starting an already existing VM which was off? Or both :)?
I do believe that this information is not part of the VM, but will be considered an event of ARM. Then, this will be available part of the Activity Log:
https://learn.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-overview-activity-logs
Activity Log is available in the Monitor SDK:
https://learn.microsoft.com/en-us/python/api/overview/azure/monitoring?view=azure-python
If you want to test this quickly, try the CLI:
https://learn.microsoft.com/en-us/cli/azure/monitor/activity-log?view=azure-cli-latest#az-monitor-activity-log-list
Since this CLI is using the same SDK, if you find your information with the CLI this means you can definitely get it with SDK
(I work at MS in the Python team, but not in the VM or Monitor team, it's why I start my post with "believe", but I really think it's accurate based on my knowledge of Azure)

How can I programatically (C#) read the autoscale settings for a WebApp?

I'm trying to build a small program to change the autoscale settings for our Azure WebApps, using the Microsoft.WindowsAzure.Management.Monitoring and Microsoft.WindowsAzure.Management.WebSites NuGet packages.
I have been roughly following the guide here.
However, we are interested in scaling WebApps / App Services rather than Cloud Services, so I am trying to use the same code to read the autoscale settings but providing a resource ID for our WebApp. I have already got the credentials required for making a connection (using a browser window popup for Active Directory authentication, but I understand we can use X.509 management certificates for non-interactive programs).
This is the request I'm trying to make. Credentials already established, and an exception is thrown earlier if they're not valid.
AutoscaleClient autoscaleClient = new AutoscaleClient(credentials);
var resourceId = AutoscaleResourceIdBuilder.BuildWebSiteResourceId(webspaceName: WebSpaceNames.NorthEuropeWebSpace, serverFarmName: "Default2");
AutoscaleSettingGetResponse get = autoscaleClient.Settings.Get(resourceId); // exception here
The WebApp (let's call it "MyWebApp") is part of an App Service Plan called "Default2" (Standard: 1 small), in a Resource Group called "WebDevResources", in the North Europe region. I expect that my problem is that I am using the wrong names to build the resourceId in the code - the naming conventions in the library don't map well onto what I can see in the Azure Portal.
I'm assuming that BuildWebSiteResourceId is the correct method to call, see MSDN documentation here.
However the two parameters it takes are webspaceName and serverFarmName, neither of which match anything in the Azure portal (or Google). I found another example which seemed to be using the WebApp's geo region for webSpaceName, so I've used the predefined value for North Europe where our app is hosted.
While trying to find the correct value for serverFarmName in the Azure Portal, I found the Resource ID for the App Service Plan, which looks like this:
/subscriptions/{subscription-guid}/resourceGroups/WebDevResources/providers/Microsoft.Web/serverfarms/Default2
That resource ID isn't valid for the call I'm trying to make, but it does support the idea that a 'serverfarm' is the same as an App Service Plan.
When I run the code, regardless of whether the resourceId parameters seem to be correct or garbage, I get this error response:
<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">
{"Code":"SettingNotFound","Message":"Could not find the autoscale settings."}
</string>
So, how can I construct the correct resource ID for my WebApp or App Service Plan? Or alternatively, is there a different tree I should be barking up to programatially manage WebApp scaling?
Update:
The solution below got the info I wanted. I also found the Azure resource explorer at resources.azure.com extremely useful to browse existing resources and find the correct names. For example, the name for my autoscale settings is actually "Default2-WebDevResources", i.e. "{AppServicePlan}-{ResourceGroup}" which I wouldn't have expected.
There is a preview service https://resources.azure.com/ where you can inspect all your resources easily. If you search for autoscale in the UI you will easily find the settings for your resource. It will also show you how to call the relevant REST Api endpoint to read or update that resorce.
It's a great tool for revealing a lot of details for your deployed resources and it will actually give you an ARM template stub for the resource you are looking at.
And to answer your question, you could programmatically call the REST API from a client with updated settings for autoscale. The REST API is one way of doing this, the SDK another and PowerShell a third.
The guide which you're following is based on the Azure Service Management model, aka Classic mode, which is deprecated and only exists mainly for backward compatibility support.
You should use the latest
Microsoft.Azure.Insights nuget package for getting the autoscale settings.
Sample code using the nuget above is as below:
using Microsoft.Azure.Management.Insights;
using Microsoft.Rest;
//... Get necessary values for the required parameters
var client = new InsightsManagementClient(new TokenCredentials(token));
client.AutoscaleSettings.Get(resourceGroupName, autoScaleSettingName);
Besides, the autoscalesettings is a resource under the "Microsoft.Insights" provider and not under the "Microsoft.Web" provider, which explains why you are not able to find it with your serverfarm resourceId.
See the REST API Reference below for getting the autoscale settings.
GET
https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/microsoft.insights/autoscaleSettings/{autoscale-setting-name}?api-version={api-version}

Resources