Wrong publishsettings xml file structure for Import-AzurePublishSettingsFile command - azure

I have a fresh publishsettings file obtained with use of command Get-AzurePublishSettingsFile
And when I run following command:
Import-AzurePublishSettingsFile -SubscriptionDataFile "path to publishsettings"
I'm getting this error:
Import-AzurePublishSettingsFile : Error in line 1 position 14. Expecting element 'ProfileData' from namespace 'http://schemas.datacontract.org/2004/07/Microsoft.WindowsAzure.Comman
ds.Utilities.Common'.. Encountered 'Element' with name 'PublishData', namespace ''.
At line:1 char:1
+ Import-AzurePublishSettingsFile -SubscriptionDataFile "path to publishsettings ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Import-AzurePublishSettingsFile], SerializationException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.Profile.ImportAzurePublishSettingsCommand
Looks like powershell cmdlet expects to see a file with different structure, but I have no idea where I can get one.
Am I doing something wrong here or it's an issue with Azure Powershell?
Azure module version is 0.8.2

I don't have an answer to your specific question. But I may have a better option, and something you can try to resolve the original issue.
See ArgumentNullException - Get-AzureService.
That post describes the following two options:
Instead of using publish settings files for management API authentication you can use your normal management portal login credentials. This is generally a better option for using the Azure powershell cmdlets.
If that doesn't work for you then see the link above for how to clear out the cached subscription configuration files and see if that fixes the Import-AzurePublishSettingsFile issue you are seeing.

I ran into the same issue. It turned out that I had used the incorrect parameter switch to specify the settings file.
Double check that you are using -PublishSettingsFile argument and not -SubscriptionDataFile as shown in your examples.
See the excerpt from powershell help below, for an explanation of each parameter.
Parameters
-PublishSettingsFile <String>
Specifies the full path and filename for the .publishsettings file for the Windows Azure account.
Required? true
Position? 1
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SubscriptionDataFile <String>
Specifies the path to a file where the subscription data is stored. This parameter is optional. If it is not provided, the subscription data is imported into a default file in the user's profile.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false

I was able to make this work after several tries.
You need to start PowerShell as Administrator and clearly layout the path to the filename assigned the downloaded file to.
Once I did this it worked well.

Related

Which Azure role / permission needed for command using Azure function

I've created a solution that will auto-tag all resources in Azure when they're created using the "Creator", "Date", and "Time." These work perfectly if someone creates from the web interface. Unfortunately, I use Terraform to create resources and would like it to take the terraform appid and convert it to the name using the following command.
(Get-AzADServicePrincipal -ApplicationId "123456-4564-464651651").DisplayName
Unfortunately, I get the following error, basically saying i don't have privileges to do it. Is there a list that lets me know which roles correspond to which command i need to run? I only want to allow privileges to map Service Principle App ID display name (and nothing more).
[Error] ERROR: [Authorization_RequestDenied] : Insufficient privileges to complete the operation.Exception :Type : System.ExceptionMessage : [Authorization_RequestDenied] : Insufficient privileges to complete the operation.HResult : -2146233088CategoryInfo : InvalidOperation: ({ ConsistencyLevel …ect = , Expand = }:<>f__AnonymousType5`7) [Get-AzADServicePrincipal_List], ExceptionFullyQualifiedErrorId
The solution is based on this link using Event triggers https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/tagging-azure-resources-with-a-creator/ba-p/1479819
You should you at least Application.Read.All permission , Please see the doc for more info - https://learn.microsoft.com/en-us/graph/api/serviceprincipal-get?view=graph-rest-1.0&tabs=http
Hope this helps
Thanks

Azure Template spec caching

I have a Azure template spec, version "ado", which has been working great. I recently changed a parameter name (ie. "location" to "aslocation") and updated the template spec using Powershell's Set-AzTemplateSpec command with the same version name "ado"
But when I call the template spec using the new parameter name, "aslocation", it throws:
Error BCP037: The property "aslocation" is not allowed on objects of type "params". Permissible properties include "location"
Even if I try using the old parameter name, "location", it throws:
New-AzResourceGroupDeployment: Cannot retrieve the dynamic parameters for the cmdlet. D:\git\IaC\Azure\main.bicep(4,5) : Error BCP035: The specified "object" declaration is missing the following required properties: "location". D:\git\IaC\Azure\main.bicep(5,7) : Error BCP089: The property "aslocation" is not allowed on objects of type "params". Did you mean "location"?
So it seems something is being cached. Any ideas on how to resolve or avoid this problem?
I have confirmed:
Occurs using Azure CLI or Powershell commands
Occurs using VS Code's integrated terminal or standalone powershell/CMD terminals
Template spec is indeed updated (verified via portal)
Issue persists through multiple days/reboots
I managed to resolve the issue. Leaving this here in case anyone else runs into this problem.
Bicep maintains a local cache for template specs at %USERPROFILE%.bicep
This is NOT automatically updated when template spec versions are updated. You must use Bicep CLI's restore command with the --force flag to refresh it (or remove your cache).
This seems counterintuitive IMHO but I digress..
Reference: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/bicep-cli#restore

Adding new parameters to ARM template parameters file

I have an original azure deployment that was created with original template parameters file.
I needed to change some logic at the template file and hence I needed to add some new extra parameters to the parameters file.
But when I tried to redeploy it I encountered the following error:
New-AzureRmResourceGroupDeployment : 9:43:19 AM - Error: Code=InvalidTemplate; Message=Deployment template validation
failed: 'The template parameters 'SecondaryServiceFabricClusterName, shouldDeployNewCluster' in the parameters file
are not valid; they are not present in the original template and can therefore not be provided at deployment time. The
only supported parameters for this template are .....
Anyone have an idea what is the problem and how I should do it properly?
P.S - this procedure is done via the Azure command line
Looks like the same issue here : https://github.com/Azure/azure-quickstart-templates/issues/3551
Happens when the parameters specified in the azuredeploy.parameters.json (ARM template parameters file) and the azuredeploy.json ARM template file have a mismatch. (Ps : make sure you also double check each param for spelling errors, types etc.)
'SecondaryServiceFabricClusterName, shouldDeployNewCluster' in the parameters file are not valid << check inside the parameters section of your ARM template if these 2 parameters are specified or used.
If you aren't using those parameters in your template, then remove them from your parameters file azuredeploy.parameters.json and it should fix the issue.
But alternatively if you want to keep them, then add them to the parameters section of your azuredeploy.json ARM template file

Deploying Azure sentinel analytics rules in bulk with Powershell

I am trying to deploy around 70 log analytics rules in to an environment's Azure Sentinel with Powershell so I don't have to do this manually one by one. I got the Analyticsrules.ps1 and rules.json which includes all the rules I want to deploy.
When I run it, I get this error: https://i.stack.imgur.com/nz9S4.png
"Cannot bind argument to parameter 'path' because it is null"
Does anyone know what I am doing wrong? I can show the json file as well but its really long.
As mentioned in the error, the path parameter is null.
Please make sure $env:Pipeline_Workspace and $artifactPath are not null.
$artifactPath = Join-Path $env:Pipeline_Workspace $artifactName
$rulesFilePath = Join-Path $artifactPath $RulesFile

Import-Module with powershell from asp core website

I´m currently trying to call an powershell application from my asp core application.
My first command is Import-Module to make sure that the correct module is loaded.
I tried several ways to do this:
using (PowerShell ps = PowerShell.Create())
{
ps.AddCommand("Import-Module AzureRm").Invoke();
}
This throws an CommandNotFoundException:
CommandNotFoundException
The term 'Import-Module AzureRm' is not recognized as the name of a
cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path
is correct and try again.
If I use AddScript instead I don´t get any feedback at all:
var result = ps.AddScript("Import-Module AzureRm").Invoke();
Result is always returned as an empty object.
Is is even possible to use Import-Module in an ASP core application?
How do I get an result from AddScript and not an empty object?

Resources