mysterious-australia-14256
04/06/2020, 3:23 PMfuture-kite-91191
04/06/2020, 7:15 PMWindowsVirtualMachineScaleSet
the scale set extensions are separated into a new resource: VirtualMachineScaleSetExtension
. In the now deprecated ScaleSet
resource type, the Extensions
could be setup inline. Problem with the new way of working, is that some virtual machine extensions need to be added to the target VM scale set at the same time. The error I get now:
Scale Set extensions of handler '{handler name here}' can be added only at the time of VM Scale Set creation
How can I make sure the VM extension is added to the VMSS at the moment the latter is created?
Or should I go back to using the ScaleSet
resource?
See also
https://www.terraform.io/docs/providers/azurerm/guides/2.0-upgrade-guide.html#new-resources-for-virtual-machines-and-virtual-machine-scale-sets
https://discuss.hashicorp.com/t/azurerm-windows-virtual-machine-scale-set-extensions/6388
https://github.com/terraform-providers/terraform-provider-azurerm/issues/5860colossal-room-15708
04/07/2020, 9:47 AMDiskEncryptionSet
and I'm facing an issue:
des_key = keyvault.Key("des-key",
name="des-key",
key_vault_id=args.keyvault_id,
key_type="RSA",
key_size=2048,
key_opts=[
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
],
tags=args.tags
)
des_set = compute.DiskEncryptionSet("disk_encryption_set",
name="disk_encryption_set",
resource_group_name=args.resource_group_name,
key_vault_key_id=des_key.id
)
I receive TypeError: Missing required property 'identity'
on the DiskEncryptionSet
Why?
According to https://www.terraform.io/docs/providers/azurerm/r/disk_encryption_set.html#identity it's optional.colossal-room-15708
04/08/2020, 1:36 PMcolossal-room-15708
04/08/2020, 1:37 PMpowerful-football-81694
04/11/2020, 10:46 AMDiagnostics:
azure:cosmosdb:Account (orgflow-stacks-dev-cdb):
error: Error creating CosmosDB Account "orgflow-stacks-dev-cdb" (Resource Group "orgflow-stacks-dev-rg"): Error waiting for the CosmosDB Account "orgflow-stacks-dev-cdb" (Resource Group "orgflow-stacks-dev-rg") to finish creating/updating: Code="ServiceUnavailable" Message="Sorry, we are currently experiencing high demand in this region, and cannot fulfill your request at this time. We work continuously to bring more and more capacity online, and encourage you to try again shortly. Please do not hesitate to contact us via Azure support at any time or for any reason using this link <http://aka.ms/azuresupport>.\r\nActivityId: a74b0d98-cc3c-44ed-b5b9-587168e7b8c2"
To be clear: the Cosmos DB account is eventually created on the Azure side, although it doesn’t seem to be complete (I suspect this might be because Pulumi gave up waiting on some part and therefore didn’t proceed to subsequent parts).
As a result, we’re left with an incomplete Cosmos DB account that Pulumi doesn’t know about and doesn’t know what to do with in the next attempt - and as we know, pulumi refresh
does not help in this situation.
I suspect that the fix should be:
• Handle 503 responses in the resource creation status polling more gracefully and retry
• Do it with a back-off strategy to poll less frequently if these responses are coming out
• Possibly also start with less frequent polling from the get-gomelodic-byte-32771
04/13/2020, 9:10 AMstorageAccount = new azure.storage.Account(`account`, {
resourceGroupName: resourceGroup.name,
accountReplicationType: 'LRS',
accountTier: 'Standard',
accountKind: 'StorageV2',
staticWebsite: {
indexDocument: 'index.html',
error404Document: 'index.html'
}
});
this is what I receive
azure:storage/account:Account resource 'account' has a problem: static_website.0: invalid or unknown key: error404_document
enough-oil-63049
04/13/2020, 12:11 PMif peer:
org = props.config.require('org')
project = get_project()
peer_stack = StackReference(f'{org}/{project}/{peer}')
peer_hub_id = peer_stack.get_output('hub_id')
peer_hub_name = peer_stack.get_output('hub_name')
# need a reference to the peer hub VNet but the following statement doesn't work
peer_hub = network.VirtualNetwork.get(peer_hub_name, peer_hub_id)
peer_fw_ip = peer_hub.hub_fw_ip
peer_dmz_ar = peer_hub.peer_dmz_ar
peer_hub_as = peer_hub.peer_hub_as
I know everything up to the point noted above works, but I need to get a reference to the peer_hub vnet in the other stack. The parameters are:
+ peer_hub_id : "/subscriptions/subscription/resourceGroups/prod-vdc-rg-947d7dbf/providers/Microsoft.Network/virtualNetworks/hub-vn-f428d4f8"
+ peer_hub_name: "hub-vn-f428d4f8"
But when statement:
peer_hub = network.VirtualNetwork.get(peer_hub_name, peer_hub_id)
executes, the result is:
TypeError: Expected resource name to be a string
What am I doing wrong here? Going on API <https://www.pulumi.com/docs/reference/pkg/azure/network/virtualnetwork/>
mysterious-australia-14256
04/14/2020, 2:55 PMthousands-megabyte-97545
04/17/2020, 4:53 PMcolossal-room-15708
04/18/2020, 9:51 AMnutritious-judge-27316
04/21/2020, 1:10 PMgreat-manchester-70568
04/21/2020, 9:20 PMkind-agency-40925
04/22/2020, 1:00 PMkind-agency-40925
04/22/2020, 1:00 PMhandsome-optician-50551
04/23/2020, 9:20 AMlet service2 = new azure.apimanagement.Service("testams", {
resourceGroupName: "ddm-te-dev",
skuName: "Developer_1",
publisherName: "YourCompany",
publisherEmail: "<mailto:api@yourcompany.com|api@yourcompany.com>"
}, { customTimeouts: { create: "59m" } });
The error i get it: azureapimanagementService (testams): error: unexpected unknown property value
When I run pulumi preview it doesn't complain.
Could you help me with this?fancy-jelly-61092
04/24/2020, 4:02 PMazure.sql.ActiveDirectoryAdministrator
). I've no idea how to finish the setup and add the AD Logins to the database (i.e. CREATE USER "Admin Group" FROM EXTERNAL PROVIDER;
)
I created a custom SQL resource provider that allows executing the SQL, that is successful. I get the error Principal 'Admin Group' could not be resolved. Error message: 'AADSTS65002: Consent between first party applications and resources must be configured via preauthorization. Visit <https://identitydocs.azurewebsites.net/static/aad/preauthorization.html> for details
From what I can tell (https://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication-configure?tabs=azure-powershell#create-contained-database-users-in-your-database-mapped-to-azure-ad-identities) I cannot use a Service Principal login (I was using access tokens to sign in to the SQL instance). That means I need a user, which stops it from being useful to be used in a CI environment for example (Azure DevOps).
Has anybody found a workaround for this issue?breezy-answer-83664
04/24/2020, 7:12 PMmillions-journalist-34868
04/27/2020, 2:21 PMlittle-kangaroo-50941
04/27/2020, 3:30 PMlimited-rainbow-51650
04/28/2020, 4:12 PMkubeconfig
output?colossal-room-15708
04/29/2020, 2:46 AMbreezy-answer-83664
04/29/2020, 8:57 AMbetter-rainbow-14549
04/29/2020, 5:23 PMwarning: getEventhubNamespace is deprecated: azure.getEventhubNamespace has been deprecated in favour of azure.getNamespace
warning: getEventhubNamespace is deprecated: azure.getEventhubNamespace has been deprecated in favour of azure.getNamespace
warning: UserAssignedIdentity is deprecated: azure.UserAssignedIdentity has been deprecated in favour of azure.UserAssignedIdentity
warning: Assignment is deprecated: azure.Assignment has been deprecated in favour of azure.Assignment
warning: Assignment is deprecated: azure.Assignment has been deprecated in favour of azure.Assignment
warning: Assignment is deprecated: azure.Assignment has been deprecated in favour of azure.Assignment
any ideas why this has just started, also that first one about eventhubnamespace seems peculiarlittle-kangaroo-50941
04/29/2020, 7:02 PMpulumi up
:
System.InvalidOperationException: Expected Pulumi.AssetOrArchive but got System.String deserializing Pulumi.Azure.Storage.Blob.source
at Pulumi.Serialization.Converter.ConvertObject(String context, Object val, Type targetType)
at Pulumi.Serialization.Converter.ConvertValue(String context, Value value, Type targetType)
`at Pulumi.Deployment.CompleteResourceAsync(Resource resource, ResourceArgs args, ResourceOptions options, ImmutableDictionary`2 completionSources)`
at Pulumi.Deployment.Runner.WhileRunningAsync()
var blob = new Blob("zipdeploy", new BlobArgs
{
StorageAccountName = storageAccount.Name,
StorageContainerName = container.Name,
Type = "Block",
Source = new FileArchive("../HRToolBot/bin/Debug/netcoreapp3.1/publish")
});
fierce-eye-99133
04/30/2020, 11:01 AMrhythmic-lighter-17156
05/04/2020, 12:28 PMconst createAutoTaggingPolicyAssignment = (tag: string,
resourceGroup: azure.core.ResourceGroup, context: ExecutionContext) => {
const policy = getPolicyDefintion({displayName: 'Inherit a tag from the resource group if missing'});
new azure.policy.Assignment(`tag-${tag}`, {
displayName: `enforce tagging with ${tag}`,
description: `enforce the tagging of resources with the ${tag} tag`,
location: context.region,
identity: {
type: 'SystemAssigned'
},
policyDefinitionId: pulumi.interpolate`/subscriptions/${context.subscriptionId}${policy.then(p => p.id)}`,
scope: pulumi.interpolate`/subscriptions/${context.subscriptionId}/resourceGroups/${resourceGroup.name}`,
parameters: `{"tagName" : {"value": "${tag}"} }`
});
}
The policy assignment is created however, it is not linked to the policy definition correctly?
If i run the equivalent command through the az cli the policy gets created and is associated with the definition ok?
az policy assignment create --name tag-platform --scope /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx --policy "ea3f2387-9b95-492a-a190-fcdc54f7b070" --params "{'tagName':{'value': 'tag'}}" --location northeurope --assign-identity
It has to be to do with how the policyDefinitionId is setup within the Pulumi createAssignment script, but it parses the Up process correctly?
Many thanks.nice-guitar-97142
05/05/2020, 5:58 PMbetter-rainbow-14549
05/06/2020, 10:18 AMwarning: Namespace is deprecated: azure.eventhub.Namespace has been deprecated in favour of azure.servicebus.Namespace
which seems odd but ok... but an actual error I'm now getting is that calls to eventhub.getNamespace are failing with a 404 because it's trying to find a servicebusbetter-rainbow-14549
05/06/2020, 11:02 AM