pulumi-community #azure

sparse-dream-33326

11/19/2020, 11:23 AM

I am running azure-cs-aks-private-container-registry on Azure devops using a service principal.This sample creates a service principal on Azure.

sparse-dream-33326

11/19/2020, 11:23 AM

Copy code

error: graphrbac.ApplicationsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2020-11-19T11:21:33","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"06ba91b6-f8dd-4c13-ad44-3edd92d780b9"}}]

sparse-dream-33326

11/19/2020, 11:24 AM

I have granted all permissions to

sparse-dream-33326

11/19/2020, 4:19 PM

Is there example on Pulumi building a mixed node cluster i.e windows and linux nodes in Azure?

ancient-painter-14846

11/19/2020, 4:29 PM

Hello everyone, anyone knows why Pulumi is detecting a change/delete in the "id" property of a cosmosdb container? This change doesn't even show up in the CLI, just in the portal. This ends causing the following error during pulumi up:

error: 1 error occurred: updating urn:pulumi:dev::*****-infrastructure::azure:cosmosdb/sqlContainer:SqlContainer::dev: ID was missing the 'sqlDatabases' element

Using CLI 2.13.2. Dependencies:

Copy code

"dependencies": {
        "@pulumi/azure": "^3.30.1",
        "@pulumi/kubernetes": "^2.7.1",
        "@pulumi/pulumi": "^2.14.0"
    }

early-sugar-1496

11/22/2020, 2:49 PM

has anyone had any luck with the next gen provider and aks clusters? mostly around adding / removing agent pools and conflicting diffs when trying to replace the pool created with the

ManagedClusterArgs.AgentPoolProfiles

calm-motorcycle-72397

11/23/2020, 8:36 PM

Hi everyone. Testing the new Azure-Nextgen, and I'm wondering what replaces the removed PrimaryConnectionString from Account (now StorageAccount) object?

calm-motorcycle-72397

11/24/2020, 2:22 PM

Azure-Nextgen: I think I've found an issue: dbforpostgresql/latest attempts to recreate a FirewallRule though no changes have been done to it, and when it attempts to delete old, I get Code="ResourceNotFound" . Create issue in github or is it likely I'm doing something wrong?

early-television-40911

11/24/2020, 4:46 PM

Hi, I`m using azure-nextgen to try to create an app service plan and a metric alert,

Copy code

const plan = new web.AppServicePlan("plan", {
    resourceGroupName: resourceGroup.name,
    name: "linux-asp",
    location: resourceGroup.location,
    kind: "Linux",
    sku: selectedSku,
});

const cpuAlert = new insights.MetricAlert(
    "cpuAlertName",
    {
        actions: [],
        autoMitigate: false,
        criteria: cpuCriteria,
        description: "description",
        enabled: true,
        evaluationFrequency: "Pt1m",
        location: "global",
        resourceGroupName: resourceGroup.name,
        ruleName: "cpuAlertName",
        scopes: [plan.id],
        severity: 3,
        tags: {},
        windowSize: "Pt15m",
    },
    { dependsOn: plan },
);

if I try to create them together I get the error on the preview:

panic: fatal: A failure has occurred: Unrecognized structpb value kind in RPC[Provider[azure-nextgen, 0xc00052d7a0]

but if create the app service plan first then add the metric alert it works. Does anyone have any ideas on how to create them together?

ancient-painter-14846

11/25/2020, 3:37 PM

Hello everyone. Looks like there's some API changes in the CosmosDB SqlContainers. I have a resource created that has the following id:

/subscriptions/*********-****-****-****-************/resourceGroups/rg-dev/providers/Microsoft.DocumentDB/databaseAccounts/regionalcosmos/apis/sql/databases/regionaldb/containers/dev

But if I do an

az cosmos sql container list

, now this resource have the following ID:

/subscriptions/*********-****-****-****-************/resourceGroups/rg-dev/providers/Microsoft.DocumentDB/databaseAccounts/regionalcosmos/sqlDatabases/regionaldb/containers/dev

Because if this, I have the following error when trying to do a `pulumi up`:

ID was missing the 'sqlDatabases' element

Is there any way of fixing it? Maybe deleting from the state and re-importing it?

calm-motorcycle-72397

11/27/2020, 7:13 AM

Azure-Nextgen: Due to slot swapping, what pulumi expects to exist wrt. appsettings and stuff is wrong, and this causes issues. Is there any way to force it to set certain variables?

billowy-carpenter-15652

11/27/2020, 6:31 PM

Hi team, I'm trying to create an AutoscaleSetting and cannot figure out how to set a recurrence such that a rule is in effect from 6AM to 6PM. The only option in RecurrenceArgs seems to be Hours and Minutes, which seems to be defined as an interval, whereas the Azure Portal allows a start and end time on recurrences. Can someone please let me know what I'm doing wrong? Thank you!

bitter-policeman-94135

11/28/2020, 1:41 AM

Does anyone have any examples of accessing the Azure SDK/API directly from within Pulumi? I want to use Pulumi to set up SendGrid on Azure. I'm wondering what it will take to do it.

red-lighter-44012

11/28/2020, 2:32 PM

I am provisioning an Azure Postgres DB and im having trouble outputting the admin username and password. The console output includes the FQDN, but neither the username nor the password are available.

Copy code

PostgresAdminLogin = dbServer.AdministratorLogin;
PostgresAdminPassword = dbServer.AdministratorLoginPassword;
PostgresFqdn = dbServer.Fqdn;

Edit: I fell in my own trap, the output properties were static 😄 the method creating the DB is static so people return the new resource and not assign Output<> in the methods all over the place but only in the constructor. So yeah, I just shot myself in the foot. "senior dev" haha

prehistoric-nail-50687

11/30/2020, 10:30 AM

anyone has an idea how to configure container logging with

nextgen

? The cli command is this:

Copy code

az webapp log config --name "$APP_NAME" --resource-group "$RG_NAME" --docker-container-logging filesystem

But I can’t find any equivalent for it in pulumi

future-kite-91191

11/30/2020, 11:04 AM

Hi! Q regarding `nextgen`; where can I find the implementation for https://docs.microsoft.com/en-us/azure/templates/microsoft.kusto/clusters/databases/dataconnections

early-sugar-1496

11/30/2020, 11:22 AM

Hi, I'm trying to create a roleAssignment but preview keeps telling me

missing required property 'properties.principalId'

, is it because i'm using apply?

Copy code

using AzureAuth = Pulumi.AzureNextGen.Authorization.Latest;

            new AzureAuth.RoleAssignment(
                $"NetworkContributor",
                new AzureAuth.RoleAssignmentArgs
                {
                    Scope = _cluster.NodeResourceGroup!,
                    RoleAssignmentName = "Network Contributor",
                    Properties = new AzureAuth.Inputs.RoleAssignmentPropertiesArgs
                    {
                        PrincipalId = _cluster.Identity.Apply(identity => identity!.PrincipalId),
                        RoleDefinitionId = "",
                    },
                });

clever-byte-21551

12/01/2020, 7:48 AM

I’m trying to use

keyvault

with

azure-nextgen

plugin and I couldn’t find how I can create secrets, the

keyvault

module only has methods for creating the actual vault but there’s no way to interact with it. (I’m using golang)

nice-oyster-71086

12/01/2020, 9:44 PM

Is there an equivalent for Blob in AzureNextGen? I'm trying to replicate this workflow (in c#).

tall-needle-56640

12/02/2020, 10:09 PM

I'm confused with the generated code vs. the API spec. The API spec has a delete for PolicyExemption, but the generated code does not.

icy-jordan-58549

12/04/2020, 11:37 AM

Can anyone help me, changed my az user to SP and keep getting this:

Copy code

error: building auth config: Authenticating using the Azure CLI is only supported as a User (not a Service Principal).

adorable-cricket-58611

12/05/2020, 6:54 PM

@here I am getting the error while using the Pulumi Azure Pipelines Task, the error is error: problem logging in: rename credentials-460464347.json C\Users\VssAdministrator\.pulumi\credentials.json The system cannot move the file to a different disk drive.

adorable-cricket-58611

12/05/2020, 6:54 PM

can anyone please help here

wet-noon-14291

12/05/2020, 9:01 PM

I'm trying to set up a API in Azure management using the nextgen. I can't find how to add a "product" to an API, https://www.pulumi.com/docs/reference/pkg/azure-nextgen/apimanagement/api/. In the "old" azure provider I think you would use ProductApi, https://www.pulumi.com/docs/reference/pkg/azure/apimanagement/productapi/, but is there something for nextgen?

cool-jewelry-33023

12/06/2020, 11:23 PM

Sooo... here's a fun situation 🙂 When you update the Azure Traffic Manager monitor config (I've changed the health probing protocol & port - HTTP => HTTPS & 80 => 443) the Traffic Manager looses all of its Endpoints 🙂 Haven't really had time to debug this properly cause it happened on a deploy to PROD, so I've hot fixed it by deleting all the endpoints (we're adding them through a for loop so I've set the limit to 0), and then adding new ones 🙂 I'm using C# Pulumi version is 2.15.1 Pulumi nuget version 2.7.1 Pulumi.Azure nuget version 3.13.1

prehistoric-nail-50687

12/07/2020, 10:13 AM

I’m using

WebAppHostNameBinding

from

azure-nextgen

to add new domains to a

WebApp

. This works fine, as long as I only have one domain to add, but if I add multiple domains, then it does not work, because the previous

WebAppHostNameBinding

must be finished before I can add a new one. I currently have this:

Copy code

const subdomains = ["aa", "bb", "cc"];
for (var subd of subdomains) {
  var nameBinding = newHostNameBinding(subd, app.name, "<http://topdomain.com|topdomain.com>");
}

function newHostNameBinding(subdomain: string, appName: Input<string>, topdomain: string) {
  return new nextgen.WebAppHostNameBinding(
    `${environment}-web-host-name-binding-${subdomain}`,
    {
      name: appName,
      resourceGroupName: resourceGroup.name,
      hostName: `${subdomain}.${topdomain}`,
    },
    { parent: app }
  );
}

Ho can I ensure the calls to create a

WebAppHostNameBinding

are finished on the Azure site before creating the next one? The error I currently get is this:

Copy code

Cannot modify this site because another operation is in progress. Details: Id: 79e4dbe5-ae0e-44a2-9006-13b3e85e4e23, OperationName: Update, CreatedTime: 12/7/2020 9:53:20 AM, RequestId: d371a3b1-9503-4635-8289-2477a33ac7aa, EntityType: 3

boundless-airport-99052

12/07/2020, 12:54 PM

Hello, I’m trying to debug an issue introduced by the

terraform azurerm - v2.34.0

provider. I downgraded to

@pulumi/azure - v3.28.0

which uses

terraform azurerm v2.33.0

according to https://github.com/pulumi/pulumi-azure/blob/master/CHANGELOG.md But I still got the same error message

Copy code

error: azure:operationalinsights/analyticsWorkspace:AnalyticsWorkspace resource 'log-f-stack-s-a-sb' has a problem: expected daily_quota_gb to be at least (0.000000), got -1.000000

The

daily_quota_gb

property was not present before`terraform azurerm v2.34.0` so I wonder why I still got this error. Terraform changelog: https://github.com/terraform-providers/terraform-provider-azurerm/releases/tag/v2.34.0

azurerm_log_analytics_workspace
- support for the
daily_quota_gb
property (#8861)

I can also confirm this with this commit which in only present in v2.34

tall-needle-56640

12/07/2020, 6:44 PM

The new versioning namespaces create a lot of (what I feel is) unnecessary noise. Also, I can find no precedent for this kind of organization as even the official Azure SDK doesn't do anything like this. I realize that it opens up some interesting scenarios, but it also makes a lot of normal scenarios more challenging.

tall-needle-56640

12/07/2020, 11:37 PM

#azure #dotnet I'm trying to create a factory that returns resources with a logical set of defaults. In order for this to work in

Pulumi.Azure

, I did this:

Copy code

args.AppSettings = InputMap<string>.Merge(defaultAppSettings, args.AppSettings);

Now I'm trying to migrate that code to

AzureNextGen

, but I'm not sure how to get it to work. I tried:

Copy code

var appSettings = args.SiteConfig.Apply(c => c.AppSettings);
args.SiteConfig.Apply(s => 
    s.AppSettings = InputMap<string>.Merge(defaultAppSettings, appSettings));

But I get an error:

Argument 2: cannot convert from 'Pulumi.Output<Pulumi.InputList<Pulumi.AzureNextGen.Web.Latest.Inputs.NameValuePairArgs>>' to 'Pulumi.InputMap<string>'

So what do I do to make this work? Note

defaultAppSettings

is of type

Dictionary<string, string>

future-kite-91191

12/08/2020, 7:47 AM

Hey guys, I'm working on a new stack (involding Azure AKS) and keep getting these error messages when trying to

pulumi up

. I'm logged in successfully to Azure via

az login

still the

pulumi up

command keeps asking for interactive sign-in via web page:

Copy code

To sign in, use a web browser to open the page <https://microsoft.com/devicelogin> and enter the code {code here} to authenticate.
    E1208 08:11:52.773315   15608 azure.go:154] Failed to acquire a token: failed acquiring new token: waiting for device code authentication to complete: autorest/adal/devicetoken: Error while retrieving OAuth token: Code Expired

Eventually the command times out. I'm on Pulumi version 2.15.3 and latest npm packages Additional details: I can get a correct preview of the stack: