magnificent-television-29869
03/17/2021, 10:20 AMmagnificent-television-29869
03/17/2021, 1:10 PMaverage-dinner-84543
03/17/2021, 1:42 PMmagnificent-television-29869
03/17/2021, 2:40 PMprehistoric-nail-50687
03/17/2021, 3:15 PM@pulumi/azure-nextgen
to @pulumi/azure-native
…
If I have an import like import * as operationalinsights from "@pulumi/azure-nextgen/operationalinsights/v20200801";
is it save to change it to the new version-less import: import * as operationalinsights from "@pulumi/azure-native/operationalinsights";
or should I keep the version in the import?breezy-apartment-46543
03/17/2021, 4:11 PMworried-knife-31967
03/17/2021, 5:27 PMambitious-jewelry-18011
03/17/2021, 5:47 PMhundreds-receptionist-31352
03/17/2021, 7:32 PMproud-dusk-33872
03/19/2021, 1:46 AMworried-knife-31967
03/19/2021, 11:55 AMworried-knife-31967
03/19/2021, 11:56 AMcreamy-crowd-26033
03/19/2021, 1:53 PMWEBSITE_RUN_FROM_PACKAGE
and specifying a blob storage url for deployment. When using Azure Pipelines to build my app and then deploying via same or Octopus Deploy, etc., I already have my binaries so uploading them to a storage account is a little redundant. If I wanted to achieve a similar process with Pulumi - what is the recommendation?
If it matters I am using dotnet.better-shampoo-48884
03/19/2021, 3:07 PMsparse-intern-71089
03/19/2021, 7:52 PMclever-byte-21551
03/20/2021, 8:08 PMpulumi:pulumi:Stack wiz-diskanalyzer-dev_aws_7b976757-b010-44f5-be1b-aa4153b86dbe_global_bootstrap running
~ pulumi:providers:azure-native wiz-azure updating [diff: ~clientSecret]
~ pulumi:providers:azure-native wiz-azure updated
+ azure-native:containerregistry/v20201101preview:Token acr-token creating
+ azure-native:containerregistry/v20201101preview:Token acr-token creating error: Code="PasswordCannotBeAdded" Message="New passwords can be added only through 'generateCredentials'. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
+ azure-native:containerregistry/v20201101preview:Token acr-token **creating failed** error: Code="PasswordCannotBeAdded" Message="New passwords can be added only through 'generateCredentials'. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
pulumi:pulumi:Stack wiz-diskanalyzer-dev_aws_7b976757-b010-44f5-be1b-aa4153b86dbe_global_bootstrap running error: update failed
pulumi:pulumi:Stack wiz-diskanalyzer-dev_aws_7b976757-b010-44f5-be1b-aa4153b86dbe_global_bootstrap **failed** 1 error
Diagnostics:
pulumi:pulumi:Stack (wiz-diskanalyzer-dev_aws_7b976757-b010-44f5-be1b-aa4153b86dbe_global_bootstrap):
error: update failed
azure-native:containerregistry/v20201101preview:Token (acr-token):
error: Code="PasswordCannotBeAdded" Message="New passwords can be added only through 'generateCredentials'. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
My creation code looks like this:
token, err := acr.NewToken(ctx, "acr-token", &acr.TokenArgs{
Credentials: &acr.TokenCredentialsPropertiesArgs{
Passwords: acr.TokenPasswordArray{
acr.TokenPasswordArgs{
Name: pulumi.String("password1"),
},
acr.TokenPasswordArgs{
Name: pulumi.String("password2"),
},
}},
RegistryName: pulumi.String(parsedID.ResourceName),
ResourceGroupName: pulumi.String(parsedID.ResourceGroup),
ScopeMapId: pulumi.String(
fmt.Sprintf(
"/subscriptions/%s/resourceGroups/%s/providers/Microsoft.ContainerRegistry/registries/%s/scopeMaps/_repositories_push",
parsedID.SubscriptionID,
parsedID.ResourceGroup,
parsedID.ResourceName,
)),
TokenName: pulumi.String(fmt.Sprintf("wiz-%s", s.Outpost.GetId())), // must start with a letter
}, pulumi.Provider(azureProvider))
I’m also not sure how pulumi will manage the passwords - they are returned only once when generatedbetter-shampoo-48884
03/21/2021, 11:47 AMazure-native:compute:Disk (xxxxx-scaleset-linuxagents-disksource):
error: Code="BadRequest" Message="Required parameter 'storageAccountId' is missing (null)."
Which makes sense, because looking at docs for `CreationData`it states:
storageAccountId string
Required if createOption is Import. The Azure Resource Manager identifier of the storage account containing the blob to import as a disk.
This is easy to fix of course, and for once errors made it easy to check as well 🙂 It seems that there is no difference api-wise if you're in the same or different subscription relating to "importing an unmanaged blob" examples - Should I make an issue in /docs or a PR?better-shampoo-48884
03/21/2021, 12:06 PMconst aksToACRRoleAssignment = new azure.authorization.RoleAssignment("aks-to-acr", {
roleAssignmentName: new random.RandomUuid("aks-to-acr-RA").result,
scope: myACR.id
roleDefinitionId: "/subscriptions/<insert_sub_here>/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d", // acrpull Role Defenition
principalId: myAKS.identityProfile.apply(identityProfile => identityProfile?.kubeletidentity.objectId).apply(objectId => objectId ?? "<preview>") // gets the kubelet managed identity :)
})
For the roleDefenitionId - I just did az role definition list --output json --query "[].{roleName:roleName, description:description, id:id}" > roleDefenitions.json
once and found the role id from there 🙂better-shampoo-48884
03/21/2021, 12:17 PMazure-native:compute:VirtualMachineScaleSet (xxxxx-scaleset-linuxagents):
error: autorest/azure: Service returned an error. Status=<nil> Code="PropertyChangeNotAllowed" Message="Changing property 'osDisk.managedDisk' is not allowed." Target="osDisk.managedDisk"
In this case, pulumi shouldn't propose to update
but suggest to recreate
right?melodic-byte-32771
03/21/2021, 1:38 PMbetter-shampoo-48884
03/21/2021, 1:55 PMazure-native:compute:VirtualMachineScaleSet (xxxxx-scaleset-linuxagents):
error: Code="InternalOperationError" Message="An internal error occurred in the operation."
Essentially trying to create a scaleset from a vhd in a blob with disk-encryption enabled (and ephemeral disks). I'm happy to get an error message - but running pulumi up -y --suppress-outputs -v=9 --debug --logflow --logtostderr 1> scaleSetCreate.log 2>&1
just repeats the same issue without any context - the log shows my config (correct) going out, then it takes ~3.5m before azure responds with 500: internal error.. each time.better-shampoo-48884
03/21/2021, 1:56 PMtall-scientist-89115
03/22/2021, 4:35 AMazure_native.cache.Redis
object and am getting this error:
azure-native:cache:Redis (redis):
error: Code="InvalidRequestBody" Message="The value of the parameter 'properties.sku.family' is invalid.
When I try to add "family: C" to the sku
property I get:
TSError: ⨯ Unable to compile TypeScript:
redis/azure-cache.ts(23,7): error TS2322: Type '{ name: string; capacity: number; family: string; }' is not assignable to type 'Input<Sku>'.
I thought these type definitions were automatically generated to match the API? Any insight is appreciated.polite-shoe-79877
03/22/2021, 7:12 AMconst subscription = new Subscription("subscription",
{
subscriptionName: "subscription"
})
i get the following error:
error: azurecore/subscriptionSubscription resource 'sub' has a problem: "subscription_id": one of billing_scope_id,subscription_id
must be specified
when i try to specify with either subscription_id or billing_scope_id it must be specified with an already exisiting subscription id.tall-scientist-89115
03/22/2021, 2:53 PMazure-native:dbforpostgresql:Server (postgres-server):
error: Code="InvalidVersion" Message="Version '12' is not supported."
Edit: The answer was to use azure_native.dbforpostgresql.v20200214preview.Server
better-shampoo-48884
03/22/2021, 5:03 PMglamorous-helmet-50600
03/22/2021, 8:19 PMcolossal-room-15708
03/22/2021, 9:38 PMconst api = new azure.apimanagement.Api(`${prefix}-fn`, {
resourceGroupName: resourceGroup.name,
apiManagementName: apimService.name,
revision: "1",
displayName: "API",
path: `${prefix}-fn`,
protocols: ["https"],
"import": {
contentFormat: "swagger-link-json",
contentValue: "<https://url/api/swagger.json>",
},
});
This is the original API. We now updated the swagger with an additional endpoint and want to create a new revision. Or do we want a new version?
Changing the revision
value fails. Do we add a whole new API resource and increment the revision? So have the same as above again just with a new revision? I feel like that will fail as well.refined-tomato-5322
03/23/2021, 12:39 AMthis.cnameRecord = new network.RecordSet(this.baseName, {
cnameRecord: {
cname: "<http://domain.io|domain.io>",
},
privateZoneName: "<http://domain.io|domain.io>",
recordType: "CNAME",
relativeRecordSetName: "recordCNAME",
resourceGroupName: "<http://domain.io|domain.io>",
ttl: 3600,
}, { parent: this.endpoint });
However, I seem unable to find any way to add an alias here. Prior to assure-native, this seems to have been done with 'targetResourceId: "some.endpoint"'. This doesn't exist in the azure-native RecordSetArgs interface. I'm hoping somebody could point me in the right direction. I've been trying to find some other way of doing it with no success. Thank you so much!breezy-apartment-46543
03/23/2021, 7:20 PM