miniature-leather-70472
06/10/2021, 10:53 AMminiature-leather-70472
06/10/2021, 11:33 AMtall-librarian-49374
06/10/2021, 11:53 AMhundreds-receptionist-31352
06/10/2021, 7:01 PMhappy-parrot-60128
06/10/2021, 7:07 PMminiature-leather-70472
06/11/2021, 1:41 PMrough-window-15889
06/11/2021, 6:45 PMnice-oyster-71086
06/11/2021, 9:34 PM@pulumi/azure-native
web.StaticSite and would like to deploy some appsettings along with the static site, but don't see a way to set them in the web.StaticSiteArgs object. Is there any guidance for this?icy-jordan-58549
06/14/2021, 11:00 AMgorgeous-country-43026
06/14/2021, 12:33 PMhappy-ability-61825
06/14/2021, 3:12 PMazure-native:containerinstance:ContainerGroup (spl-outputs):
error: Code="InvalidContainerGroupUpdate" Message="The updates on container group 'spl-outputs' are invalid. If you are going to update the os type, restart policy, network profile, CPU, memory or GPU resources for a container group, you must delete it first and then create a new one."
I updated the ContainerGroup definition to include opts=pulumi.ResourceOptions(delete_before_replace=True)
(as per https://www.pulumi.com/docs/intro/concepts/resources/#deletebeforereplace) but it doesn't seem to have any effectrough-window-15889
06/14/2021, 6:42 PMgorgeous-country-43026
06/15/2021, 12:53 PMpulumi:pulumi:Stack (myproject-azure-dev):
warning: provider config warning: Deprecated Attribute
limited-carpenter-34991
06/17/2021, 2:15 PMable-doctor-68496
06/17/2021, 11:47 PMemptyDir
, and I needed more disk space. I haven't figured out a way to do that so that the existing nodes get replaced with nodes that have the amount of disk space I need. What I've tried:
• update os_disk_size_gb
in agent_pool_profiles
and run pulumi up
- this doesn't seem to have any effect
• change count
to 0 in agent_pool_profiles
and run pulumi up
- this results in an error that count
is invalid
• change name
in agent_pool_profiles
to try to have the pool replaced - this also results in an error (see thread)able-doctor-68496
06/18/2021, 11:30 PMRecordSet
and getting this error:
azure-native:network:RecordSet (application-record):
error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="The request was invalid."
This is the code in Python for the RecordSet
:
RecordSet(
'application-record',
cname_record=CnameRecordArgs(cname=azure_fqdn),
record_type='CNAME',
relative_record_set_name=seeq_subdomain,
resource_group_name=azure_zone_resource_group,
zone_name=azure_zone_name
)
Is there a good way to troubleshoot that?quiet-hairdresser-18834
06/19/2021, 2:18 PMquiet-hairdresser-18834
06/19/2021, 3:00 PMlimited-carpenter-34991
06/21/2021, 9:37 AMAzureNative.Kusto.Script
i always get the error:
azure-native:kusto:Script (script1):
error: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The resource with identifier
able-doctor-68496
06/21/2021, 7:50 PMhundreds-optician-54090
06/22/2021, 3:50 PMerror: Code="CannotSetResourceIdentity" Message="Resource type 'Microsoft.Storage/storageAccounts' does not support creation of 'UserAssigned' resource identity. The supported types are 'SystemAssigned'."If I change the identity to 'SystemAssigned' and remove the user_assigned_identities, the storage account them fails to build with this error instead:
error: Code="InvalidValuesForRequestParameters" Message="Values for request parameters are invalid: properties.encryption.identity."Here's the proof-of-concept code I've been playing with:
import pulumi
import pulumi_azure_native as azure_native
import pulumi_azuread as azuread
config = pulumi.Config()
tenant_id = config.get('azure-native:tenantId')
resource_group = azure_native.resources.ResourceGroup("test-resource-group",
location="usgovvirginia",
resource_group_name="test-resource-group",
tags={'ENV': 'test'},
)
storage_security_group = azuread.Group("storage_security_group", display_name="storage_security_group")
key_vault = vault = azure_native.keyvault.Vault("Ish5booweur",
location="usgovvirginia",
properties=azure_native.keyvault.VaultPropertiesArgs(
access_policies=[azure_native.keyvault.AccessPolicyEntryArgs(
object_id=storage_security_group.id,
permissions=azure_native.keyvault.PermissionsArgs(
certificates=[],
keys=[
"wrapKey",
"unwrapKey",
"get",
],
secrets=[],
),
tenant_id=tenant_id,
)],
enable_soft_delete=False,
soft_delete_retention_in_days=15,
enabled_for_deployment=False,
enabled_for_disk_encryption=True,
enabled_for_template_deployment=False,
network_acls=azure_native.keyvault.NetworkRuleSetArgs(
bypass="AzureServices",
default_action="Allow",
),
sku=azure_native.keyvault.SkuArgs(
family="A",
name="Premium",
),
tenant_id=tenant_id,
),
resource_group_name=resource_group.name,
vault_name="Ish5booweur",
tags={'ENV': 'test'},
)
storage_key = azure_native.keyvault.Key("storage-encryption-key",
key_name="storage-encryption-key",
properties=azure_native.keyvault.KeyPropertiesArgs(
kty="RSA-HSM",
key_size=4096,
),
resource_group_name=resource_group.name,
vault_name=key_vault.name,
tags={'ENV': 'test'},
)
storage_account_managed_identity = azure_native.managedidentity.UserAssignedIdentity("storage-account-managed-id",
location="usgovvirginia",
resource_group_name=resource_group.name,
tags={'ENV': 'test'},
)
cmk_storage_account = azure_native.storage.StorageAccount("storeaccount01",
account_name="storeaccount01",
allow_blob_public_access=False,
encryption=azure_native.storage.EncryptionArgs(
require_infrastructure_encryption=True,
encryption_identity=azure_native.storage.EncryptionIdentityArgs(
encryption_user_assigned_identity=storage_account_managed_identity.id,
),
key_source="Microsoft.Keyvault",
key_vault_properties=azure_native.storage.KeyVaultPropertiesArgs(
key_name=storage_key.name,
key_vault_uri=key_vault.properties.vault_uri, # "<https://Ish5booweur.vault.usgovcloudapi.net/>",
),
services=azure_native.storage.EncryptionServicesArgs(
blob=azure_native.storage.EncryptionServiceArgs(
enabled=True,
key_type="Account",
),
file=azure_native.storage.EncryptionServiceArgs(
enabled=True,
key_type="Account",
),
),
),
identity=azure_native.storage.IdentityArgs(type="SystemAssigned"),
# identity=azure_native.storage.IdentityArgs(type="UserAssigned",
# user_assigned_identities={str(storage_account_managed_identity.id): {}},
# ),
kind="StorageV2",
location="usgovvirginia",
minimum_tls_version="TLS1_2",
network_rule_set=azure_native.storage.NetworkRuleSetArgs(bypass="AzureServices",
default_action="Deny",
),
resource_group_name=resource_group.name,
sku=azure_native.storage.SkuArgs(name="Standard_ZRS"),
tags={'ENV': 'test'},
)
lemon-chef-20322
06/22/2021, 11:20 PMproud-pizza-80589
06/23/2021, 8:15 AMrough-window-15889
06/24/2021, 1:01 AMicy-leather-68314
06/24/2021, 10:41 AMazure-native:web:WebAppAuthSettings (func-acmebot-auth-gdbp1-dev-eastus2):
error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="SiteAuthSettings object is not present in the request body." Details=[{"Message":"SiteAuthSettings object is not present in the request body."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"01008","Message":"SiteAuthSettings object is not present in the request body.","MessageTemplate":"{0} object is not present in the request body.","Parameters":["SiteAuthSettings"]}}]
The logs show that pulumi is doing a PUT /subscriptions/.../resourceGroups/rg-main-gdbp1-dev-eastus26bb88e07/providers/Microsoft.Web/sites/func-acmebot-gdbp1-dev-eastus2cc94d39c/config/authsettings?api-version=2020-12-01 HTTP/1.1
with a body of just {}
, which it looks like the Azure API doesn't like.
What are my options here? I don't really care if the WebAppAuthSettings resource destruction fails as it will be cleaned up when the WebApp is destroyed anyway.mysterious-australia-14256
06/25/2021, 9:38 AMusing Pulumi;
using AzureNative = Pulumi.AzureNative;
class MyStack : Stack
{
public MyStack()
{
var integrationAccount = new AzureNative.Logic.IntegrationAccount("integrationAccount", new AzureNative.Logic.IntegrationAccountArgs
{
IntegrationAccountName = "testIntegrationAccount",
Location = "westus",
ResourceGroupName = "testResourceGroup",
Sku = new AzureNative.Logic.Inputs.IntegrationAccountSkuArgs
{
Name = "Standard",
},
});
}
}
I get an error back saying
error: autorest/azure: Service returned an error. Status=400 Code="InvalidIntegrationAccount" Message="The provided integration account definition is not valid."
Anyone know of a fix for this?
Thanks
Alansquare-salesmen-69891
06/25/2021, 10:44 AMenough-truck-34175
06/25/2021, 2:22 PMVnetSubnetID
to the subnet. AKS automatically creates an NSG.
3. Associate the AKS NSG to the vnet’s subnetwhite-match-80969
06/26/2021, 7:26 PMincalculable-printer-98305
06/28/2021, 3:53 AM