limited-carpenter-34991
07/12/2021, 12:24 PMmysterious-australia-14256
07/13/2021, 10:05 AMmysterious-australia-14256
07/13/2021, 2:05 PMmysterious-australia-14256
07/13/2021, 6:11 PMmysterious-australia-14256
07/14/2021, 10:06 AMvar connectorDeployment = new Pulumi.AzureNative.Resources.Deployment( .... )
I then create the connection using an expanded version of the following where I am retrieving the CustomApi object created by the above deployment and using that when creating the connection.
var outputResources = connectorDeployment.Properties.Apply(props =>
{
Pulumi.AzureNative.Web.CustomApi bamConnector = Pulumi.AzureNative.Web.CustomApi.Get(connectorDeploymentResourceName, props.OutputResources[0].Id);
var connection = Pulumi.AzureNative.Web.Connection(name, args, new CustomResourceOptions
{
DependsOn = bamConnector,
Parent = bamConnector
});
return props;
}
This does deploy correctly and everything works but I would like to get Pulumi Preview to pick up this operation. How can I tweak my code so that Pulumi Preview is picking up the connection correctly?
I also have an issue where a Pulumi Destroy is only removing the deployment and not the actual object that was created.ancient-eve-13947
07/14/2021, 1:37 PMNamespaceAuthorizationRule
for an Azure servicebus via Typescript?
the documentation states NamespaceAuthorizationRule
should have an output
primaryConnectionString
, but the d.ts says it has only name, rights and
type as outputs.ancient-eve-13947
07/14/2021, 5:28 PMpulumi up
I get the following error:
Diagnostics:
pulumi:pulumi:Stack (Cloud-dev):
error: update failed
azure-native:azureactivedirectory:B2CTenant (b2c):
error: cannot check existence of resource '/subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgdevc54575e2/providers/Microsoft.AzureActiveDirectory/b2cDirectories/deonfunction%20getStack%28%29%20%7B%0A%20%20%20%20return%20runtime.getStack%28%29%3B%0A%7Ddirectory': status code 400, <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""<http://www.w3.org/TR/html4/strict.dtd>">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid URL</h2>
<hr><p>HTTP Error 400. The request URL is invalid.</p>
</BODY></HTML>
the code I use is:
const tenant= new azure.azureactivedirectory.B2CTenant("b2c", {
resourceGroupName: resourceGroup.name,
sku: {
name: "Standard",
tier: "A0"
},
properties: {
countryCode: "DE",
displayName: `DEON-${pulumi.getStack}`
},
resourceName: `deon${pulumi.getStack}directory`
});
any idea what's going on here?ancient-eve-13947
07/14/2021, 6:35 PMpulumi up
, it will just create a new resource group etc?
background: something went wrong with destroying and now some Azure resources take ages to get deleted, and I'd like to continue testing meanwhile.ancient-eve-13947
07/14/2021, 7:04 PMlet suffix= pulumi.getStack();
suffix= suffix=="production" ? "" : suffix;
const displayName= pulumi.interpolate `DEON - ${suffix}`;
const resourceName= pulumi.interpolate `deon${suffix}directory`;
const tenant= new azure.azureactivedirectory.B2CTenant("b2c", {
resourceGroupName: resourceGroup.name,
location: "europe", // because B2C has other, fewer possible locations
sku: {
name: "Standard",
tier: "A0"
},
properties: {
countryCode: "DE",
displayName
},
resourceName
});
and on pulumi up
I get this error:
b2c (azure-native:azureactivedirectory:B2CTenant)
error: autorest/azure: Service returned an error. Status=404 Code="NotFound" Message="Resource with ID '25110286-d288-4e46-851b-4e2bc880672f/rgdev9a38f1a5/deondevdirectory' does not exist." Target="resource"
what am I doing wrong?ancient-eve-13947
07/15/2021, 11:55 AM@pulumi/azuread
seems to allow me to create app registrations, but I can't see anything related to manifests?victorious-exabyte-70545
07/15/2021, 4:26 PMvictorious-exabyte-70545
07/15/2021, 5:12 PMvictorious-exabyte-70545
07/15/2021, 5:13 PM.pulumi/history/dev/dev-1626238159454148000.checkpoint.json
limited-mouse-98047
07/16/2021, 2:51 PMazuread.ServicePrincipalPassword
resource generating passwords that are incompatible with azure_native.containerservice.ManagedCluster
? The latter apparently cannot accept characters like a backtick (`), which the former will apparently generate if you're lucky.
I'm wondering whether this is a bug within the provider on on the azure end.miniature-leather-70472
07/19/2021, 12:17 PMpowerful-football-81694
07/19/2021, 1:06 PMpulumi up
?wet-noon-14291
07/20/2021, 9:40 PMhandsome-state-59775
07/21/2021, 5:34 AMmysterious-australia-14256
07/22/2021, 10:13 AMlittle-notebook-32921
07/22/2021, 11:35 PMminiature-leather-70472
07/26/2021, 12:54 PMmelodic-student-71781
07/27/2021, 6:36 PMaz aks create [...] --attach-acr $MYACR
where the cluster uses a managed identity instead of an explicit service principal.
As far as I understand it, I need to add a RoleAssignment
with scope
=containerRegistryId and roleDefinitionId
="AcrPull".
RoleAssignment contains `principalId`(required) and delegatedManagedIdentityResourceId
(optional).
How do I fill these two fields?
I'm guessing delegatedManagedIdentityResourceId
should be the id of the AKS cluster, but what's the principalId
if there is no principal?kind-mechanic-53546
07/28/2021, 1:29 AMicy-jordan-58549
07/28/2021, 1:42 PMazure-native:network:FrontDoor (frontDoor):
error: autorest/azure: Service returned an error. Status=<nil> Code="Conflict" Message="Cannot delete frontend endpoint \"<http://fed2test.test.io|fed2test.test.io>\" because it is still directly or indirectly (using \"afdverify\" prefix) CNAMEd to front door \"<http://emtkfed2testprodcmsfd.azurefd.net|emtkfed2testprodcmsfd.azurefd.net>\". Please remove the DNS CNAME records and try again."
proud-dusk-33872
07/28/2021, 1:54 PMmelodic-easter-82419
07/29/2021, 3:55 PMmelodic-easter-82419
07/29/2021, 3:56 PMcuddly-spring-60602
07/30/2021, 7:53 AMSettings: pulumi.ArrayMap{
"advancedOptions": pulumi.Array{
pulumi.Map{
"Name": pulumi.String("forcePullAndApply"),
"TypeName": pulumi.String("System.Boolean"),
"Value": pulumi.Bool(false),
},
},
"Properties": pulumi.Array{
pulumi.Map{
"Name": pulumi.String("RegistrationKey"),
"TypeName": pulumi.String("System.Management.Automation.PSCredential"),
"Value": pulumi.StringMap{
"Password": pulumi.String("PrivateSettingsRef:registrationKeyPrivate"),
"UserName": pulumi.String("PLACEHOLDER_DONOTUSE"),
},
},
pulumi.StringMap{
"Name": pulumi.String("RegistrationUrl"),
"TypeName": pulumi.String("System.String"),
"Value": pulumi.String(registrationUrl),
},
pulumi.StringMap{
"Name": pulumi.String("NodeConfigurationName"),
"TypeName": pulumi.String("System.String"),
"Value": pulumi.String(existingConfigurationName),
},
pulumi.Map{
"Name": pulumi.String("RebootNodeIfNeeded"),
"TypeName": pulumi.String("System.Boolean"),
"Value": pulumi.Bool(true),
},
pulumi.Map{
"Name": pulumi.String("ActionAfterReboot"),
"TypeName": pulumi.String("System.String"),
"Value": pulumi.String("continueConfiguration"),
},
},
},
TypeHandlerVersion: pulumi.String("2.77"),
This will lead to an error:
I0730 08:18:59.628372 6476 provider_plugin.go:739] Provider[azure-native, 0xc000650780].Create(urn:pulumi:dev::TosMarketing::azure-native:compute:VirtualMachineExtension::vm-ext-Gaming-VM1) failed: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'vm-ext-Gaming-VM1'. Error message: \"The DSC Extension failed to execute: Cannot convert value \"downloadMappings\" to type \"System.Int32\". Error: \"Input string was not in a correct format.\".\nMore information about the failure can be found in the logs located under 'C:\\WindowsAzure\\Logs\\Plugins\\Microsoft.Powershell.DSC\\2.77.0.0' on the VM.\"\r\n\r\nMore information on troubleshooting is available at <https://aka.ms/VMExtensionDSCWindowsTroubleshoot> "
Without the advancedOptions Block, it works fine...Any ideas?ancient-eve-13947
07/30/2021, 12:39 PMpulumi preview
on a clean slate, ie with no resources up yet and I get the following error:
Diagnostics:
pulumi:pulumi:Stack (Cloud-dev):
error: Running program 'C:\Projects\Deon\infrastructure\azureresources' failed with an unhandled exception:
Error: invocation of azure-native:cache:listRedisKeys returned an error: request failed /subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgDEV/providers/Microsoft.Cache/redis/redis2f94d61f/listKeys: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The Resource 'Microsoft.Cache/Redis/redis2f94d61f' under resource group 'rgDEV' was not found. For more details please go to <https://aka.ms/ARMResourceNotFoundFix>"
at Object.callback (C:\Projects\Deon\infrastructure\azureresources\node_modules\@pulumi\pulumi\runtime\invoke.js:139:33)
at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client.ts:338:26)
at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client-interceptors.ts:426:34)
at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client-interceptors.ts:389:48)
at C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\call-stream.ts:276:24
at processTicksAndRejections (internal/process/task_queues.js:79:11)
The code for that passage is
function createRedis() : azure.types.input.web.NameValuePairArgs[]{
var cache= new redis.Redis("redis", {
resourceGroupName,
enableNonSslPort: true,
minimumTlsVersion: redis.TlsVersion.TlsVersion_1_2,
sku: {
name: "Basic",
family: "C",
capacity: cfg.requireNumber("Redis.Size")
}
});
const keys= pulumi.all([resourceGroupName, cache.name])
.apply(([resourceGroupName, name])=>redis.listRedisKeys({resourceGroupName, name}))
const connectionString= pulumi.interpolate `${cache.hostName}:6380,password=${keys.primaryKey},ssl=True,abortConnect=False`;
return [
{
name: "Redis:ConnectionString",
value: connectionString
},
];
}
Now what I don't get is: of course when doing preview, the redis instance isn't there yet. But I kinda expected that Pulumi somehow deals with this in the background, maybe not calling apply if cache.Name is not available yet.
Also, I think I didn't have the problem before - but that might just be because I called it incrementally, never on a completely clean slate.
Note the same thing happens when I execute pulumi up
when it's in the preview stage. So this is currently a big blocker for me.
Any ideas, anyone?powerful-football-81694
07/30/2021, 6:07 PM// Get a reference to our centralized key vault service which lives
// in another resource group. The key vault service itself is not created or maintained
// by this program.
var keyVault =
Output.Create(GetVault.InvokeAsync(
new GetVaultArgs()
{
ResourceGroupName = sharedResourceGroupName,
VaultName = sharedKeyVaultName
}));
Is there any way to do this if that key vault is in a different subscription?powerful-football-81694
07/30/2021, 6:07 PM// Get a reference to our centralized key vault service which lives
// in another resource group. The key vault service itself is not created or maintained
// by this program.
var keyVault =
Output.Create(GetVault.InvokeAsync(
new GetVaultArgs()
{
ResourceGroupName = sharedResourceGroupName,
VaultName = sharedKeyVaultName
}));
Is there any way to do this if that key vault is in a different subscription?var sharedSubscriptionProvider = new Provider(sharedSubscriptionName, new ProviderArgs() { SubscriptionId = sharedSubscriptionId });
var keyVault =
Output.Create(GetVault.InvokeAsync(
new GetVaultArgs()
{
ResourceGroupName = sharedResourceGroupName,
VaultName = sharedKeyVaultName
},
new InvokeOptions()
{
Provider = sharedSubscriptionProvider
}));