powerful-football-81694
10/31/2021, 6:27 PMwooden-receptionist-75654
11/01/2021, 1:48 PMauthorization.RoleAssignment
. Is there any way to get roleDefinitionId
by the name?
For example I’d like to use DNS Zone Contributor. How can I get it can roleDefinitionId for my subscription?chilly-magazine-4507
11/01/2021, 2:40 PMbrainy-eve-42271
11/01/2021, 6:03 PMconst storageAccountName = `storage${pulumi.getStack()}`;
const storage = new azure.storage.Account(
storageAccountName,
{
resourceGroupName: resourceGroup.name,
accountTier: "standard",
accountReplicationType: "LRS",
accountKind: "BlobStorage",
},
{
deleteBeforeReplace: true,
}
);
const appInsightsContainer = new azure.storage.Container("appinsights", {
storageAccountName: storage.name,
containerAccessType: "private",
});
const exportConfiguration = new azure_native.insights.ExportConfiguration(`export-configuration`, {
destinationAccountId: storage.id,
destinationAddress: storage.primaryBlobEndpoint,
destinationType: "Blob",
isEnabled: "true",
notificationQueueEnabled: "false",
notificationQueueUri: "",
recordTypes: "Requests, Event, Exceptions, Metrics, PageViews, PageViewPerformance, Rdd, PerformanceCounters, Availability,Messages",
resourceGroupName: resourceGroup.name,
resourceName: appInsights.name,
});
powerful-football-81694
11/01/2021, 7:07 PMerror: autorest/azure: error response cannot be parsed: "" error: EOF
when Pulumi fails to create a resource?
I turned on verbose logging to file but it doesn’t reveal more that what’s already shown in the output.brash-quill-35776
11/02/2021, 2:07 AMKeyVault
module, the only thing I can find is the getSecret
but it shows as below, not sure how to get the actual value then
Do I have to call the data plane rest API myself manually?mysterious-piano-88140
11/02/2021, 2:34 PMgorgeous-match-99659
11/03/2021, 4:16 PMabundant-book-94104
11/04/2021, 3:55 AMchilly-magazine-4507
11/08/2021, 10:09 AMwooden-receptionist-75654
11/08/2021, 10:43 AMerror: Code="CustomKubeletIdentityMissingPermissionError" Message="The cluster user assigned identity must be given permission to assign kubelet identity...
even so I have dependency on it.
I have something like this in my code:
const cpIdentity = new managedidentity.UserAssignedIdentity("controlPlaneIdentity", {
location: `${location}`,
resourceGroupName: resourceGroup.name,
resourceName: `${controlPlaneIdentity}`,
});
const kubeletIdentity = new managedidentity.UserAssignedIdentity("kubeletIdentity", {
location: config.location,
resourceGroupName: resourceGroup.name,
resourceName: `${kubeletIdentity}`,
});
const identityRoleAssignment = new authorization.RoleAssignment("controlPlane-ManagedIdentityOperator", {
principalId: cpIdentity.principalId,
principalType: "ServicePrincipal",
roleDefinitionId: `/subscriptions/${config.subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/${config.managedIdentityOperatorId}`,
scope: resourceGroup.id,
});
const cluster = new containerservice.ManagedCluster(
"aks-cluster",
{
...
identity: {
type: "UserAssigned",
userAssignedIdentities: cpIdentity.id.apply((id) => {
const dict: { [key: string]: any } = {};
dict[id] = {};
return dict;
}),
},
identityProfile: {
kubeletidentity: {
clientId: kubeletIdentity.clientId,
resourceId: kubeletIdentity.id,
objectId: kubeletIdentity.principalId,
},
},
....
},
{ dependsOn: [cpIdentity] }
);
Second re-run successfully deploy cluster.
Is there any wait to build a proper dependency on it?millions-candle-46687
11/09/2021, 7:51 AMfull-winter-70537
11/10/2021, 6:09 AMpolite-shoe-79877
11/10/2021, 10:05 AMbrash-quill-35776
11/11/2021, 12:27 AM*readonly* identity: pulumi.Output<outputs.web.ManagedServiceIdentityResponse | undefined>;
How do I put them into another Input
type? I would get
Type 'Output<string | undefined>' is not assignable to type 'Input<string>'.
Type 'OutputInstance<string | undefined>' is not assignable to type 'Input<string>'.
Type 'OutputInstance<string | undefined>' is not assignable to type 'OutputInstance<string>'.
Type 'string | undefined' is not assignable to type 'string'.
Type 'undefined' is not assignable to type 'string'.ts(2322)
wet-noon-14291
11/11/2021, 4:41 PMwet-noon-14291
11/12/2021, 11:21 AMrefined-tent-12187
11/12/2021, 11:33 AMabundant-book-94104
11/15/2021, 4:59 AMvirtual_network = azure_native.network.VirtualNetwork("My-Vnet-10-3-0-0",
address_space=azure_native.network.AddressSpaceArgs(
address_prefixes=["10.3.0.0/16"],
),
tags={
"Company": "Company Group",
"ENVCODE": "DEV",
"Environment": "Development",
"Owner": "PMM"
},
location="somewhere",
resource_group_name="DEV-ARG-Networks",
virtual_network_name="DEV-ADS-Vnet-001"),
subnets = [azure_native.network.SubnetArgs(
address_prefix="10.3.2.0/27",
name='DEV-ADS-Subnet-10-3-2-0',
service_endpoints=[azure_native.network.ServiceEndpointPropertiesFormatArgs(
service="Microsoft.Sql",
)]
)]
some-ram-70663
11/15/2021, 10:19 AMadorable-soccer-30455
11/16/2021, 3:13 PMimportant-book-47803
11/16/2021, 3:31 PMBackupPolicy = new PeriodicModeBackupPolicyArgs
{
PeriodicModeProperties = new PeriodicModePropertiesArgs
{
BackupIntervalInMinutes = 1440,
BackupRetentionIntervalInHours = 168
},
Type = "Periodic"
},
This is my code where I am setting it to be periodic but I want to have tests to check these values, however when getting the BackupPolicy.Value it is always of type ContinuousModeBackupPolicyResponse so I am unable to test minutes/hours values. These will change depending on environment.
It does deploy correctly to azure as periodic with those values but don't want to have a manual check around this. For Azure.Core it worked as expected.adorable-soccer-30455
11/19/2021, 11:50 AMelegant-stone-54832
11/21/2021, 8:13 PMvar sqlServerManagedIdentity = sqlServer.Identity.Apply(x => x.PrincipalId);
new AppRoleAssignment("SqlServerDirectoryReader", new AppRoleAssignmentArgs
{
AppRoleId = "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
PrincipalObjectId = sqlServerManagedIdentity,
ResourceObjectId = sqlServerManagedIdentity
});
I dont' know the difference between PrincipalObjectId and ResourceObjectId 😕 Does any one has an idea?faint-tiger-16075
11/22/2021, 5:48 PMancient-eve-13947
11/24/2021, 1:33 PMadamant-motherboard-21586
11/26/2021, 8:27 AMabundant-book-94104
11/29/2021, 5:04 AMflaky-school-82490
11/29/2021, 12:04 PMabundant-book-94104
11/29/2021, 11:11 PM