Hi, I am creating an azure container app with Pulumi native v1.66. My container app in azure 'subscription1' and azure container registry is in 'subscription2'. I am trying to add Registry when creating container app but it throws error ERROR: The resource with name 'testacr' and type 'Microsoft.ContainerRegistry/registries' could not be found in subscription 'subscription1'. var containerApp= new ContainerApp(appName, new ContainerAppArgs { Configuration = new ConfigurationArgs { Dapr = new DaprArgs { AppPort = 80, AppProtocol = "http", Enabled = true, }, Ingress = new IngressArgs { External = false, TargetPort = 80 }, Secrets = new InputList<SecretArgs> { new SecretArgs { Name = "registry-password", Value = "testpassword"} }, Registries = new InputList<RegistryCredentialsArgs> // From other subscription { new RegistryCredentialsArgs { Server ="testacr.azurecr.io", Username = "testacr", PasswordSecretRef = "registry-password" } } } }

Trying to add an Azure Classic component to my stack which is mostly Azure Native components, I've configured the required

azure:*

auth settings for the same service principal that

azure-native:*

uses, but I'm getting the following error:

error: failed to load application credentials:
    Details: 1 error occurred:
        * A Subscription ID must be configured when authenticating as a Service Principal using a Client Secret.

azure:subscriptionId

is definitely configured, could this error be masking something else? Is there an issue with running Azure Native and Azure Classic side by side?

Hi all! 🙂 I am having an issue with Pulumi error handling using Typescript. I have created some resources on Azure: • Virtual Network + subnets • storage account • blob privatelink When I try to create several other privatelinks I am not able to validate if one of them already exists and only create the ones that don't exist yet. I have followed the following logic: • used a try-catch block • in the try block I validate if the private DNS zone exists with the respective get function ◦ This will result in passing for the blob one, but failing to retrieve that information for the other 3 that don't exist yet ◦ I try to catch the errors and execute additional logic on the catch block • in the catch block I implemented the logic to create the privatelinks ans DNS zone configurations, as well as private endpoints for the services that caused the error What happens: • the errors are not suppressed quietly by the catch block • when I run

pulumi up

the errors are thrown and provisioning fails Is there any way I can implement the logic I have mentioned without having those errors blocking my deployment?

Azure 'WebApp' => How to set 'WebApp - DiagnosticSettings' => Hi all! I need to set the Diagnostic Settings of my azure webapp via Pulumi/TypeScript. For this I have identified the resource type 'WebAppDiagnosticLogsConfiguration'. I need to set the following Diagnostic Settings available in Azure Portal: - HTTP Logs - App Service Console Logs - App Service Application Logs But unfortunately there is no property in 'WebAppDiagnosticLogsConfiguration' for these settings (e.g. for 'App Service Console Logs'). What am I doing wrong or which resource should I use to set the Diagnostic Settings?

Update: seems to be the same issue as this one: https://github.com/pulumi/pulumi-azure-native/issues/1751 Hi pulumiers! Noob question coming your way... I'm creating an Azure File share - it's about as simple as I can get it, yet each time I run the code I end up with a series of changes being detected on the file share which causes the thing to be re-deployed - and presumably due to the way Azure takes "some time" to do this I get errors during the up (due to the share being deleted by Azure): here's the wonderful code to get a storage account + share

Storage = new StorageAccount($"{InputArgs.DevOpsProjectShortName}store", new StorageAccountArgs()
{
    EnableHttpsTrafficOnly = true,
    EnableNfsV3 = false,
    Kind = "StorageV2",
    ResourceGroupName = Runtime.InfraResGroupName,
    Location = InputArgs.Location,
    Sku = new Pulumi.AzureNative.Storage.Inputs.SkuArgs()
    {
        Name = "Standard_LRS"
    },
    AllowBlobPublicAccess = false
});

StorageFileShare = new FileShare($"{InputArgs.DevOpsProjectName}share", new()
{
    AccountName = Storage.Name,
    ResourceGroupName = Runtime.InfraResGroupName,
    ShareName = "migration"
});

I am a little confused... I don't know why the pulumi system thinks that the file share is worth replacing... this is the partial output from a subsequent pulumi up (with refresh and diff): [provider=urn😛ulumi:creditor-test:😛rojects:😛ulumi:providers:azure-native::default_1_73_0::bb23b3b0-c386-4ed9-8f78-0f5c59555be7] - accessTier: "TransactionOptimized" - shareQuota: 5120 --outputs:-- - accessTier : "TransactionOptimized" - accessTierChangeTime: "2022-09-15T12:33:40.0000000Z" - etag : "\"0x8DA971685991300\"" - lastModifiedTime : "2022-09-15T12:33:41.0000000Z" - shareQuota : 5120 --outputs:-- Help appreciated and thank you!

Curious if anyone has gotten Managed (Preview) certificates to work in Azure APIM. https://github.com/pulumi/pulumi-azure-native/blob/28e21fd728e80fdc2878c760a6e6f4c[…]Management/V20211201Preview/Inputs/HostnameConfigurationArgs.cs

Hi. I hope someone can help me. I am using

azure-native

on pulumi and am trying to import an existing blobcontainer to my pulumi stack. My issue is that I can't figure out how to get the

ID

for the blobcontainer. I have gotten the storage account imported but am not able to find the ID for the container as provided in the example here. Does anyone know what azure cli command I can run to get the ID? I have tried

storage container show

but that does not return an ID in the format as shown in the example import statement.

Is it possible to directly zip deploy a package to an App Service/ Azure Function without having to use an external package stored in a blob? I have seen this issue in the classic provider that has been closed, but I was wondering if the azure native provider supports that. I guess I could write some custom C# code to directly call the zipdeploy endpoint in an Apply method but it was buil-in Pulumi I think it would be better.

I’m having some trouble looking up a VirtualNetwork. I have the name of the AKS cluster it is used by, and I’m getting the cluster.NodeResourceGroup property. That gives me the ResourceGroup that the VirtualNetwork is in. I know the VirtualNetwork has a name that matches “aks-vnet-12345678”, but I don’t know the exact name. Is it possible to do it this way? Is there a better way? My end goal is to create a VirtualNetworkLink from a new PrivateZone to the cluster’s VirtualNetwork

General Question: For the Azure Native provider it doesn't seem to support the ability to set up Sql Server or Database Audit Policies with Log Analytics Work Spaces, however its available via the CLI this also appears to be the case for the Azure Classic Provider as well. Am I correct here, or am I missing a version that supports this?

Hi, We have an existing azure container registry in different subscription (sub1) and we try to add this registry when create an azure container app in different subscription (sub2)

var containerApp= new ContainerApp(appName, new ContainerAppArgs
            {
                Configuration = new ConfigurationArgs
                {
                    Dapr = new DaprArgs
                   {
                     AppPort = 80,
                     AppProtocol = "http",
                     Enabled = true,
                   },
                    Ingress = new IngressArgs
                    {
                        External = false,
                        TargetPort = 80
                    },
                    Secrets = new InputList<SecretArgs>
                    {
                        new SecretArgs { Name = "registry-password", Value = "testpassword"}
                    },
                    Registries = new InputList<RegistryCredentialsArgs>   // From other subscription
                    {
                        new RegistryCredentialsArgs
                        {
                            Server ="<http://testacr.azurecr.io|testacr.azurecr.io>",
                            Username = "testacr",
                            PasswordSecretRef = "registry-password"
                        }
                    }
                }
}

but get ERROR: The resource with name 'testacr' and type 'Microsoft.ContainerRegistry/registries' could not be found in subscription 'sub2'. In workaround I have tried following CLI command to add registry from other subscription to container app and it works az containerapp registry set -n MyContainerapp -g MyResourceGroup --server MyExistingContainerappRegistry.azurecr.io --username MyRegistryUsername --password MyRegistryPassword Do we have any similar workaround in Pulumi?

I'm seeing an issue with deploying changes to an already running App Service, and the application files being completed wiped post deploy. Just experienced it, where the Pulumi changes were simply adding some diagnostic settings to the app service and adding some app settings for a Application Insights instance. I would expect to see the ap p service restart due to the app setting changes, but not a wipe of the application code completely.. Has anyone else experienced anything similar?

message has been deleted

Has anyone had any success deploying new subscriptions with Pulumi (

Pulumi.AzureNative.Subscription.Alias

)? I'm trying to achieve this in line with the "Landing Zones" architecture, but Pulumi just hangs during the

preview

operation 😕

Hello, team! Does Pulumi have the functionality to manage users for MSSQL database (not the server admin user)? If not, do you have any ideas to implement it on your own?

I recently updated to v3.40.2 and am migrating my resources to use azure-native. While attempting to import, I received the below error. I am not able to find any related issue through GitHub.

error: Preview failed: autorest/azure: Service returned an error. Status=400 Code="MissingApiVersionParameter" Message="The api-version query parameter (?api-version=) is required for all requests."

How can I use Pulumi to create a host key for a web app configured to run azure functions? Thanks Alan

Hello Im creating a simple Virtual Network using the Azure Native library which works fine. I then create 3 Subnets using the same library and it connects onto the VNET no problem. When I go to do a simple pulumi refresh after all resources have been created it will remove it from the VNET causing my next pulumi up command to fully delete the subnet. Has anyone experienced this issue before? This is my first time using this library am I just missing something simple?

With 3.42.0, messaging is now coming through by default on every cli command for azureblob backend. Any way to suppress these?

2022/10/10 10:12:39 azureblob: constructed service URL: <azure storage account url>
2022/10/10 10:12:39 azureblob.URLOpener: using shared key credentials

Hi Guys,

I’m creating a DB with the azure-native provider, and setting some configuration flags on the database. If I add more than a handful of flags, I see errors which I believe are due to rate limiting from the Azure API. We have had this problem using Terraform, as well. Is it possible to restrict how often Pulumi calls out to the API, to avoid this? I’m creating a dbforpostgresql.Server and about 20 flags using dbforpostgresql.Configuration. Alternatively, is there some better way to do this? Using the GCP API, the equivalent of this is to include a list of flags when creating the server. The way this works in Azure feels very clumsy.

Is there any plan to support creation of Cognitive Search Indexes in the azure-native plugin? Azure REST calls: https://learn.microsoft.com/en-us/rest/api/searchservice/create-index Pulumi Search (service only): https://www.pulumi.com/registry/packages/azure-native/api-docs/search/

I was trying to configure public network access settings for storage accounts using the

pulumi-azure-native

Python SDK (seems to apply to all languages though) and there seems to be a missing property. The property is

public_network_access

which sets network access configurations for a storage account (see screenshot from Azure Portal). This property was introduced in the Azure API spec for storage accounts in

2021-06-01

but the provider seems to be generating the SDK based on a very old spec

2021-02-01

with 5 newer versions available, the newest being

2022-05-01

and Azure using

2021-09-01

in their docs. Azure REST API docs, showing version 2021-09-01, with the property available: https://learn.microsoft.com/en-us/rest/api/storagerp/storage-accounts/create?tabs=HTTP Pulumi’s storage.StorageAccount where the property was first available: https://github.com/pulumi/pulumi-azure-native/blob/master/sdk/python/pulumi_azure_native/storage/v20210601/storage_account.py#L43 Current storage.StorageAccount: https://github.com/pulumi/pulumi-azure-native/blob/master/sdk/python/pulumi_azure_native/storage/storage_account.py Questions • How come the SDK is based on such an old spec for storage accounts? • Is it considered okay to use other versions of the spec in code? Like referencing:

storage.v20220501.storage_account

Is it possible to spin up the new Postgres cosmos db with pulumi yet?

Morning all. Anyone know if the new Log Compaction feature in Azure Event Hubs is available in Pulumi yet?

Has anyone had success creating/deploying a private AKS from an Az Hosted agent?

I'm trying to create an azure Redis instance at the Basic SKU. When I execute pulumi up, it fails because

"Code="InvalidRequestBody" Message="The value of the parameter 'properties.subnetId' is invalid."

However specifying a subnet ID is only available at the Premium SKU and gives this error if specified:

Message="Feature properties.subnetId requires a Premium sku to be set.

I'm not really sure how to get this to work at the basic tier. I've tired setting

PublicNetworkAccess: "Enabled"

, but still get the same issue

Nevermind I figured it out, I had to remove the StaticIP property

Is there a recommended way to include a file as a dependency to a Pulumi Command and trigger an update if that file changes? I have a Command that uploads a file to a filestore by calling

az storage file upload

but would like an update to be triggered if the file contents changes. I could possibly hack around this by changing the filename each time, but that’s not ideal and easily forgotten. Unfortunately this doesn’t look like it’s supported in the spec even though it was in az classic: https://pulumi-community.slack.com/archives/C84L4E3N1/p1648163487694929?thread_ts=1648066957.732819&amp;cid=C84L4E3N1 I briefly looked into a Dynamic Provider but that’s not supported in dotnet. Any suggestions welcome 🙂