I'm guessing its a company Azure account?

I fired off an email to try to get that. Want to create the AD app and service accounts

Yeah, they gave us a resource group to play around in

Alright. Here you have the problem. AZ AD is always a tricky one to get rights for. Hope they will be able to assist you

Thanks for the help!

@enough-kite-69616 I just went though this myself. Your AAD account (that you log into the Azure Portal) needs to have permissions to create objects in the AAD, which backs all of your company's subscriptions.

I think if you are put in the

Owner

role for the subscription, you will get permission to create Apps and Service Principals in AAD.

I think you can get permission without being an

Owner

with these permissions which are set in AAD.

There are also two settings that your AAD administrator can set globally that caused us some problems. Users can register applications - this needs to be on for a plain-old user (owner or not) to be able to create an App or SP Restrict access to Azure AD administration portal - this needs to be on to allow Azure portal users to see the AAD (for diagnosing permission problems)

@ancient-megabyte-79588 Thanks so much!

Hi! I have an issue while creating an Azure Load Balancer using Pulumi. Al parts/dependencies are created fine, except for the NatPool, although there is a resource in the Resources tab in the Pulumi stack:

When I click the link in the right top corner, Azure gives me a 404

Every resource created for this Azure Load Balancer is created successfully, except for the NatPool (ref: https://www.terraform.io/docs/providers/azurerm/r/lb_nat_pool.html)

Any insights on what might be the cause, please let me know 😃

azure not allowing multiple copies of the same role to exist is one of the most tedious problems to fix with pulumi

@tall-librarian-49374 is it possible that Pulumi reports that a resource is created in Azure, when it actually is not?

This is surprising… Does it happen every time you try?

Did a destroy and up and destroy.. Also against alternative subscription, same result

Makes no sense, right?

Could it be that the link is broken but the resource exists?

See my previous screenshots, accessing the natpools pane from the LB resource page in Azure

When I click in the link from Pulumi, I get a 404 message inside the Azure Portal UI. Typical message you get after deleting a resource in Azure and try to access it

The other resource types inside the LB are created all okay

What happens when you create the LB using simple

az

cli?

Hello, I was looking at restricting access to my app service and found your issue: Hiding App Service behind a VNet #263 and was wondering what the status is on this? Is it stil in development or is it available?

Please help, I'm trying to create an Event Grid subscription to an Custom topic, using the Pulumi ARM template deployment. ARM template looks like this:

{
  name: "[concat(variables('topicName'), '/Microsoft.EventGrid/', variables('eventGridSubscriptionName'))]",
  type: "Microsoft.EventGrid/topics/providers/eventSubscriptions",
  location: "[variables('location')]",
  apiVersion: "2018-01-01",
  properties: {
      functionUrl: "[concat('https://', variables('functionAppName'),'.<http://azurewebsites.net/runtime/webhooks/eventgrid?functionName=|azurewebsites.net/runtime/webhooks/eventgrid?functionName=>', variables('functionName'),'&code=')]",
      destination: {
         endpointType: "WebHook",
         properties: {
            endpointUrl: "[concat(variables('functionUrl'), listKeys(resourceId('Microsoft.Web/sites/host/', variables('functionAppName'), 'default'),'2016-08-01').systemkeys.eventgrid_extension)]"
         }
      },
      filter: {
         includedEventTypes: [
             "All"
         ]
      }
   },
}

I'm getting this error

Encountered an error (ServiceUnavailable) from host runtime.

Looks like an Azure issue actually, but I don't know what the issue is. Also is there a way to do it directly with Pulumi? @tall-librarian-49374

Anybody got an example of a Linux / python FunctionApp? This here replaces the function app every single time a

pulumi up

is done because the

osType

has changed post deployment.

const appservicePlan = new azure.appservice.Plan("asp", {
    resourceGroupName: resourceGroup.name,
    kind: "functionapp",
    sku: { tier: "Dynamic", size: "Y1" },
    reserved: true
});

const app = new azure.appservice.ArchiveFunctionApp("app", {
    resourceGroupName: resourceGroup.name,
    name: functionAppName,
    plan: appservicePlan,
    version: "~3",
    httpsOnly: true,
    identity: {
        type: "SystemAssigned"
    },
    archive: new pulumi.asset.FileArchive("./app"),
    appSettings: {
        "FUNCTIONS_WORKER_RUNTIME": "python"
    },
    siteConfig: {
      linuxFxVersion: "python|3.7",
      minTlsVersion: "1.2"
    }
});