https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
azure
  • a

    astonishing-afternoon-15745

    04/01/2020, 8:30 PM
    I'm guessing its a company Azure account?
  • e

    enough-kite-69616

    04/01/2020, 8:30 PM
    I fired off an email to try to get that. Want to create the AD app and service accounts
  • e

    enough-kite-69616

    04/01/2020, 8:30 PM
    Yeah, they gave us a resource group to play around in
  • a

    astonishing-afternoon-15745

    04/01/2020, 8:31 PM
    Alright. Here you have the problem. AZ AD is always a tricky one to get rights for. Hope they will be able to assist you
  • e

    enough-kite-69616

    04/01/2020, 8:31 PM
    Thanks for the help!
    👍 1
  • a

    ancient-megabyte-79588

    04/01/2020, 8:58 PM
    @enough-kite-69616 I just went though this myself. Your AAD account (that you log into the Azure Portal) needs to have permissions to create objects in the AAD, which backs all of your company's subscriptions.
  • a

    ancient-megabyte-79588

    04/01/2020, 9:02 PM
    I think if you are put in the
    Owner
    role for the subscription, you will get permission to create Apps and Service Principals in AAD.
  • a

    ancient-megabyte-79588

    04/01/2020, 9:03 PM
    I think you can get permission without being an
    Owner
    with these permissions which are set in AAD.
  • a

    ancient-megabyte-79588

    04/01/2020, 9:03 PM
  • a

    ancient-megabyte-79588

    04/01/2020, 9:06 PM
    There are also two settings that your AAD administrator can set globally that caused us some problems. Users can register applications - this needs to be on for a plain-old user (owner or not) to be able to create an App or SP Restrict access to Azure AD administration portal - this needs to be on to allow Azure portal users to see the AAD (for diagnosing permission problems)
  • e

    enough-kite-69616

    04/01/2020, 9:18 PM
    @ancient-megabyte-79588 Thanks so much!
    👍 1
  • f

    future-kite-91191

    04/02/2020, 9:24 AM
    Hi! I have an issue while creating an Azure Load Balancer using Pulumi. Al parts/dependencies are created fine, except for the NatPool, although there is a resource in the Resources tab in the Pulumi stack:
  • f

    future-kite-91191

    04/02/2020, 9:25 AM
    When I click the link in the right top corner, Azure gives me a 404
  • f

    future-kite-91191

    04/02/2020, 9:26 AM
  • f

    future-kite-91191

    04/02/2020, 9:37 AM
    Every resource created for this Azure Load Balancer is created successfully, except for the NatPool (ref: https://www.terraform.io/docs/providers/azurerm/r/lb_nat_pool.html)
  • f

    future-kite-91191

    04/02/2020, 9:38 AM
    Any insights on what might be the cause, please let me know 😃
  • b

    better-rainbow-14549

    04/02/2020, 10:40 AM
    azure not allowing multiple copies of the same role to exist is one of the most tedious problems to fix with pulumi
  • f

    future-kite-91191

    04/02/2020, 2:19 PM
    @tall-librarian-49374 is it possible that Pulumi reports that a resource is created in Azure, when it actually is not?
  • t

    tall-librarian-49374

    04/02/2020, 2:21 PM
    This is surprising… Does it happen every time you try?
  • f

    future-kite-91191

    04/02/2020, 2:25 PM
    Did a destroy and up and destroy.. Also against alternative subscription, same result
  • f

    future-kite-91191

    04/02/2020, 2:26 PM
    Makes no sense, right?
  • t

    tall-librarian-49374

    04/02/2020, 2:41 PM
    Could it be that the link is broken but the resource exists?
  • f

    future-kite-91191

    04/02/2020, 2:53 PM
    See my previous screenshots, accessing the natpools pane from the LB resource page in Azure
  • f

    future-kite-91191

    04/02/2020, 2:54 PM
    When I click in the link from Pulumi, I get a 404 message inside the Azure Portal UI. Typical message you get after deleting a resource in Azure and try to access it
  • f

    future-kite-91191

    04/02/2020, 3:01 PM
    The other resource types inside the LB are created all okay
  • a

    ancient-megabyte-79588

    04/02/2020, 3:13 PM
    What happens when you create the LB using simple
    az
    cli?
  • h

    handsome-optician-50551

    04/03/2020, 8:24 AM
    Hello, I was looking at restricting access to my app service and found your issue: Hiding App Service behind a VNet #263 and was wondering what the status is on this? Is it stil in development or is it available?
    t
    • 2
    • 4
  • p

    plain-eye-9759

    04/03/2020, 8:37 AM
    Please help, I'm trying to create an Event Grid subscription to an Custom topic, using the Pulumi ARM template deployment. ARM template looks like this:
    {
      name: "[concat(variables('topicName'), '/Microsoft.EventGrid/', variables('eventGridSubscriptionName'))]",
      type: "Microsoft.EventGrid/topics/providers/eventSubscriptions",
      location: "[variables('location')]",
      apiVersion: "2018-01-01",
      properties: {
          functionUrl: "[concat('https://', variables('functionAppName'),'.<http://azurewebsites.net/runtime/webhooks/eventgrid?functionName=|azurewebsites.net/runtime/webhooks/eventgrid?functionName=>', variables('functionName'),'&code=')]",
          destination: {
             endpointType: "WebHook",
             properties: {
                endpointUrl: "[concat(variables('functionUrl'), listKeys(resourceId('Microsoft.Web/sites/host/', variables('functionAppName'), 'default'),'2016-08-01').systemkeys.eventgrid_extension)]"
             }
          },
          filter: {
             includedEventTypes: [
                 "All"
             ]
          }
       },
    }
    I'm getting this error
    Encountered an error (ServiceUnavailable) from host runtime.
    Looks like an Azure issue actually, but I don't know what the issue is. Also is there a way to do it directly with Pulumi? @tall-librarian-49374
    t
    • 2
    • 10
  • c

    colossal-room-15708

    04/04/2020, 3:55 AM
    Anybody got an example of a Linux / python FunctionApp? This here replaces the function app every single time a
    pulumi up
    is done because the
    osType
    has changed post deployment.
    const appservicePlan = new azure.appservice.Plan("asp", {
        resourceGroupName: resourceGroup.name,
        kind: "functionapp",
        sku: { tier: "Dynamic", size: "Y1" },
        reserved: true
    });
    
    const app = new azure.appservice.ArchiveFunctionApp("app", {
        resourceGroupName: resourceGroup.name,
        name: functionAppName,
        plan: appservicePlan,
        version: "~3",
        httpsOnly: true,
        identity: {
            type: "SystemAssigned"
        },
        archive: new pulumi.asset.FileArchive("./app"),
        appSettings: {
            "FUNCTIONS_WORKER_RUNTIME": "python"
        },
        siteConfig: {
          linuxFxVersion: "python|3.7",
          minTlsVersion: "1.2"
        }
    });
    t
    • 2
    • 10
  • p

    plain-tiger-79744

    04/06/2020, 12:20 PM
    Hi guys! How does Pulumi suppose to work with App Services depending on SQL Azure Databases that need to be updated? Our current deployments work like that. Stopp App Service --> deploy database(migration) --> deploy Web app (files) --> start App Service. Does Pulumi support this scenario?
Powered by Linen
Title
p

plain-tiger-79744

04/06/2020, 12:20 PM
Hi guys! How does Pulumi suppose to work with App Services depending on SQL Azure Databases that need to be updated? Our current deployments work like that. Stopp App Service --> deploy database(migration) --> deploy Web app (files) --> start App Service. Does Pulumi support this scenario?
View count: 3