https://pulumi.com logo
Join Slack
Powered by
Hey, hope all well! I'm loving Pulumi but struggli...
# general
c
Hey, hope all well! I'm loving Pulumi but struggling with Private DNS zones in Azure. This code:
Copy code
private_dns_zone_docintel = network.PrivateZone("privateDnsZoneDocIntel",
                                                    resource_group_name=resource_group.name,
                                                    private_zone_name="privatelink.cognitiveservices.azure.com")
Gives this error:
Copy code
azure-native:network:PrivateZone (privateDnsZoneDocIntel):
    error: autorest/azure: Service returned an error. Status=<nil> Code="MissingRegistrationForLocation" Message="The subscription is not registered for the resource type 'privateDnsZones' in the location 'WestUS2'. Please re-register for this provider in order to have access to this location."
It doesn't make sense as clearly this resource is allowed in the regions. I've verified this with:
Copy code
az provider show --namespace Microsoft.Network --query "registrationState"
I'd love some help, please! I'm clearly missing something here... Thank you!
h
it reads like something specific to your subscription--the billing unit in Azure
my wild guess is that your subscription is completely locked out of WestUS2?
c
Thanks! No, I have lots of other stuff in WestUS2. And I've tried the same code in other regions (where I also have lots). The issue seems specific to the private DNS zones. Maybe my configuration is wrong?
h
maybe? but the error doesn't read like a pulumi-side error
it really reads like a subscription/region error
c
Let me try a different subscription (as well as different region within that subscription). Thank you!
Same issue on different subscription and different region 😞
h
huh
... do you need to make a PrivateZone for Private Link?
c
That's right:
Copy code
subnet_docintel = network.Subnet(f"subnet_docintel",
                                   resource_group_name=resource_group.name,
                                   virtual_network_name=virtual_network.name,
                                   address_prefix="10.0.3.0/24",
                                   )

docintel = cognitiveservices.Account(f"documentintelligence",
                                            resource_group_name=resource_group.name,
                                            kind="FormRecognizer", 
                                            sku=cognitiveservices.SkuArgs(
                                                name="S0", 
                                            ),
    properties={
                                                "publicNetworkAccess": "Disabled",
                                                "customSubDomainName": f"tellen-{customer}-fffff"
                                            }
                                            )


private_dns_zone_docintel = network.PrivateZone("privateDnsZoneDocIntel",
                                                    resource_group_name=resource_group.name,
                                                    private_zone_name="<http://privatelink.cognitiveservices.azure.com|privatelink.cognitiveservices.azure.com>")

# Private Endpoint for the OpenAI instance
private_endpoint_docintel = network.PrivateEndpoint("privateEndpointDocIntel",
                                                        resource_group_name=resource_group.name,
                                                        location=resource_group.location,
                                                        private_link_service_connections=[{
                                                            "name": "docintelConnection",
                                                            "private_link_service_id": docintel.id,
                                                            "group_ids": ["account"],
                                                        }],
                                                        subnet={
                                                            "id": subnet_docintel.id,
                                                        })

# Link the Private DNS Zone to the VNet
dns_zone_vnet_link_docintel = network.VirtualNetworkLink("dnsZoneVnetLinkDocIntel",
                                                             resource_group_name=resource_group.name,
                                                                    private_zone_name=private_dns_zone_docintel.private_zone_name,
                                                             virtual_network={
                                                                 "id": virtual_network.id,
                                                             },
                                                             registration_enabled=False)

# Create a DNS Zone Group for the Private Endpoint
dns_zone_group_docintel = network.PrivateDnsZoneGroup("dnsZoneGroupDocIntel",
                                                          resource_group_name=resource_group.name,
                                                          private_endpoint_name=private_endpoint_docintel.name,
                                                          private_dns_zone_configs=[{
                                                              "private_dns_zone_id": private_dns_zone_docintel.id,
                                                          }])
h
What version of Azure provider are you using?
c
Copy code
pulumi==3.109.0
pulumi_azure_native==2.30.0
h
This should be global I think instead of specific loc.
c
Thanks! What should I do for that?
h
Don't see the code here but if you explicitly specifying location then set that to global
c
Amazing! Thank you. This worked:
Copy code
private_dns_zone_docintel = network.PrivateZone("privateDnsZoneDocIntel",
                                                    resource_group_name=resource_group.name,
                                                    private_zone_name="<http://privatelink.cognitiveservices.azure.com|privatelink.cognitiveservices.azure.com>", location="global")
Open in Slack
PreviousNext
Powered by