Channels
#python
Title
f
few-pillow-1133
04/14/2021, 6:23 PMAny idea how to use azure native to create azure data factory with encryption enabled, as well as user manged identity
Copy code
adf_uai = azure_native.managedidentity.UserAssignedIdentity(
adf_config['encryption']['user_assigned_identity']['name'],
resource_name_=adf_config['encryption']['user_assigned_identity']['name'],
location=config_data['location'],
resource_group_name=config_mmazzargxx['name'],
tags=adf_config['tags']
)
data_factory = azure_native.datafactory.Factory(
adf_config['factory']['name'],
factory_name=adf_config['factory']['name'],
encryption=azure_native.datafactory.EncryptionConfigurationArgs(
key_name=adf_k.name,
key_version=pulumi.Output.all(adf_k.key_uri_with_version) \
.apply(lambda args: urlparse(args[0]).path.rpartition('/')[2]),
vault_base_url=pulumi.Output.all(adf_k.key_uri_with_version).apply(lambda args: f'{urlparse(args[0]).scheme}://{urlparse(args[0]).netloc}'),
identity=azure_native.datafactory.CMKIdentityDefinitionArgs(
user_assigned_identity=adf_uai.id
)
),
public_network_access=adf_config['networking']['public_network_access'],
global_parameters=adf_config['factory']['global_parameters'],
identity=azure_native.datafactory.FactoryIdentityArgs(
type=adf_config['encryption']['user_assigned_identity']['type'],
user_assigned_identities={
adf_config['encryption']['user_assigned_identity']['name']: adf_uai.id
}
),
....
)error: autorest/azure: Service returned an error. Status=400 Code="LinkedInvalidPropertyId" Message="Property id 'mmazzadwsnduai-dls' at path '' is invalid. Expect fully qualified resource Id that start with '/subscriptions/{subscriptionId}' or '/providers/{resourceProviderNamespace}/'."w
witty-candle-66007
04/14/2021, 6:56 PMThe error is coming from Azure - the Status=400 indicates it’s coming back from Azure.
And it looks to me that you are passing a property that contains the string
mmazzadwsnduai-dls/subscriptsion/…/providers/….f
few-pillow-1133
04/15/2021, 1:10 AMThanks @witty-candle-66007
value
mmazzadwsnduai-dlsuser_assigned_identitiesadf_uaitype inference also seems not to be working correctly...this affects dependency hierarchy resolution. If we hard-code the resource group name without referencing it, then the factory might be created before the resource group name
Copy code
File "/usr/lib/python3.8/runpy.py", line 282, in run_path
return _run_code(code, mod_globals, init_globals,
File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "./__main__.py", line 4, in <module>
resources = infra.create_resources()
File "./__infra__.py", line 281, in create_resources
data_factory = create_data_factory(mmazzargxx, adf_kv, adf_k, adf_uai, adf_config, config_mmazzargxx)
File "./__infra__.py", line 253, in create_data_factory
resource_group_name=mmazzargxx.name,
AttributeError: 'tuple' object has no attribute 'name'
error: an unhandled error occurred: Program exited with non-zero exit code: 1ok...sorted out the dependency hierarchy resolution....now back to using
user_assigned_identitiesThinking of using
Copy code
user_assigned_identities={
adf_uai.id: {}
}
it however fails with
TypeError: <pulumi.output.Output object at 0x7f7e6f2b2ee0> has type Output, but expected one of: bytes, unicode
error: an unhandled error occurred: Program exited with non-zero exit code: 1w
witty-candle-66007
04/15/2021, 1:35 PMI’m not sure I’m following all the details, but you may have to put the code inside an
.apply()👍 1