future-analyst-18745
11/28/2022, 12:02 AM- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
name: Pulumi
on:
push:
branches:
- main
jobs:
update:
name: Update
runs-on: ubuntu-latest
defaults:
run:
working-directory: <path/to/go.mod>
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: 1.19.x
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- run: go mod download
- uses: pulumi/actions@v3
with:
work-dir: <path/to/go.mod>
command: up
stack-name: org-name/stack-name # When using an individual account, only use stack-name.
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
Note: The abovecommand will give you theaz ad sp create-for-rbac
deprecation warning. As we are working with CLI for this deprecation process, we strongly recommend users to use this--sdk-auth
flag as the result dictionary output changes and not accepted by login action if--sdk-auth
is not used.--sdk-auth
Could not create application: graphrbac.ApplicationsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2022-11-28T16:57:29","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"c25989a6-dfb0-4e49-ad1a-0ce14dac8758"}}]
az role assignment create --assignee "servicePrincipalIdPlaceholder" --role "Owner" --subscription "subscriptionIdPlaceholder"
az rest --method post --uri <https://graph.microsoft.com/v1.0/servicePrincipals/60b3f8d5-92c6-4f51-93f0-8d0f0825cf9d/appRoleAssignedTo> --body '{ "principalId": "servicePrincipalIdPlaceholder", "resourceId": "subscriptionIdPlaceholder", "appRoleId": "1cda74f2-2616-4834-b122-5cb1b07f8a59" }'
az rest --method post --uri <https://graph.microsoft.com/v1.0/servicePrincipals/60b3f8d5-92c6-4f51-93f0-8d0f0825cf9d/appRoleAssignedTo> --body '{ "principalId": "servicePrincipalIdPlaceholder", "resourceId": "subscriptionIdPlaceholder", "appRoleId": "78c8a3c8-a07e-4b9e-af1b-b5ccab50a175" }'