I'm running into an issue when I attempt to run the 'Azure Resource Group Deploy' release task to create/update a resource group and the resources within it via an ARM Template. In particular, I need to have the Virtual Machine created by the ARM template accessible via WinRM; This needs to be done so that I can copy files (specifically a ZIP file containing the results of a build) to the VM in a later step.
Currently, I have the 'Template' portion of this task set up as follows: https://i.imgur.com/mvZDIMK.jpg (I can't post images since I don't have reputation here yet...)
Unless I've misunderstood (which is definitely possible), the "Configure with WinRM" option should allow the release step to create a WinRM Listener on any Virtual Machines created by this step.
I currently have the following resources in the ARM Template:
{
"type": "Microsoft.Storage/storageAccounts",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "Storage",
"name": "[variables('StorageAccountName')]",
"apiVersion": "2018-02-01",
"location": "[parameters('LocationPrimary')]",
"scale": null,
"tags": {},
"properties": {
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": false,
"encryption": {
"services": {
"file": {
"enabled": true
},
"blob": {
"enabled": true
}
},
"keySource": "Microsoft.Storage"
}
},
"dependsOn": []
},
{
"name": "[variables('NetworkInterfaceName')]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2018-04-01",
"location": "[parameters('LocationPrimary')]",
"dependsOn": [
"[concat('Microsoft.Network/networkSecurityGroups/', variables('NetworkSecurityGroupName'))]",
"[concat('Microsoft.Network/virtualNetworks/', variables('VNetName'))]",
"[concat('Microsoft.Network/publicIpAddresses/', variables('PublicIPAddressName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
},
"privateIPAllocationMethod": "Dynamic",
"publicIpAddress": {
"id": "[resourceId(resourceGroup().name, 'Microsoft.Network/publicIpAddresses', variables('PublicIPAddressName'))]"
}
}
}
],
"networkSecurityGroup": {
"id": "[variables('nsgId')]"
}
},
"tags": {}
},
{
"name": "[variables('NetworkSecurityGroupName')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2018-08-01",
"location": "[parameters('LocationPrimary')]",
"properties": {
"securityRules": [
{
"name": "RDP",
"properties": {
"priority": 300,
"protocol": "TCP",
"access": "Allow",
"direction": "Inbound",
"sourceAddressPrefix": "*",
"sourcePortRange": "*",
"destinationAddressPrefix": "*",
"destinationPortRange": "3389"
}
}
]
},
"tags": {}
},
{
"name": "[variables('VNetName')]",
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2018-08-01",
"location": "[parameters('LocationPrimary')]",
"properties": {
"addressSpace": {
"addressPrefixes": [ "10.0.0.0/24" ]
},
"subnets": [
{
"name": "default",
"properties": {
"addressPrefix": "10.0.0.0/24"
}
}
]
},
"tags": {}
},
{
"name": "[variables('PublicIPAddressName')]",
"type": "Microsoft.Network/publicIpAddresses",
"apiVersion": "2018-08-01",
"location": "[parameters('LocationPrimary')]",
"properties": {
"publicIpAllocationMethod": "Dynamic"
},
"sku": {
"name": "Basic"
},
"tags": {}
},
{
"name": "[variables('VMName')]",
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2018-06-01",
"location": "[parameters('LocationPrimary')]",
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', variables('NetworkInterfaceName'))]",
"[concat('Microsoft.Storage/storageAccounts/', variables('StorageAccountName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "Standard_A7"
},
"storageProfile": {
"osDisk": {
"createOption": "fromImage",
"managedDisk": {
"storageAccountType": "Standard_LRS"
}
},
"imageReference": {
"publisher": "MicrosoftWindowsDesktop",
"offer": "Windows-10",
"sku": "rs4-pro",
"version": "latest"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('NetworkInterfaceName'))]"
}
]
},
"osProfile": {
"computerName": "[variables('VMName')]",
"adminUsername": "[parameters('AdminUsername')]",
"adminPassword": "[parameters('AdminPassword')]",
"windowsConfiguration": {
"enableAutomaticUpdates": true,
"provisionVmAgent": true
}
},
"licenseType": "Windows_Client",
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[concat('https://', variables('StorageAccountName'), '.blob.core.windows.net/')]"
}
}
},
"tags": {}
}
This ARM Template currently works if I do not attempt to configure the VM to have the WinRM Listener.
When I attempt to run the release, I get the following error message:
Error number: -2144108526 0x80338012
The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig".
In all honesty, my problem is likely a lack of understanding, as this is my first time working with VM Setup in any real capacity. Any insight and advice would be greatly appreciated.
you just need to add this to the "windowsConfiguration":
"winRM": {
"listeners": [
{
"protocol": "http"
},
{
"protocol": "https",
"certificateUrl": "<URL for the certificate you got in Step 4>"
}
]
}
you also need to provision certificates
reference: https://learn.microsoft.com/en-us/rest/api/compute/virtualmachines/createorupdate#winrmconfiguration
https://learn.microsoft.com/en-us/azure/virtual-machines/windows/winrm
Related
Commonly, when there are multiple frontends IDs assigned to routing rule, they are described like this:
...
"routingRules": [
{
"name": "routingRule1",
"properties": {
"frontendEndpoints": [
{
"id": "[resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontDoorName'), 'frontendEndpoint')]"
},
{
"id": "[resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontDoorName'), 'frontendEndpoint2')]"
}
],
...
In my case I'd like to do this as a parameter type "array", but I receive error. Please see below my template, parameter file, and error message
this is front door ARM parameters deployment file
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"frontdoor_name": {
"value": "frontdoortest"
},
"frontends_all": {
"value": [
{
"name": "fe1",
"properties": {
"hostName": "frontdoortest.azurefd.net",
"sessionAffinityEnabledState": "Disabled",
"sessionAffinityTtlSeconds": 0,
"resourceState": "Enabled"
}
},
{
"name": "fe1customdns1",
"properties": {
"hostName": "dev.custom1.com",
"sessionAffinityEnabledState": "Enabled",
"sessionAffinityTtlSeconds": 0,
"resourceState": "Enabled"
}
},
{
"name": "fe1customdns2",
"properties": {
"hostName": "dev.custom2.com",
"sessionAffinityEnabledState": "Enabled",
"sessionAffinityTtlSeconds": 0,
"resourceState": "Enabled"
}
}
]
},
"frontends_one": {
"value": [
{
"id": "[concat(resourceId('Microsoft.Network/frontdoors', parameters('frontdoor_name')), '/FrontendEndpoints/fe1customdns1')]",
},
{
"id": "[concat(resourceId('Microsoft.Network/frontdoors', parameters('frontdoor_name')), '/FrontendEndpoints/fe1customdns2')]",
}
]
}
}
this is part of front door ARM resource deployment template
...
"parameters": {
"frontends_all": {
"type": "array"
},
"frontends_one": {
"type": "array"
},
"frontdoor_name": {
"type": "string"
}
}
...
{
"type": "Microsoft.Network/frontDoors",
"apiVersion": "2020-01-01",
"name": "[parameters('frontdoor_name')]",
"location": "Global",
"properties": {
"resourceState": "Enabled",
"frontendEndpoints": "[parameters('frontends_all')]", #### NO ERROR
"routingRules": [
{
"name": "routingRule1",
"properties": {
"frontendEndpoints": "[parameters('frontends_one')]", #### ERROR !!!
"acceptedProtocols": [
"Https"
],
"patternsToMatch": [
"/*",
],
"enabledState": "Enabled",
"resourceState": "Enabled",
"routeConfiguration": {
"#odata.type": "#Microsoft.Azure.FrontDoor.Models.FrontdoorForwardingConfiguration",
"forwardingProtocol": "MatchRequest",
"backendPool": {
"id": "[concat(resourceId('Microsoft.Network/frontdoors', parameters('frontdoor_name')), '/backendpools/test')]"
}
}
}
}
...
[error]BadRequest: Missing Hostname for FrontendEndpoint [resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontdoor_name'), 'fe1customdns2')] in RoutingRule routingRule1.,Missing Hostname for FrontendEndpoint [resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontdoor_name'), 'fe1customdns')] in RoutingRule routingRule1;
A resource reference was invalid: "[resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontdoor_name'), 'fe1customdns2')]";
A resource reference was invalid: "[resourceId('Microsoft.Network/frontDoors/frontendEndpoints', parameters('frontdoor_name'), 'fe1customdns1')]"
I want to create a function app with ARM template such that the ARM template references already existing storage accounts (inputstgdev and outputstgdev) which I have already parameterized. I would like the ARM template to use the inputstgdev storage account as its attached storage account such that it does not have to create a new storage account. The source control of the function app is referenced to a Gitrepo which I have also parameterized in the ARM template. Each time I run the ARM template I get the following error message
##[error]Deployment template validation failed: 'The resource '/subscriptions/bea8ac84-24a4-4e53-9198-e3b0107547d4/resourceGroups/dev-rgp/providers/Microsoft.Web/sites/functionapp/sourcecontrols/web' at line '1' and column '3069' doesn't depend on parent resource '/subscriptions/bea8ac84-24a4-4e53-9198-e3b0107547d4/resourceGroups/dev-rgp/providers/Microsoft.Web/sites/functionapp'. Please add dependency explicitly using the 'dependsOn' syntax. Please see aka.ms/arm-template/#resources for
Any suggestions what the issue might be or possible solutions.
I look forward to your response
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"InputstorageAccount": {
"defaultValue": "inputstgdev",
"type": "String"
},
"GitrepoBranch": {
"type": "string",
"defaultValue": "master",
"metadata": {
"description": "Name of the branch to use when deploying (Default = master)."
}
},
"GitrepoURL": {
"type": "string",
"defaultValue": "https://github.com/FBoucher/AzUnzipEverything.git",
"metadata": {
"description": "URL to repo (Default = master)."
}
},
"InputcontainerName": {
"type": "string",
"defaultValue": "inputcontainer",
"metadata": {
"description": "Specifies the name of the blob container."
}
},
"OutputstorageAccount": {
"defaultValue": "outputstgdev",
"type": "String"
},
"OutputcontainerName": {
"type": "string",
"defaultValue": "outputcontainer",
"metadata": {
"description": "Specifies the name of the blob container."
}
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat(parameters('InputstorageAccount'), '/default/', parameters('InputcontainerName'))]",
"properties": {
"publicAccess": "None"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat(parameters('OutputstorageAccount'), '/default/', parameters('OutputcontainerName'))]",
"properties": {
"publicAccess": "None"
}
},
{
"name": "serviceplan",
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2018-02-01",
"location": "[resourceGroup().location]",
"sku": {
"name": "F1",
"capacity": 1
},
"tags": {
"displayName": "serviceplan"
},
"properties": {
"name": "serviceplan"
}
},
{
"name": "functionapp",
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"kind": "functionapp",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', 'serviceplan')]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('InputstorageAccount'))]"
],
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', 'serviceplan')]",
"siteConfig": {
"appSettings": [
{
"name": "AzureWebJobsDashboard",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('InputstorageAccount'), ';AccountKey=', listKeys(parameters('InputcontainerName'),'2015-05-01-preview').key1)]"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('InputstorageAccount'), ';AccountKey=', listKeys(parameters('InputcontainerName'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('InputstorageAccount'), ';AccountKey=', listKeys(parameters('InputcontainerName'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[toLower('functionapp')]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId('microsoft.insights/components/', 'applicationInsightsName'), '2015-05-01').InstrumentationKey]"
},
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "dotnet"
}
]
}
},
"resources":[
{
"apiVersion": "2015-08-01",
"name": "web",
"type": "sourcecontrols",
"dependsOn": [
"[resourceId('Microsoft.Web/sites/', parameters('InputstorageAccount'))]"
],
"properties": {
"RepoUrl": "[parameters('GitrepoURL')]",
"branch": "[parameters('GitrepoBranch')]",
"publishRunbook": true,
"IsManualIntegration": true
}
}
]
}
]
}
You encountered this error message due to the wrong dependency.
You should use "[resourceId('Microsoft.Web/sites/', 'functionapp')]" instead of "[resourceId('Microsoft.Web/sites/', parameters('InputstorageAccount'))]".
And you should delete the storage dependency.
"[resourceId('Microsoft.Storage/storageAccounts', parameters('InputstorageAccount'))]"
By the way, as you already have a storage account, you just need to paste your connection string in the value of AzureWebJobsStorage and AzureWebJobsDashboard.
Just like
{
"name": "AzureWebJobsDashboard",
"value": "{connectionstring}"
}
After a Service Fabric Mesh Service has been deployed, how does one find the external facing IP Address. Things tried so far:
Looking at the properties and settings of the service in the Azure portal
Running the command az mesh app list - this shows a valid response but the IP Address is missing
Running the command az mesh app show - this shows a valid response but the IP Address is missing
Running the command az mesh service list - this shows a valid response but the IP Address is missing
Running the command az mesh service show - this shows a valid response but the IP Address is missing
Update 2018-12-10
The new ApiVersion has been released(2018-09-01-preview) and the new way of exposing Services is by using the Gateway resource. More information can be found on this github thread, and a sample was already added to the original answer
Original Answer
What you are looking for is the network public IP address:
az mesh network show --resource-group myResourceGroup --name myAppNetwork
Public Network
When you deploy an application, you place it in a network resource, this network will provide the access to your application.
Example of a define network in the :
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"metadata": {
"description": "Location of the resources."
}
}
},
"resources": [
{
"apiVersion": "2018-07-01-preview",
"name": "helloWorldNetwork",
"type": "Microsoft.ServiceFabricMesh/networks",
"location": "[parameters('location')]",
"dependsOn": [],
"properties": {
"addressPrefix": "10.0.0.4/22",
"ingressConfig": {
"layer4": [
{
"name": "helloWorldIngress",
"publicPort": "80",
"applicationName": "helloWorldApp",
"serviceName": "helloWorldService",
"endpointName": "helloWorldListener"
}
]
}
}
},
{
"apiVersion": "2018-07-01-preview",
"name": "helloWorldApp",
"type": "Microsoft.ServiceFabricMesh/applications",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.ServiceFabricMesh/networks/helloWorldNetwork"
],
"properties": {
"description": "Service Fabric Mesh HelloWorld Application!",
"services": [
{
"type": "Microsoft.ServiceFabricMesh/services",
"location": "[parameters('location')]",
"name": "helloWorldService",
"properties": {
"description": "Service Fabric Mesh Hello World Service.",
"osType": "linux",
"codePackages": [
{
"name": "helloWorldCode",
"image": "seabreeze/azure-mesh-helloworld:1.1-alpine",
"endpoints": [
{
"name": "helloWorldListener",
"port": "80"
}
],
"resources": {
"requests": {
"cpu": "1",
"memoryInGB": "1"
}
}
},
{
"name": "helloWorldSideCar",
"image": "seabreeze/azure-mesh-helloworld-sidecar:1.0-alpine",
"resources": {
"requests": {
"cpu": "1",
"memoryInGB": "1"
}
}
}
],
"replicaCount": "1",
"networkRefs": [
{
"name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'helloWorldNetwork')]"
}
]
}
}
]
}
}
]
}
source
Gateway (preview)
There are plans to provide a gateway that will bridge the external access to an internal network, would work like an ingress in kubernetes, it is still in preview, the solution would be something like this:
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location of the resources (e.g. westus, eastus, westeurope)."
}
},
"fileShareName": {
"type": "string",
"metadata": {
"description": "Name of the Azure Files file share that provides the volume for the container."
}
},
"storageAccountName": {
"type": "string",
"metadata": {
"description": "Name of the Azure storage account that contains the file share."
}
},
"storageAccountKey": {
"type": "securestring",
"metadata": {
"description": "Access key for the Azure storage account that contains the file share."
}
},
"stateFolderName": {
"type": "string",
"defaultValue": "CounterService",
"metadata": {
"description": "Folder in which to store the state. Provide a empty value to create a unique folder for each container to store the state. A non-empty value will retain the state across deployments, however if more than one applications are using the same folder, the counter may update more frequently."
}
}
},
"resources": [
{
"apiVersion": "2018-09-01-preview",
"name": "counterAzureFileShareAccountKey",
"type": "Microsoft.ServiceFabricMesh/secrets",
"location": "[parameters('location')]",
"dependsOn": [],
"properties": {
"kind": "inlinedValue",
"contentType": "text/plain",
"description": "Access key for the Azure storage account that contains the file share."
}
},
{
"apiVersion": "2018-09-01-preview",
"name": "counterAzureFileShareAccountKey/v1",
"type": "Microsoft.ServiceFabricMesh/secrets/values",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.ServiceFabricMesh/secrets/counterAzureFileShareAccountKey"
],
"properties": {
"value": "[parameters('storageAccountKey')]"
}
},
{
"apiVersion": "2018-09-01-preview",
"name": "counterVolume",
"type": "Microsoft.ServiceFabricMesh/volumes",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.ServiceFabricMesh/secrets/counterAzureFileShareAccountKey/values/v1"
],
"properties": {
"description": "Azure Files storage volume for counter App.",
"provider": "SFAzureFile",
"azureFileParameters": {
"shareName": "[parameters('fileShareName')]",
"accountName": "[parameters('storageAccountName')]",
"accountKey": "[resourceId('Microsoft.ServiceFabricMesh/secrets/values','counterAzureFileShareAccountKey','v1')]"
}
}
},
{
"apiVersion": "2018-09-01-preview",
"name": "counterNetwork",
"type": "Microsoft.ServiceFabricMesh/networks",
"location": "[parameters('location')]",
"dependsOn": [],
"properties": {
"kind": "Local",
"description": "Azure Service Fabric Mesh Counter Application network.",
"networkAddressPrefix": "10.0.0.0/24"
}
},
{
"apiVersion": "2018-09-01-preview",
"name": "counterApp",
"type": "Microsoft.ServiceFabricMesh/applications",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.ServiceFabricMesh/networks/counterNetwork",
"Microsoft.ServiceFabricMesh/volumes/counterVolume"
],
"properties": {
"description": "Azure Service Fabric Mesh Counter Application.",
"services": [
{
"name": "counterService",
"properties": {
"description": "A web service that serves the counter value stored in the Azure Files volume.",
"osType": "linux",
"codePackages": [
{
"name": "counterCode",
"image": "seabreeze/azure-mesh-counter:0.1-alpine",
"volumeRefs": [
{
"name": "[resourceId('Microsoft.ServiceFabricMesh/volumes', 'counterVolume')]",
"destinationPath": "/app/data"
}
],
"endpoints": [
{
"name": "counterServiceListener",
"port": 80
}
],
"environmentVariables": [
{
"name": "STATE_FOLDER_NAME",
"value": "[parameters('stateFolderName')]"
}
],
"resources": {
"requests": {
"cpu": 0.5,
"memoryInGB": 0.5
}
}
}
],
"replicaCount": 1,
"networkRefs": [
{
"name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'counterNetwork')]",
"endpointRefs": [
{
"name": "counterServiceListener"
}
]
}
]
}
}
]
}
},
{
"apiVersion": "2018-09-01-preview",
"name": "counterGateway",
"type": "Microsoft.ServiceFabricMesh/gateways",
"location": "[parameters('location')]",
"dependsOn": [
"Microsoft.ServiceFabricMesh/networks/counterNetwork"
],
"properties": {
"description": "Service Fabric Mesh Gateway for counter sample.",
"sourceNetwork": {
"name": "Open"
},
"destinationNetwork": {
"name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'counterNetwork')]"
},
"tcp": [
{
"name": "web",
"port": 80,
"destination": {
"applicationName": "counterApp",
"serviceName": "counterService",
"endpointName": "counterServiceListener"
}
}
]
}
}
],
"outputs": {
"publicIPAddress": {
"value": "[reference('counterGateway').ipAddress]",
"type": "string"
}
}
}
source
I'm trying to deploy a resource group from a powershell script. The script gets the parameters etc. from a .json template.
For another resource group it worked fine (I just had to insert the "adminPassword" parameter), but now I have another resoruce group, which I can't redeploy from this script. First I thougt I just have to add the parameter before, but this template has a different structure, etc. So that means that I cannot find the place to insert the parameter.
But this isn't the problem. When I run the script, I'm getting the following error:
New-AzureRmResourceGroupDeployment : 08:35:01 - Resource Microsoft.RecoveryServices/vaults/backupPolicies 'alp-prd-core-rsvault1/DefaultPolicy' failed with message '{
"error": {
"code": "BMSUserErrorInvalidPolicyInput",
"message": "Input for create or update policy is not in proper format\r\nPlease check format of parameters like schedule time, schedule days, retention time and retention days ",
"target": null,
"details": null,
"innerError": null
(Sorry for bad format)
I looked in the template and one of the parameter the powershell doesn't like is the following:
"backupPolicies_DefaultPolicy_name": {
"type": "String",
"defaultValue": "DefaultPolicy"
},
It's like the documentation from Microsoft (https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-deploy)
So for that I don't know why this doesn't work, for the other Resource Group with their template it worked.
I hope you understand my issue.
Thanks in advance!
P.S. Template: {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualNetworks_alp_prd_core_vnet1_name": {
"defaultValue": "alp-prd-core-vnet1",
"type": "String"
},
"vaults_alp_prd_core_rsvault1_name": {
"defaultValue": "alp-prd-core-rsvault1",
"type": "String"
},
"subnets_internal_name": {
"defaultValue": "internal",
"type": "String"
},
"backupPolicies_DefaultPolicy_name": {
"defaultValue": "DefaultPolicy",
"type": "String"
},
"backupPolicies_HourlyLogBackup_name": {
"defaultValue": "HourlyLogBackup",
"type": "String"
},
"backupPolicies_%name%_Backup_Policy_name": {
"defaultValue": "%name%-Backup-Policy",
"type": "String"
},
"replicationAlertSettings_defaultAlertSetting_name": {
"defaultValue": "defaultAlertSetting",
"type": "String"
},
"virtualNetworkPeerings_alp_prd_core_vnet1_Net_Sync_name": {
"defaultValue": "alp-prd-core-vnet1-Net-Sync",
"type": "String"
},
"virtualNetworks_alp_prd_core_vnet1_id": {
"defaultValue": "/subscriptions/%subsciptionID%/resourceGroups/NemetschekgroupAD/providers/Microsoft.Network/virtualNetworks/Net-Sync",
"type": "String"
},
"virtualNetworkPeerings_alp_prd_core_vnet1_Net_Sync_id": {
"defaultValue": "/subscriptions/%subsciptionID%/resourceGroups/NemetschekgroupAD/providers/Microsoft.Network/virtualNetworks/Net-Sync",
"type": "String"
}
},
"variables": {},
"resources": [
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourceGroups/alp-prd-core-rg/providers/Microsoft.Network/virtualNetworks/alp-prd-core-vnet1'.",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('virtualNetworks_alp_prd_core_vnet1_name')]",
"apiVersion": "2018-02-01",
"location": "westeurope",
"scale": null,
"properties": {
"provisioningState": "Succeeded",
"resourceGuid": "940c1d33-bbf4-4b01-a331-8096e8066a0a",
"addressSpace": {
"addressPrefixes": [
"10.11.0.112/28"
]
},
"subnets": [
{
"name": "internal",
"etag": "W/\"b5fce13f-36b0-4d55-aa19-755a78b696f2\"",
"properties": {
"provisioningState": "Succeeded",
"addressPrefix": "10.11.0.112/28"
}
}
],
"virtualNetworkPeerings": [
{
"name": "[concat(parameters('virtualNetworks_alp_prd_core_vnet1_name'),'-Net-Sync')]",
"etag": "W/\"b5fce13f-36b0-4d55-aa19-755a78b696f2\"",
"properties": {
"provisioningState": "Succeeded",
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworks_alp_prd_core_vnet1_id')]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": false,
"allowGatewayTransit": false,
"useRemoteGateways": true,
"remoteAddressSpace": {
"addressPrefixes": [
"10.11.0.0/28",
"10.11.0.16/28"
]
}
}
}
],
"enableDdosProtection": false,
"enableVmProtection": false
},
"dependsOn": []
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourceGroups/alp-prd-core-rg/providers/Microsoft.RecoveryServices/vaults/alp-prd-core-rsvault1'.",
"type": "Microsoft.RecoveryServices/vaults",
"sku": {
"name": "RS0",
"tier": "Standard"
},
"name": "[parameters('vaults_alp_prd_core_rsvault1_name')]",
"apiVersion": "2018-01-10",
"location": "westeurope",
"scale": null,
"properties": {},
"dependsOn": []
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourceGroups/alp-prd-core-rg/providers/Microsoft.Network/virtualNetworks/alp-prd-core-vnet1/subnets/internal'.",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('virtualNetworks_alp_prd_core_vnet1_name'), '/', parameters('subnets_internal_name'))]",
"apiVersion": "2018-02-01",
"scale": null,
"properties": {
"provisioningState": "Succeeded",
"addressPrefix": "10.11.0.112/28"
},
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_alp_prd_core_vnet1_name'))]"
]
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourceGroups/alp-prd-core-rg/providers/Microsoft.Network/virtualNetworks/alp-prd-core-vnet1/virtualNetworkPeerings/alp-prd-core-vnet1-Net-Sync'.",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"name": "[concat(parameters('virtualNetworks_alp_prd_core_vnet1_name'), '/', parameters('virtualNetworkPeerings_alp_prd_core_vnet1_Net_Sync_name'))]",
"apiVersion": "2018-02-01",
"scale": null,
"properties": {
"provisioningState": "Succeeded",
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworkPeerings_alp_prd_core_vnet1_Net_Sync_id')]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": false,
"allowGatewayTransit": false,
"useRemoteGateways": true,
"remoteAddressSpace": {
"addressPrefixes": [
"10.11.0.0/28",
"10.11.0.16/28"
]
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_alp_prd_core_vnet1_name'))]"
]
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourcegroups/alp-prd-core-rg/providers/Microsoft.RecoveryServices/vaults/alp-prd-core-rsvault1/backupPolicies/%name%-Backup-Policy'.",
"type": "Microsoft.RecoveryServices/vaults/backupPolicies",
"name": "[concat(parameters('vaults_alp_prd_core_rsvault1_name'), '/', parameters('backupPolicies_%name%_Backup_Policy_name'))]",
"apiVersion": "2016-12-01",
"scale": null,
"properties": {
"backupManagementType": "AzureIaasVM",
"protectedItemsCount": 0
},
"dependsOn": [
"[resourceId('Microsoft.RecoveryServices/vaults', parameters('vaults_alp_prd_core_rsvault1_name'))]"
]
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourcegroups/alp-prd-core-rg/providers/Microsoft.RecoveryServices/vaults/alp-prd-core-rsvault1/backupPolicies/HourlyLogBackup'.",
"type": "Microsoft.RecoveryServices/vaults/backupPolicies",
"name": "[concat(parameters('vaults_alp_prd_core_rsvault1_name'), '/', parameters('backupPolicies_HourlyLogBackup_name'))]",
"apiVersion": "2016-12-01",
"scale": null,
"properties": {
"backupManagementType": "AzureWorkload",
"protectedItemsCount": 0
},
"dependsOn": [
"[resourceId('Microsoft.RecoveryServices/vaults', parameters('vaults_alp_prd_core_rsvault1_name'))]"
]
},
{
"comments": "Generalized from resource: '/subscriptions/%subsciptionID%/resourcegroups/alp-prd-core-rg/providers/Microsoft.RecoveryServices/vaults/alp-prd-core-rsvault1/backupPolicies/DefaultPolicy'.",
"type": "Microsoft.RecoveryServices/vaults/backupPolicies",
"name": "[concat(parameters('vaults_alp_prd_core_rsvault1_name'), '/', parameters('backupPolicies_DefaultPolicy_name'))]",
"apiVersion": "2016-12-01",
"scale": null,
"properties": {
"backupManagementType": "AzureIaasVM",
"protectedItemsCount": 0
},
"dependsOn": [
"[resourceId('Microsoft.RecoveryServices/vaults', parameters('vaults_alp_prd_core_rsvault1_name'))]"
]
},
{
"comments": "Generalized from resource: '/Subscriptions/%subsciptionID%/resourceGroups/alp-prd-core-rg/providers/Microsoft.RecoveryServices/vaults/alp-prd-core-rsvault1/replicationAlertSettings/defaultAlertSetting'.",
"type": "Microsoft.RecoveryServices/vaults/replicationAlertSettings",
"name": "[concat(parameters('vaults_alp_prd_core_rsvault1_name'), '/', parameters('replicationAlertSettings_defaultAlertSetting_name'))]",
"apiVersion": "2018-01-10",
"scale": null,
"properties": {
"sendToOwners": "DoNotSend",
"customEmailAddresses": [],
"locale": ""
},
"dependsOn": [
"[resourceId('Microsoft.RecoveryServices/vaults', parameters('vaults_alp_prd_core_rsvault1_name'))]"
]
}
]
}
To me it seems like your template is missing the actual schedule, required for a successfuly backup policy deployment. I realize that you have exported the template from an existing deployment, but for some reason the policy itself is included, without the actual schedule (meaning when to back up virtual machines). Not sure why it is not included in the exported template.
I suggest you take an existing template - for example this https://github.com/Azure/azure-quickstart-templates/blob/master/101-recovery-services-daily-backup-policy-create/azuredeploy.json as a baseline and edit your existing template to include all the necessary properties. Use that template as a reference, and you should end up with a working template.
I have a module published on PowerShell Gallery and I want to deploy this module with Azure ARM Template. And I did not find how!
Here is my template:
"resources": [
{
"name": "[variables('automationAccountName')]",
"type": "Microsoft.Automation/automationAccounts",
"apiVersion": "2015-10-31",
"location": "[parameters('AutomationLocation')]",
"tags": {
"displayName": "Compte Automation"
},
"properties": {
"sku": {
"name": "Basic",
"family": "B"
}
},
"resources": [
{
"name": "[variables('powerShellGalleryModuleName')]",
"type": "modules",
"apiVersion": "2015-10-31",
"location": "[parameters('AutomationLocation')]",
"properties": {
"isGlobal": false,
"sizeInBytes": 0,
"contentLink": {
"uri": "[variables('powerShellGalleryModule')]"
}
}
}
]
}
]
What should be provided for the variable powerShellGalleryModule?
I found a way to do via the PowerShellGallery
This way :
{
"name": "[variables('powerShellGalleryModule')]",
"type": "modules",
"apiVersion": "2015-10-31",
"location": "[parameters('AutomationLocation')]",
"properties": {
"isGlobal": false,
"sizeInBytes": 0,
"contentLink": {
"uri": "[concat('https://www.powershellgallery.com/api/v2/package/', variables('powerShellGalleryModule'))]"
}
},
"dependsOn": [
"[resourceId('Microsoft.Automation/automationAccounts', variables('automationAccountName'))]"
]
We can import these integration modules into Azure Automation using any of the following methods:
1.Using the New-AzureRmAutomationModule cmdlet in the AzureRm.Automation module.
2.Using the Azure portal and navigating to the Assets within automation account.
3.Using Azure Resource Manager (ARM) template
We can use ARM template to deploy our custom integration modules. Here is an example template:
"$schema": "http://schemas.microsoft.org/azure/deploymentTemplate?api-version=2015-01-01-preview#",
"contentVersion": "1.0",
"parameters": {
"automationAccountType": {
"type": "string",
"allowedValues": [
"New",
"Existing"
]
},
"automationAccountName": {
"type": "string"
},
"moduleName": {
"type": "string"
},
"moduleUri":{
"type": "string"
}
},
"variables": {
"templatelink": "[concat('https://devopsgallerystorage.blob.core.windows.net/azureautomationpackages/templates%5Corigtemplates%5C', parameters('automationAccountType'), 'AccountTemplate.json')]"
},
"resources": [
{
"apiVersion": "2015-01-01",
"name": "nestedTemplate",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "incremental",
"templateLink": {
"uri": "[variables('templatelink')]",
"contentVersion": "1.0"
},
"parameters": {
"accountName": {
"value": "[parameters('automationAccountName')]"
},
"accountLocation": {
"value": "[resourceGroup().Location]"
},
"moduleName": {
"value": "[parameters('moduleName')]"
},
"moduleUri": {
"value": "[parameters('moduleUri')]"
}
}
}
}
]
}
More information about deploy custom Azure Automation Integration module using ARM template, please refer to this link writed by Ravikanth.