When I run the New-AzureRmResourceGroupDeployment and pass a JSON parameter file, I get the below error:
New-AzureRmResourceGroupDeployment : 2:29:31 PM - Resource Microsoft.Sql/servers 'qsservername' failed with message '{
"code": "15021",
"message": "Invalid value given for parameter Login. Specify a valid parameter value.",
"target": null,
"details": [
{
"code": "15021",
"message": "Invalid value given for parameter Login. Specify a valid parameter value.",
"target": null,
"severity": "16"
}
],
"innererror": []
}'
At M:\Azure\Azure Scripts\Something\somethingdeploy.psm1:63 char:4
+ New-AzureRmResourceGroupDeployment -ResourceGroupName $resourceGro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
However, when I run the same command but pass the parameters instead of the file, it works fine. any ideas what I may be missing?
For me, this error happened when I tried to run ARM templates with the existing SQL Azure instance resource. The problem was that in the template I specified a DB username which didn't match the admin username of the existing instance. It's ok to update the password, but the username has to remain the same for the life of SQL Azure instance,
Related
This is concerning the Azure Deployment Template for a MongoDB Replica Set defined here mongodb-replica-set-centos.
When I run the recommended deployment commands to deploy the replica set, namely
az group create --name <resource-group-name> --location <resource-group-location> # Use this command when you need to create a new resource group for your deployment.
az deployment group create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/migr8/AzureDeploymentTemplates/main/mongo/mongodb-replica-set-centos/azuredeploy.json
where the resource group is already set up. I receive the following error:
{
"status": "Failed",
"error": {
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.",
"details": [
{
"code": "Conflict",
"message": "{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"DeploymentFailed\",\r\n \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.\",\r\n \"details\": [\r\n {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"{\\r\\n \\\"error\\\": {\\r\\n \\\"code\\\": \\\"InvalidParameter\\\",\\r\\n \\\"message\\\": \\\"The value of parameter linuxConfiguration.ssh.publicKeys.keyData is invalid.\\\",\\r\\n \\\"target\\\": \\\"linuxConfiguration.ssh.publicKeys.keyData\\\"\\r\\n }\\r\\n}\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"
},
{
"code": "Conflict",
"message": "{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"DeploymentFailed\",\r\n \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.\",\r\n \"details\": [\r\n {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"{\\r\\n \\\"error\\\": {\\r\\n \\\"code\\\": \\\"InvalidParameter\\\",\\r\\n \\\"message\\\": \\\"The value of parameter linuxConfiguration.ssh.publicKeys.keyData is invalid.\\\",\\r\\n \\\"target\\\": \\\"linuxConfiguration.ssh.publicKeys.keyData\\\"\\r\\n }\\r\\n}\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"
}
]
}
}
The problem field is in both primary-resources.json and secondary-resources.json appears to be
"variables": {
"subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('subnet').vnet, parameters('subnet').name)]",
"securityGroupName": "[concat(parameters('namespace'), parameters('vmbasename'), 'nsg')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
"keyData": "[parameters('adminPasswordOrKey')]"
}
]
}
}
},
And ascociated with the variable adminPasswordOrKey. I have tried changing this to be both standard passwords and SSH keys of varying bit-depth, no luck...
How can I fix this?
Repro steps
Run az group create --name <resource-group-name> --location <resource-group-location> where resource group exists.
Run az deployment group create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/migr8/AzureDeploymentTemplates/main/mongo/mongodb-replica-set-centos/azuredeploy.json and step through the prompts
Enter the relevant in formation.
Further Investigation
I have just seen this answer (https://stackoverflow.com/a/60860498/626442) saying specifically that
Note: Please note that the only allowed path is /home//.ssh/authorized_keys due to a limitation of Azure.
I have changed this value of the path, no joy, same error. :'[
You forgot to pass parameters in az deployment group create .... --parameters azuredeploy.parameters.json. You can download azuredeploy.parameters.json and change values as needed. See https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-use-parameter-file?tabs=azure-cli#deploy-template for details.
Specifically the error in the question complains about adminUsername parameter being empty. Bear in mind this user name is also being used in the home directory path, so limit yourself to lowcase ASCII a-z, numbers, underscore. No spaces, not special characters, no utf.
Not related to the error, but be aware these necromancers use mongo 3.2 which was buried 4 years ago: https://www.mongodb.com/support-policy/lifecycles. Considering they open it wide to the internet you may have way more problems if you actually deploy it.
UPDATE
An example of the parameters I used:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"adminUsername": {
"value": "yellow"
},
"mongoAdminUsername": {
"value": "phrase"
},
"mongoAdminPassword": {
"value": "settle#SING"
},
"secondaryNodeCount": {
"value": 2
},
"sizeOfDataDiskInGB": {
"value": 2
},
"dnsNamePrefix": {
"value": "written"
},
"centOsVersion": {
"value": "7.7"
},
"primaryNodeVmSize": {
"value": "Standard_D1_v2"
},
"secondaryNodeVmSize": {
"value": "Standard_D1_v2"
},
"zabbixServerIPAddress": {
"value": "Null"
},
"adminPasswordOrKey": {
"value": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdNRTU0XF3xazhhDmwXXWGG7wp4AaQC1r89K7sZFRXp9VSUtydV59DHr67mV5/0DWI5Co1yWK713QJ00BPlBIHNMNLuoBBq8IkOx8fBZF1g9YFm5Zy4ay+CF4WgDITAsyxhKvUWL6jwG5M3XIdVYm49K+EFOCWSSaNtCk8tHhi3v6/5HFkwc2r0UL/WWWbbt5AmpJ8QOCDk/x+XcgCjP9vE5jYYGsFz9F6V1FdOpjVfDwi13Ibivj/w2wOZh2lQGskC+qDjd2upK13+RfWYHY3rr+ulNRPckHRhOqmZ2vlUapO4T0X9mM6ugSh1FprLP5nHdVCUls2yw4BAcSoM9NMiyafE56Xkp9h3bTAfx5Ufpe5mjwQp+j15np1pVpwDaEgk7ZeaPoZPhbalpvZGyg9KiKfs9+KUYHfGklIOHKJ3RUoPE286rg1U4LGswil5RARRSf86kBBHXaIPxy1X0N6QryeWhk0aM6LWEdl7mVbQksa7ilANnsaVMl7FSdY/Cc="
}
}
}
DANGER: It will deploy publicly accessible mongodb replica set with publicly accessible credentials, so please delete the resources as soon as you are happy with testing/debugging
This is how deployment looks like on the portal:
I tried to use the exact same example provided in the user guide mentioned below. It works from console but fails to create stack using client.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-athena-namedquery.html
I got an error while trying to execute the following:
{
"Resources": {
"AthenaNamedQuery": {
"Type": "AWS::Athena::NamedQuery",
"Properties": {
"Database": "swfnetadata",
"Description": "A query that selects all aggregated data",
"Name": "MostExpensiveWorkflow",
"QueryString": "SELECT workflowname, AVG(activitytaskstarted) AS AverageWorkflow FROM swfmetadata WHERE year='17' AND GROUP BY workflowname ORDER BY AverageWorkflow DESC LIMIT 10"
}
}
}
}
Is the "create-stack" parameter of cloudformation correct?
aws cloudformation create-stack --stack-name dnd --template-body file://final.json
Why am I getting a resource type error like this?
An error occurred (ValidationError) when calling the CreateStack operation: Template format error: Unrecognized resource types: [AWS::Athena::NamedQuery]
It worked when I updated my CLI version as suggested in the comment. This issue is now closed.
I created a new ADF V2 pipleline with a tumbling window trigger via powershell. When starting the pipeline I get an error:
Start-AzureRmDataFactoryV2Trigger -ResourceGroupName $ResourceGroup -DataFactoryName $DataFactoryName -Name "DailyTriggerCookForecastPipeline"
[ERROR] Start-AzureRmDataFactoryV2Trigger : HTTP Status Code: BadRequest
[ERROR] Error Code: BadRequest
[ERROR] Error Message: Invalid trigger type: Trigger
[ERROR] Request Id: 6591ae6b-902d-4b25-9f62-c6bb67796d57
[ERROR] Timestamp (Utc):01/08/2018 16:05:30
[ERROR] At line:1 char:1
[ERROR] + Start-AzureRmDataFactoryV2Trigger -ResourceGroupName $ResourceGroup - ...
[ERROR] + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ERROR] + CategoryInfo : CloseError: (:) [Start-AzureRmDataFactoryV2Trigger], ErrorResponseException
[ERROR] + FullyQualifiedErrorId : Microsoft.Azure.Commands.DataFactoryV2.StartAzureDataFactoryTriggerCommand
[ERROR]
My trigger is defined as:
{
"name": "DailyTriggerCookForecastPipeline",
"properties": {
"type": "TumblingWindowTrigger",
"typeProperties": {
"frequency": "Hour",
"interval": "24",
"startTime": "2018-01-01T04:00:00Z",
"retryPolicy": {
"count": 2,
"intervalInSeconds": 30
},
"maxConcurrency": 1
},
"pipeline": {
"pipelineReference": {
"type": "PipelineReference",
"referenceName": "CookForecastPipeline"
},
"parameters": {
"SliceStart": "#trigger().outputs.windowStartTime"
}
}
}
}
I have no idea how to debug this further. Is there a way to get a more detailed error message? I couldn't find one in the portal.
Thanks!
Like Martin suggested in the comments a good first step is to add -verbose flag. Unfortunately it doesn't add much info.
The second step for debugging is to make sure your setup is correct. In this case it turned out that TumblingWindowTrigger was just released but I had an older SDK. This dependency wasn't documented anywhere. So turns out the errors are pretty accurate.
I need to create VM based on image (SQL Server 2016 on Windows Server 2016) and add DSC extension to it by powershell. I have template.json and it's parameters.json files that I saved when was creating VM(sql2016 server on windows 2016 server) in portal(in parameters file I define url where published sdc zip and admin password).
Zip file withconfiguration is located on github public repository. And it was created by powershell publish commandlet.
After this my next steps are:
Login-AzureRmAccount
# Create resource group
New-AzureRmResourceGroup -Name orsql1 -Location 'North Europe' # succeed
# Define deployment variables
$Deployment = #{
ResourceGroupName = 'orsqllast';
Mode = 'Complete';
TemplateFile = 'template.json';
TemplateParameterFile = 'parameters.json';
Force = $true;
}
New-AzureRmResourceGroupDeployment #Deployment -DeploymentDebugLogLevel All
dsc1.ps1 contents:
configuration IISInstall
{
node ("localhost")
{
WindowsFeature IIS
{
Ensure = "Present"
Name = "Web-Server"
}
}
}
After a lot of time I get this errors:
New-AzureRmResourceGroupDeployment : 14:02:10 - Resource Microsoft.Resources/deployments 'Microsoft.DSC-20161
010122604' failed with message '{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for
details. Please see https://aka.ms/arm-debug for usage details.",
"details": [
{
"code": "Conflict",
"message": "{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymen
tFailure\",\r\n \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.
\",\r\n \"details\": [\r\n {\r\n \"code\": \"VMExtensionProvisioningError\",\r\n \"mess
age\": \"VM has reported a failure when processing extension 'Microsoft.Powershell.DSC'. Error message: \\\"E
rror unpacking 'dsc1.ps1.zip'; verify this is a valid ZIP package.\\nError details: Exception calling \\\"Ext
ractToDirectory\\\" with \\\"2\\\" argument(s): \\\"End of Central Directory record could not be found.\\\"\\
\".\"\r\n }\r\n ]\r\n }\r\n}"
}
]
}
]
}
}'
At line:14 char:1
+ New-AzureRmResourceGroupDeployment #Deployment -DeploymentDebugLogLe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResour
ceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 14:02:10 - At least one resource deployment operation failed. Please lis
t deployment operations for details. Please see https://aka.ms/arm-debug for usage details.
At line:14 char:1
+ New-AzureRmResourceGroupDeployment #Deployment -DeploymentDebugLogLe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResour
ceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 14:02:10 - Template output evaluation skipped: at least one resource dep
loyment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug
for usage details.
At line:14 char:1
+ New-AzureRmResourceGroupDeployment #Deployment -DeploymentDebugLogLe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResour
ceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 14:02:10 - Template output evaluation skipped: at least one resource dep
loyment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug
for usage details.
At line:14 char:1
+ New-AzureRmResourceGroupDeployment #Deployment -DeploymentDebugLogLe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResour
ceGroupDeploymentCmdlet
The zip is valid and I use anouther one - the same error.
Part of parameters.json
"ex0_vmName": {
"value": "node1"
},
"ex0_location": {
"value": "northeurope"
},
"ex0_modulesUrl": {
"value": "https://github.com/myname/mydsc/blob/master/dsc1.ps1.zip"
},
"ex0_configurationFunction": {
"value": "dsc1.ps1\\IISInstall"
},
"ex0_wmfVersion": {
"value": "latest"
},
"ex0_privacy": {
"value": "Enable"
},
"ex0_version": {
"value": "2.8"
}
I would suggest you consult logs in the VM itself in c:\windowsazure\logs. Under c:\extensions (now C:\Packages\Plugins) you can find your zip package and DSC extension files.
The easiest way to troubleshoot that would be to create the DSC extension using the portal. If it fails with the same error you would want to recreate the zip file. I've had the same errors with the zip package and solved them by recreating it.
I would also suggest you move to Azure Automation. Depending on your scope, you might be okay with 500 free minutes monthly and you can upload mof's to Azure Automation. And I've found Azure Automation to be much more consistent than DSC extension.
I am trying to export a cert with powershell to pkcs12. I can export it fine in MMC. But powershell barfs
PS C:\Users\paul> $cert.export('PFX'," pass")
Exception calling "Export" with "2" argument(s): "Key not valid for use in specified state.
"
At line:1 char:13
+ $cert.export <<<< ('PFX'," pass")
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
The private key is exportable
PS C:\Users\paul> $cert.privatekey.cspkeycontainerinfo
MachineKeyStore : True
ProviderName : Microsoft RSA SChannel Cryptographic Provider
ProviderType : 12
KeyContainerName : fd6ce48f23c5a94dee97bf7e87ef3da2_2868494a-a319-4976-80a7-e0f129e23cfd
UniqueKeyContainerName : fd6ce48f23c5a94dee97bf7e87ef3da2_2868494a-a319-4976-80a7-e0f129e23cfd
KeyNumber : Exchange
Exportable : True
HardwareDevice : False
Removable : False
Accessible : True
Protected : False
CryptoKeySecurity : System.Security.AccessControl.CryptoKeySecurity
RandomlyGenerated : False
running as local admin
This seems like a long shot, but have you tried using the Pfx enumeration instead of the string?
$pfx = [System.Security.Cryptography.X509Certificates.X509ContentType]::Pfx
$cert.Export($pfx,"pass")
The reason I ask, is that if you look at the value underlying the enumeration, Pfx actually has a value of 3.