Related
Following ARM template successfully deployed WordPress and MySQL database on the azure container instance in a virtual network but I'm facing 502 bad gateway error while updating WordPress. Also I'm get link expired when uploading theme of 30MB size.
azuredeploy.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"type": "string",
"defaultValue": "aci-vnet",
"metadata": {
"description": "VNet name"
}
},
"vnetAddressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "Address prefix"
}
},
"subnet1AddressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/24",
"metadata": {
"description": "Subnet prefix for ACI"
}
},
"subnet1Name": {
"type": "string",
"defaultValue": "aci-subnet",
"metadata": {
"description": "Subnet name for ACI"
}
},
"subnet2AddressPrefix": {
"type": "string",
"defaultValue": "10.0.1.0/24",
"metadata": {
"description": "Subnet prefix for application gateway"
}
},
"subnet2Name": {
"type": "string",
"defaultValue": "ag-subnet",
"metadata": {
"description": "Subnet name for application gateway"
}
},
"mysqlPassword": {
"type": "securestring",
"metadata": {
"description": "MySQL database password"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
"storageAccountName": "[uniquestring(resourceGroup().id)]",
"storageAccountType": "Standard_LRS",
"publicIPAddressName": "publicIp1",
"publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
"networkProfileName": "aci-networkProfile",
"interfaceConfigName": "eth0",
"interfaceIpConfig": "ipconfigprofile1",
"image": "microsoft/azure-cli",
"shareContainerGroupName": "createshare-containerinstance",
"wordpressContainerGroupName": "wordpress-containerinstance",
"mysqlContainerGroupName": "mysql-containerinstance",
"wordpressShareName": "wordpress-share",
"mysqlShareName": "mysql-share",
"cpuCores": "1.0",
"memoryInGb": "1.5",
"skuName": "Standard_Medium",
"capacity": "2",
"applicationGatewayName": "applicationGateway1",
"subnet2Ref": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet2Name'))]",
"wordpressContainerGroupRef": "[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('wordpresscontainerGroupName'))]",
"mysqlContainerGroupRef": "[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('mysqlContainerGroupName'))]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageAccountName')]",
"apiVersion": "2019-06-01",
"location": "[parameters('location')]",
"sku": {
"name": "[variables('storageAccountType')]"
},
"kind": "Storage",
"properties": {}
},
{
"apiVersion": "2020-05-01",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[parameters('location')]",
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
"domainNameLabel": "[concat('acisite', uniqueString(resourceGroup().id))]"
}
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"apiVersion": "2020-05-01",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1AddressPrefix')]",
"serviceEndpoints": [
{
"service": "Microsoft.Storage",
"locations": [
"[parameters('location')]"
]
}
],
"delegations": [
{
"name": "DelegationService",
"properties": {
"serviceName": "Microsoft.ContainerInstance/containerGroups"
}
}
]
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2AddressPrefix')]"
}
}
]
}
},
{
"name": "[variables('networkProfileName')]",
"type": "Microsoft.Network/networkProfiles",
"apiVersion": "2020-05-01",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]"
],
"properties": {
"containerNetworkInterfaceConfigurations": [
{
"name": "[variables('interfaceConfigName')]",
"properties": {
"ipConfigurations": [
{
"name": "[variables('interfaceIpConfig')]",
"properties": {
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet1Name'))]"
}
}
}
]
}
}
]
}
},
{
"name": "[variables('shareContainerGroupName')]",
"type": "Microsoft.ContainerInstance/containerGroups",
"apiVersion": "2019-12-01",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]"
],
"properties": {
"containers": [
{
"name": "[variables('wordpressShareName')]",
"properties": {
"image": "[variables('image')]",
"command": [
"az",
"storage",
"share",
"create",
"--name",
"[variables('wordpressShareName')]"
],
"environmentVariables": [
{
"name": "AZURE_STORAGE_KEY",
"value": "[listKeys(variables('storageAccountName'),'2017-10-01').keys[0].value]"
},
{
"name": "AZURE_STORAGE_ACCOUNT",
"value": "[variables('storageAccountName')]"
}
],
"resources": {
"requests": {
"cpu": "[variables('cpuCores')]",
"memoryInGb": "[variables('memoryInGb')]"
}
}
}
},
{
"name": "[variables('mysqlShareName')]",
"properties": {
"image": "[variables('image')]",
"command": [
"az",
"storage",
"share",
"create",
"--name",
"[variables('mysqlShareName')]"
],
"environmentVariables": [
{
"name": "AZURE_STORAGE_KEY",
"value": "[listKeys(variables('storageAccountName'),'2017-10-01').keys[0].value]"
},
{
"name": "AZURE_STORAGE_ACCOUNT",
"value": "[variables('storageAccountName')]"
}
],
"resources": {
"requests": {
"cpu": "[variables('cpuCores')]",
"memoryInGb": "[variables('memoryInGb')]"
}
}
}
}
],
"restartPolicy": "OnFailure",
"osType": "Linux"
}
},
{
"name": "[variables('mysqlContainerGroupName')]",
"type": "Microsoft.ContainerInstance/containerGroups",
"apiVersion": "2019-12-01",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('shareContainerGroupName'))]",
"[resourceId('Microsoft.Network/networkProfiles/', variables('networkProfileName'))]"
],
"properties": {
"containers": [
{
"name": "mysql",
"properties": {
"image": "mysql:5.6",
"ports": [
{
"protocol": "Tcp",
"port": 3306
}
],
"environmentVariables": [
{
"name": "MYSQL_ROOT_PASSWORD",
"value": "[parameters('mysqlPassword')]"
}
],
"volumeMounts": [
{
"mountPath": "/var/lib/mysql",
"name": "mysqlfile"
}
],
"resources": {
"requests": {
"cpu": "[variables('cpuCores')]",
"memoryInGb": "[variables('memoryInGb')]"
}
}
}
}
],
"volumes": [
{
"azureFile": {
"shareName": "[variables('mysqlShareName')]",
"storageAccountKey": "[listKeys(variables('storageAccountName'),'2017-10-01').keys[0].value]",
"storageAccountName": "[variables('storageAccountName')]"
},
"name": "mysqlfile"
}
],
"networkProfile": {
"Id": "[resourceId('Microsoft.Network/networkProfiles', variables('networkProfileName'))]"
},
"osType": "Linux"
}
},
{
"name": "[variables('wordpressContainerGroupName')]",
"type": "Microsoft.ContainerInstance/containerGroups",
"apiVersion": "2019-12-01",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('shareContainerGroupName'))]",
"[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('mysqlContainerGroupName'))]"
],
"properties": {
"containers": [
{
"name": "wordpress",
"properties": {
"image": "wordpress:4.9-apache",
"ports": [
{
"protocol": "Tcp",
"port": 80
}
],
"environmentVariables": [
{
"name": "WORDPRESS_DB_HOST",
"value": "[concat(reference(variables('mysqlContainerGroupRef')).ipAddress.ip, ':3306')]"
},
{
"name": "WORDPRESS_DB_PASSWORD",
"value": "[parameters('mysqlPassword')]"
}
],
"volumeMounts": [
{
"mountPath": "/var/www/html",
"name": "wordpressfile"
}
],
"resources": {
"requests": {
"cpu": "[variables('cpuCores')]",
"memoryInGb": "[variables('memoryInGb')]"
}
}
}
}
],
"volumes": [
{
"azureFile": {
"shareName": "[variables('wordpressShareName')]",
"storageAccountKey": "[listKeys(variables('storageAccountName'),'2017-10-01').keys[0].value]",
"storageAccountName": "[variables('storageAccountName')]"
},
"name": "wordpressfile"
}
],
"networkProfile": {
"Id": "[resourceId('Microsoft.Network/networkProfiles', variables('networkProfileName'))]"
},
"osType": "Linux"
}
},
{
"apiVersion": "2020-05-01",
"name": "[variables('applicationGatewayName')]",
"type": "Microsoft.Network/applicationGateways",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/', parameters('vnetName'))]",
"[resourceId('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]",
"[resourceId('Microsoft.ContainerInstance/containerGroups/', variables('wordpressContainerGroupName'))]"
],
"properties": {
"sku": {
"name": "[variables('skuName')]",
"tier": "Standard",
"capacity": "[variables('capacity')]"
},
"gatewayIPConfigurations": [
{
"name": "appGatewayIpConfig",
"properties": {
"subnet": {
"id": "[variables('subnet2Ref')]"
}
}
}
],
"frontendIPConfigurations": [
{
"name": "appGatewayFrontendIP",
"properties": {
"PublicIPAddress": {
"id": "[variables('publicIPRef')]"
}
}
}
],
"frontendPorts": [
{
"name": "appGatewayFrontendPort",
"properties": {
"Port": 80
}
}
],
"backendAddressPools": [
{
"name": "appGatewayBackendPool",
"properties": {
"BackendAddresses": [
{
"IpAddress": "[reference(variables('wordpressContainerGroupRef')).ipAddress.ip]"
}
]
}
}
],
"backendHttpSettingsCollection": [
{
"name": "appGatewayBackendHttpSettings",
"properties": {
"Port": 80,
"Protocol": "Http",
"CookieBasedAffinity": "Disabled"
}
}
],
"httpListeners": [
{
"name": "appGatewayHttpListener",
"properties": {
"FrontendIPConfiguration": {
"Id": "[resourceId('Microsoft.Network/applicationGateways/frontendIPConfigurations', variables('applicationGatewayName'), 'appGatewayFrontendIP')]"
},
"FrontendPort": {
"Id": "[resourceId('Microsoft.Network/applicationGateways/frontendPorts', variables('applicationGatewayName'), 'appGatewayFrontendPort')]"
},
"Protocol": "Http"
}
}
],
"requestRoutingRules": [
{
"Name": "rule1",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[resourceId('Microsoft.Network/applicationGateways/httpListeners', variables('applicationGatewayName'), 'appGatewayHttpListener')]"
},
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/applicationGateways/backendAddressPools', variables('applicationGatewayName'), 'appGatewayBackendPool')]"
},
"backendHttpSettings": {
"id": "[resourceId('Microsoft.Network/applicationGateways/backendHttpSettingsCollection', variables('applicationGatewayName'), 'appGatewayBackendHttpSettings')]"
}
}
}
]
}
}
],
"outputs": {
"SiteFQDN": {
"type": "string",
"value": "[reference(variables('publicIPRef')).dnsSettings.fqdn]"
}
}
}
azuredeploy.parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"mysqlPassword": {
"value": "GEN-PASSWORD"
}
}
}
Solution overview and deployed resources
The following resources are deployed as part of the solution
Azure Container Instance: Azure Container Instance to host the WordPress site.
Azure Container Instance: Azure Container Instance to host the MySQL database.
Azure Container Instance: A run-once Azure Container Instance, where the az-cli is executed to create the file shares
Storage Account: Storage account for the file shares to store the WordPress site content and MySQL database.
File share: Azure File shares to store WordPress site content and MySQL database.
Application gateway: Application gateway for WordPress site. It exposes public network access to WordPress site in VNet.
Virtual network: Virtual network for WordPress site, MySQL database, Application gateway.
One click deploy to Azure
Click here to deploy to Azure
I would like to configure my VMs using ARM template and DSC. I prepared simple DCS script in powershell, base on that using powershell command created .zip file. mentioned .zip file uploaded to storage account container. Now I want to use this .zip file to made configuration changes on my test VMs, below my ARM template. I am receiving error message New-AzResourceGroupDeployment : 10:12:09 AM - VM has reported a failure when processing extension 'dscExtension'. Error message: "The DSC Extension failed to execute: Error downloading
https://storageAccountName.blob.core.windows.net/containerName/test.zip after 2 attempts: <?xml version="1.0" encoding="utf-8"?><Error><Code>ResourceNotFound</Code><Message>The specified resource
does not exist.
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "List of virtual machines to be reconfigured, if using multiple VMs, make their names comma separate. E.g. VM01, VM02, VM03."
},
"defaultValue": "VM1,VM2"
},
"Location": {
"type": "string",
"metadata": {
"description": "Location of the VM"
},
"defaultvalue": "WestEurope"
},
"functionName": {
"type": "string",
"metadata": {
"description": "Specify the function name"
},
"defaultvalue": "test.ps1\\testConfigurationName"
},
"storageAccountName": {
"type": "string",
"metadata": {
"description": "Specify the Storage Account name, Storage Account where DCS .zip module is located"
}
},
"setupScriptContainerName": {
"type": "string",
"metadata": {
"description": "Specify the Storage Account container name, container where DCS .zip module is located"
}
},
"DSCSetupArchiveFileName": {
"type": "string",
"metadata": {
"description": "Specify the Storage Account container name, container where DCS .zip module is located"
},
"defaultvalue": "test.zip"
},
"nodeConfigurationName": {
"type": "string",
"metadata": {
"description": "The name of the node configuration, on the Azure Automation DSC pull server, that this node will be configured as"
},
"defaultValue": "testConfigurationName.localhost"
},
"registrationKey": {
"type": "securestring",
"metadata": {
"description": "Registration key to use to onboard to the Azure Automation DSC pull/reporting server"
},
"defaultValue": "AutomationAccountPrimaryKey"
},
"registrationUrl": {
"type": "string",
"metadata": {
"description": "Registration url of the Azure Automation DSC pull/reporting server"
},
"defaultValue": AutomationAccountRegistrationURL"
}
},
"variables": {
"vmListArray": "[split(parameters('vmName'),',')]"
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2015-06-15",
"name": "[concat(trim(variables('vmListArray')[copyIndex()]),'/dscExtension')]",
"copy": {
"name": "ExtentionLooptoAllVMs",
"count": "[length(variables('vmListArray'))]"
},
"location": "[parameters('Location')]",
"properties": {
"autoUpgradeMinorVersion": true,
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.19",
"protectedSettings": {
"Items": {
"registrationKeyPrivate": "[parameters('registrationKey')]"
}
},
"settings": {
"ModulesUrl": "[concat('https://',parameters('storageAccountName'),'.blob.core.windows.net/',parameters('setupScriptContainerName'),'/',parameters('DSCSetupArchiveFileName'))]",
"ConfigurationFunction": "[parameters('functionName')]",
"Properties": [
{
"Name": "RegistrationKey",
"Value": {
"UserName": "PLACEHOLDER_DONOTUSE",
"Password": "PrivateSettingsRef:registrationKeyPrivate"
},
"TypeName": "System.Management.Automation.PSCredential"
},
{
"Name": "RegistrationUrl",
"Value": "[parameters('registrationUrl')]",
"TypeName": "System.String"
},
{
"Name": "NodeConfigurationName",
"Value": "[parameters('nodeConfigurationName')]",
"TypeName": "System.String"
}
]
}
}
}
]
}
Updated version:
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2018-10-01",
"name": "[concat(trim(variables('vmListArray')[copyIndex()]),'/dscExtension')]",
"copy": {
"name": "ExtentionLooptoAllVMs",
"count": "[length(variables('vmListArray'))]"
},
"location": "[parameters('Location')]",
"properties": {
"autoUpgradeMinorVersion": true,
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.9",
"protectedSettings": {
"Items": {
"registrationKeyPrivate": "[parameters('registrationKey')]"
}
},
"settings": {
"configuration": {
"url": "[concat('https://',parameters('storageAccountName'),'.blob.core.windows.net/',parameters('setupScriptContainerName'),'/',parameters('DSCSetupArchiveFileName'))]",
"script": "[parameters('scriptName')]",
"function": "[parameters('functionName')]"
},
"Properties": [
{
"Name": "RegistrationKey",
"Value": {
"UserName": "PLACEHOLDER_DONOTUSE",
"Password": "PrivateSettingsRef:registrationKeyPrivate"
},
"TypeName": "System.Management.Automation.PSCredential"
},
{
"Name": "RegistrationUrl",
"Value": "[parameters('registrationUrl')]",
"TypeName": "System.String"
},
{
"Name": "NodeConfigurationName",
"Value": "[parameters('nodeConfigurationName')]",
"TypeName": "System.String"
},
{
"Name": "ConfigurationMode",
"Value": "[parameters('configurationMode')]",
"TypeName": "System.String"
},
{
"Name": "ConfigurationModeFrequencyMins",
"Value": "[parameters('configurationModeFrequencyMins')]",
"TypeName": "System.Int32"
},
{
"Name": "RefreshFrequencyMins",
"Value": "[parameters('refreshFrequencyMins')]",
"TypeName": "System.Int32"
},
{
"Name": "RebootNodeIfNeeded",
"Value": "[parameters('rebootNodeIfNeeded')]",
"TypeName": "System.Boolean"
},
{
"Name": "ActionAfterReboot",
"Value": "[parameters('actionAfterReboot')]",
"TypeName": "System.String"
},
{
"Name": "AllowModuleOverwrite",
"Value": "[parameters('allowModuleOverwrite')]",
"TypeName": "System.Boolean"
}
]
}
}
}
]
DSC part:
Configuration SetRegistryxxx {
Node 'localhost' {
Registry configxxx {
Ensure = "Present"
Key = "HKLM:\xx"
ValueName = "xx"
ValueData = "http://0.0.0.0:xxx
ValueType = "String"
}
Registry configxxx {
Ensure = "Present"
Key = "HKLM:\xx"
ValueName = "xx"
ValueData = "http://0.0.0.0:xx"
ValueType = "String"
}
}
}
According to the error, you can not download the zip file from the Azure blob storage account you use. Please create a sas token for the blob or set the blob access level to Public.
For example
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vmName'),'/Microsoft.Powershell.DSC')]",
"apiVersion": "2015-06-15",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.19",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"Items": {
"registrationKeyPrivate": "[parameters('registrationKey')]"
}
},
"settings": {
"ModulesUrl": "<the url of you azure blob>",
"SasToken": "<the sas token for the blob>",
"ConfigurationFunction": "[parameters('configurationFunction')]",
...
}
]
For more details, please refer to the document and the template
I am deploying a function using MSDeploy extensions and then deploying event grid subscription with this function as endpoint. Event grid deployment fails with message -
"details": [
{
"code": "Endpoint validation",
"message": "The attempt to validate the provided azure endpoint resource:/subscriptions/XXXXX/resourceGroups/ResourceGroupName/providers/Microsoft.Web/sites/FunctionAppName/functions/EndpointName failed."
}
]
I believe this is because event grid subscription tried to get created before the function endpoint deployed with MSDeploy is up and running.
How can i avoid this race condition?
Note: Deploying the same template again creates the event grid fine.
Template being used-
//function app
{
"apiVersion": "2018-11-01",
"type": "Microsoft.Web/sites",
"name": "[parameters('functionAppName')]",
"location": "[resourceGroup().location]",
"kind": "functionapp",
"dependsOn": [
"[variables('azureFunction_serverFarmResourceId')]"
],
"properties": {
"serverFarmId": "[variables('azureFunction_serverFarmResourceId')]",
"siteConfig": {
"appSettings": [
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('storageAccountName'), ';AccountKey=', listKeys(variables('storageAccountResourceId'),variables('storageAccountApiVersion')).keys[0].value)]"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('storageAccountName'), ';AccountKey=', listKeys(variables('storageAccountResourceId'),variables('storageAccountApiVersion')).keys[0].value)]"//"[concat('DefaultEndpointsProtocol=https;AccountName=', variables('storageAccountName'), ';AccountKey=', listKeys(variables('storageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[toLower(parameters('functionAppName'))]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~3"
},
{
"name": "WEBSITE_NODE_DEFAULT_VERSION",
"value": "~10"
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId('microsoft.insights/components/', parameters('functionApp_applicationInsightsName')), '2015-05-01').InstrumentationKey]"
},
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "dotnet"
}
]
}
},
"resources": [
{
"apiVersion": "2018-11-01",
"name": "MSDeploy",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('functionAppName'))]"
],
"properties": {
"packageUri": "[parameters('functionAppDeployPackageUri')]"
},
"type": "extensions"
}
]
},
//event grid
{
"type": "Microsoft.Storage/storageAccounts/providers/eventSubscriptions",
"name": "[concat(parameters('storageAccountName'), '/Microsoft.EventGrid/', parameters('blobcreate_eventsubscription_name'))]",
"apiVersion": "2020-04-01-preview",
"dependsOn": [
"[concat('Microsoft.Web/sites/', parameters('functionAppName'), '/extensions/MSDeploy')]",
"[resourceId('Microsoft.Web/sites', parameters('functionAppName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
],
"properties": {
"destination": {
"endpointType": "AzureFunction",
"properties": {
"resourceId": "[concat(resourceId('Microsoft.Web/sites', parameters('functionAppName')), '/functions/', variables('egressDataProcessorFunctionName'))]"
}
},
"filter": {
"subjectBeginsWith": "[concat('/blobServices/default/containers/', parameters('storageAccounts_mainblob_name'))]",
"subjectEndsWith": ".xml",
"includedEventTypes": [
"Microsoft.Storage.BlobCreated"
],
"advancedFilters": []
},
"retryPolicy": {
"maxDeliveryAttempts": "[parameters('eventgrid_maxDeliveryAttemps')]",
"eventTimeToLiveInMinutes": "[parameters('eventgrid_eventTimeToLiveInMinutes')]"
},
"deadLetterDestination": {
"endpointType": "StorageBlob",
"properties": {
"resourceId": "[variables('storageAccountResourceId')]",
"blobContainerName": "[parameters('storageAccounts_deadletterblob_name')]"
}
}
}
}
One way is to deploy your function app as a linked template, and then have your root template:
Deploy the function app template with the function url as an output.
Deploy an Event Grid subscription that depends on the function app deployment and references its output.
Another possibility is to spit appsettings into a childresource, and have that depend on your MSDeploy resource, then the Event Grid depend on appsettings.
Does anyone have experience in writing Azure Policy for Analysis Services? I am stuck on getting one completed. I am attempting to create policy that enforces what IPs can be added to the public IP side. So far I have this and it does work:
{
"parameters": {
"allowedAddressRanges": {
"type": "Array",
"metadata": {
"displayName": "Address Range",
"description": "The list of allowed external IP address ranges"
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.AnalysisServices/servers"
},
{
"not": {
"field": "Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*]",
"in": "[parameters('allowedAddressRanges')]"
}
}
]
},
"then": {
"effect": "audit"
}
}
}
Do I need to go further down the alias path to something like:
"Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].rangeStart"
This is an old thread but since it hasn't been answered yet, perhaps someone can benefit from my findings. Looking at the aliases available for Azure Analysis Services we can notice the following :
Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules
Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*]
Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].firewallRuleName
Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].rangeStart
Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].rangeEnd
Based on the notation above, I had to go down until "rangeStart" and "rangeEnd". This is what works for me:
{
"mode": "All",
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.AnalysisServices/servers"
},
{
"not": {
"anyOf": [
{
"field": "Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].rangeStart",
"in": "[parameters('allowedAddressRanges')]"
},
{
"field": "Microsoft.AnalysisServices/servers/ipV4FirewallSettings.firewallRules[*].rangeEnd",
"in": "[parameters('allowedAddressRanges')]"
}
]
}
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "The effect determines what happens when the policy rule is evaluated to match"
},
"allowedValues": [
"Audit",
"Deny",
"Disabled"
],
"defaultValue": "Deny"
},
"allowedAddressRanges": {
"type": "Array",
"metadata": {
"displayName": "Address Range",
"description": "The list of allowed IP address ranges"
},
"allowedValues": [
"0.0.0.0",
"0.0.0.0",
"0.0.0.0",
"0.0.0.0",
"0.0.0.0"
],
"defaultValue": [
"0.0.0.0",
"0.0.0.0",
"0.0.0.0",
"0.0.0.0",
"0.0.0.0"
]
}
}
}
reference: https://learn.microsoft.com/en-us/azure/templates/microsoft.analysisservices/servers#IPv4FirewallRule
I have a nested template which creates VM which works fine but I need to return private IP address of that machine to main template and as output. I create following output in my nested template but it fails with error message
Deployment template validation failed: 'The template reference 'swarmmanager1NetworkInterface' is not valid: could not find template resource or resource copy with this name. Please see https://aka.ms/arm-template-expressions/#reference for usage details.'.
Here is entire template
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01-preview/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vmSku": {
"type": "string",
"defaultValue": "Standard_A1",
"metadata": {
"description": "Size of VMs in the VM Scale Set."
}
},
"windowsOSVersion": {
"type": "string",
"defaultValue": "2016-Datacenter-with-Containers",
"allowedValues": [
"2008-R2-SP1",
"2012-Datacenter",
"2012-R2-Datacenter",
"2016-Datacenter-with-Containers"
],
"metadata": {
"description": "The Windows version for the VM. This will pick a fully patched image of this given Windows version. Allowed values: 2008-R2-SP1, 2012-Datacenter, 2012-R2-Datacenter."
}
},
"registrationKey": {
"type": "securestring",
"metadata": {
"description": "Registration key to use to onboard to the Azure Automation DSC pull/reporting server"
}
},
"registrationUrl": {
"type": "string",
"metadata": {
"description": "Registration url of the Azure Automation DSC pull/reporting server"
}
},
"DSCExtensionTagVersion": {
"type": "string",
"metadata": {
"description": "Change this to redeploy DSC"
}
},
"nodeConfigurationName": {
"type": "string",
"defaultValue": "MyService.webServer",
"metadata": {
"description": "The name of the node configuration, on the Azure Automation DSC pull server, that this node will be configured as"
}
},
"configurationMode": {
"type": "string",
"defaultValue": "ApplyAndAutoCorrect",
"allowedValues": [
"ApplyOnly",
"ApplyAndMonitor",
"ApplyAndAutoCorrect"
],
"metadata": {
"description": "DSC agent (LCM) configuration mode setting. ApplyOnly, ApplyAndMonitor, or ApplyAndAutoCorrect"
}
},
"configurationModeFrequencyMins": {
"type": "int",
"defaultValue": 15,
"metadata": {
"description": "DSC agent (LCM) configuration mode frequency setting, in minutes"
}
},
"refreshFrequencyMins": {
"type": "int",
"defaultValue": 30,
"metadata": {
"description": "DSC agent (LCM) refresh frequency setting, in minutes"
}
},
"rebootNodeIfNeeded": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "DSC agent (LCM) rebootNodeIfNeeded setting"
}
},
"actionAfterReboot": {
"type": "string",
"defaultValue": "ContinueConfiguration",
"allowedValues": [
"ContinueConfiguration",
"StopConfiguration"
],
"metadata": {
"description": "DSC agent (LCM) actionAfterReboot setting. ContinueConfiguration or StopConfiguration"
}
},
"allowModuleOverwrite": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "DSC agent (LCM) allowModuleOverwrite setting"
}
},
"automationAccountName": {
"type": "string",
"defaultValue": "myAutomationAccount",
"metadata": {
"description": "The name of the Automation account to use. Check the SKU and tags to make sure they match the existing account."
}
},
"automationRegionId": {
"type": "string",
"defaultValue": "East US 2",
"allowedValues": [
"Japan East",
"East US 2",
"West Europe",
"Southeast Asia",
"South Central US",
"Central India"
],
"metadata": {
"description": "The region the Automation account is located in."
}
},
"vmssName": {
"type": "string",
"metadata": {
"description": "String used as a base for naming resources. Must be 3-57 characters in length and globally unique across Azure. A hash is prepended to this string for some resources, and resource-specific information is appended."
},
"maxLength": 57
},
"instanceCount": {
"type": "int",
"metadata": {
"description": "Number of VM instances (100 or less)."
},
"maxValue": 100
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Admin username on all VMs."
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Admin password on all VMs."
}
},
"_artifactsLocation": {
"type": "string",
"metadata": {
"description": "Auto-generated container in staging storage account to receive post-build staging folder upload"
}
},
"_artifactsLocationSasToken": {
"type": "securestring",
"metadata": {
"description": "Auto-generated token to access _artifactsLocation"
}
},
"dockerswarmstorageaccountType": {
"type": "string",
"defaultValue": "Standard_LRS",
"allowedValues": [
"Standard_LRS",
"Standard_ZRS",
"Standard_GRS",
"Standard_RAGRS",
"Premium_LRS"
]
},
"swarmmanager1Name": {
"type": "string",
"minLength": 1,
"defaultValue": "swarmmanager1"
},
"swarmmanagerpublicIPDnsName": {
"type": "string",
"defaultValue": "[uniqueString(subscription().subscriptionId)]",
"minLength": 1
}
},
"variables": {
"namingInfix": "[toLower(substring(concat(parameters('vmssName'), uniqueString(resourceGroup().id)), 0, 9))]",
"longNamingInfix": "[toLower(parameters('vmssName'))]",
"addressPrefix": "10.0.0.0/16",
"subnetPrefix": "10.0.8.0/21",
"virtualNetworkName": "[concat(variables('namingInfix'), 'vnet')]",
"natPoolName": "[concat(variables('namingInfix'), 'natpool')]",
"publicIPAddressName": "[concat(variables('namingInfix'), 'pip')]",
"subnetName": "[concat(variables('namingInfix'), 'subnet')]",
"nicName": "[concat(variables('namingInfix'), 'nic')]",
"ipConfigName": "[concat(variables('namingInfix'), 'ipconfig')]",
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "[parameters('windowsOSVersion')]",
"version": "latest"
},
"virtualNetworkID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
"appGwPublicIPAddressName": "[concat(variables('namingInfix'), 'appGwPip')]",
"bePoolName": "[concat(variables('namingInfix'), 'bepool')]",
"frontEndIPConfigID": "[concat(variables('lbID'),'/frontendIPConfigurations/loadBalancerFrontEnd')]",
"appGwName": "[concat(variables('namingInfix'), 'appGw')]",
"loadBalancerName": "[concat(variables('namingInfix'), 'lb')]",
"publicIPAddressID": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]",
"lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('loadBalancerName'))]",
"appGwPublicIPAddressID": "[resourceId('Microsoft.Network/publicIPAddresses',variables('appGwPublicIPAddressName'))]",
"appGwID": "[resourceId('Microsoft.Network/applicationGateways',variables('appGwName'))]",
"appGwSubnetName": "[concat(variables('namingInfix'),'appGwSubnet')]",
"appGwSubnetPrefix": "10.0.1.0/24",
"appGwSubnetID": "[concat(variables('virtualNetworkID'),'/subnets/',variables('appGwSubnetName'))]",
"appGwFrontendPort": 80,
"appGwBackendPort": 80,
"appGwBePoolName": "[concat(variables('namingInfix'), 'appGwBepool')]",
"computeApiVersion": "2016-04-30-preview",
"networkApiVersion": "2016-03-30",
"natStartPort": 50000,
"natEndPort": 50119,
"natBackendPort": 3389,
"DSCArchiveFolder": "DSC",
"DSCArchiveFileName": "DSC.zip",
"dockerswarmstorageaccountName": "[concat('sa', uniqueString(resourceGroup().id))]",
"swarmmanager1ImagePublisher": "MicrosoftWindowsServer",
"swarmmanager1ImageOffer": "WindowsServer",
"swarmmanager1OSDiskName": "swarmmanager1OSDisk",
"swarmmanager1VmSize": "Standard_D2_v2",
"swarmmanager1VnetID": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]",
"swarmmanager1SubnetRef": "[concat(variables('swarmmanager1VnetID'), '/subnets/', variables('subnetName'))]",
"swarmmanager1StorageAccountContainerName": "vhds",
"swarmmanager1NicName": "[concat(parameters('swarmmanager1Name'), 'NetworkInterface')]",
"swarmmanagerpublicIPName": "swarmmanagerpublicIP",
"swarmmanagerdeploymentTemplateFolder": "nestedtemplates",
"swarmmanagerdeploymentTemplateFileName": "swarmmanagerdeployment.json",
"swarmmanagerdeploymentTemplateParametersFileName": "swarmmanagerdeployment.parameters.json"
},
"resources": [
{
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[resourceGroup().location]",
"apiVersion": "[variables('networkApiVersion')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]"
}
},
{
"name": "[variables('appGwSubnetName')]",
"properties": {
"addressPrefix": "[variables('appGwSubnetPrefix')]"
}
}
]
}
},
{
"type": "Microsoft.Network/loadBalancers",
"name": "[variables('loadBalancerName')]",
"location": "[resourceGroup().location]",
"apiVersion": "2017-04-01",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]"
],
"properties": {
"frontendIPConfigurations": [
{
"name": "LoadBalancerFrontEnd",
"properties": {
"publicIPAddress": {
"id": "[variables('publicIPAddressID')]"
}
}
}
],
"backendAddressPools": [
{
"name": "[variables('bePoolName')]"
}
],
"inboundNatPools": [
{
"name": "[variables('natPoolName')]",
"properties": {
"frontendIPConfiguration": {
"id": "[variables('frontEndIPConfigID')]"
},
"protocol": "tcp",
"frontendPortRangeStart": "[variables('natStartPort')]",
"frontendPortRangeEnd": "[variables('natEndPort')]",
"backendPort": "[variables('natBackendPort')]"
}
}
]
}
},
{
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('appGwPublicIPAddressName')]",
"location": "[resourceGroup().location]",
"apiVersion": "[variables('networkApiVersion')]",
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
"domainNameLabel": "appgwvip"
}
}
},
{
"apiVersion": "[variables('networkApiVersion')]",
"location": "[resourceGroup().location]",
"name": "[variables('publicIPAddressName')]",
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
"domainNameLabel": "rdpvip"
}
},
"type": "Microsoft.Network/publicIPAddresses"
},
{
"type": "Microsoft.Network/applicationGateways",
"name": "[variables('appGwName')]",
"location": "[resourceGroup().location]",
"apiVersion": "[variables('networkApiVersion')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
"[concat('Microsoft.Network/publicIPAddresses/', variables('appGwPublicIPAddressName'))]"
],
"properties": {
"sku": {
"name": "Standard_Small",
"tier": "Standard",
"capacity": "1"
},
"gatewayIPConfigurations": [
{
"name": "appGwIpConfig",
"properties": {
"subnet": {
"id": "[variables('appGwSubnetID')]"
}
}
}
],
"frontendIPConfigurations": [
{
"name": "appGwFrontendIP",
"properties": {
"PublicIPAddress": {
"id": "[variables('appGwPublicIPAddressID')]"
}
}
}
],
"frontendPorts": [
{
"name": "appGwFrontendPort",
"properties": {
"Port": "[variables('appGwFrontendPort')]"
}
}
],
"backendAddressPools": [
{
"name": "[variables('appGwBePoolName')]"
}
],
"backendHttpSettingsCollection": [
{
"name": "appGwBackendHttpSettings",
"properties": {
"Port": "[variables('appGwBackendPort')]",
"Protocol": "Http",
"CookieBasedAffinity": "Disabled"
}
}
],
"httpListeners": [
{
"name": "appGwHttpListener",
"properties": {
"FrontendIPConfiguration": {
"Id": "[concat(variables('appGwID'), '/frontendIPConfigurations/appGwFrontendIP')]"
},
"FrontendPort": {
"Id": "[concat(variables('appGwID'), '/frontendPorts/appGwFrontendPort')]"
},
"Protocol": "Http",
"SslCertificate": null
}
}
],
"requestRoutingRules": [
{
"Name": "rule1",
"properties": {
"RuleType": "Basic",
"httpListener": {
"id": "[concat(variables('appGwID'), '/httpListeners/appGwHttpListener')]"
},
"backendAddressPool": {
"id": "[concat(variables('appGwID'), '/backendAddressPools/', variables('appGwBePoolName'))]"
},
"backendHttpSettings": {
"id": "[concat(variables('appGwID'), '/backendHttpSettingsCollection/appGwBackendHttpSettings')]"
}
}
}
]
}
},
{
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('namingInfix')]",
"location": "[resourceGroup().location]",
"apiVersion": "[variables('computeApiVersion')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
"[concat('Microsoft.Network/applicationGateways/', variables('appGwName'))]",
"[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]"
],
"sku": {
"name": "[parameters('vmSku')]",
"tier": "Standard",
"capacity": "[parameters('instanceCount')]"
},
"properties": {
"overprovision": "false",
"singlePlacementGroup": "true",
"upgradePolicy": {
"mode": "Automatic"
},
"virtualMachineProfile": {
"storageProfile": {
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage"
},
"dataDisks": [],
"imageReference": "[variables('imageReference')]"
},
"osProfile": {
"computerNamePrefix": "[variables('namingInfix')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[variables('nicName')]",
"properties": {
"primary": "true",
"ipConfigurations": [
{
"name": "[variables('ipConfigName')]",
"properties": {
"subnet": {
"id": "[concat('/subscriptions/', subscription().subscriptionId,'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'), '/subnets/', variables('subnetName'))]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[concat('/subscriptions/', subscription().subscriptionId,'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('loadBalancerName'), '/backendAddressPools/', variables('bePoolName'))]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[concat('/subscriptions/', subscription().subscriptionId,'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('loadBalancerName'), '/inboundNatPools/', variables('natPoolName'))]"
}
],
"ApplicationGatewayBackendAddressPools": [
{
"id": "[concat('/subscriptions/', subscription().subscriptionId,'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', variables('appGwName'), '/backendAddressPools/', variables('appGwBePoolName'))]"
}
]
}
}
]
}
}
]
},
"extensionProfile": {
"extensions": [
{
"name": "Microsoft.Powershell.DSC",
"properties": {
"autoUpgradeMinorVersion": true,
"publisher": "Microsoft.Powershell",
"forceUpdateTag": "[parameters('DSCExtensionTagVersion')]",
"settings": {
"configuration": {
"url": "[concat(parameters('_artifactsLocation'), '/', variables('DSCArchiveFolder'), '/', variables('DSCArchiveFileName'), parameters('_artifactsLocationSasToken'))]",
"script": "DSC.ps1",
"function": "Main"
},
"configurationArguments": {
"RegistrationKey": "[parameters('registrationKey')]",
"RegistrationUrl": "[parameters('registrationUrl')]",
"NodeConfigurationName": "[parameters('nodeConfigurationName')]",
"ConfigurationMode": "[parameters('configurationMode')]",
"ConfigurationModeFrequencyMins": "[parameters('configurationModeFrequencyMins')]",
"RefreshFrequencyMins": "[parameters('refreshFrequencyMins')]",
"RebootNodeIfNeeded": "[parameters('rebootNodeIfNeeded')]",
"ActionAfterReboot": "[parameters('actionAfterReboot')]",
"AllowModuleOverwrite": "[parameters('allowModuleOverwrite')]"
}
},
"type": "DSC",
"typeHandlerVersion": "2.26"
}
}
]
}
}
}
},
{
"name": "swarmmanager",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2016-09-01",
"dependsOn": [],
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"name": "[parameters('swarmmanager1Name')]",
"type": "Microsoft.Compute/virtualMachines",
"location": "[resourceGroup().location]",
"apiVersion": "2015-06-15",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('dockerswarmstorageaccountName'))]",
"[resourceId('Microsoft.Network/networkInterfaces', variables('swarmmanager1NicName'))]"
],
"tags": {
"displayName": "swarmmanager1"
},
"properties": {
"hardwareProfile": {
"vmSize": "[variables('swarmmanager1VmSize')]"
},
"osProfile": {
"computerName": "[parameters('swarmmanager1Name')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "[variables('swarmmanager1ImagePublisher')]",
"offer": "[variables('swarmmanager1ImageOffer')]",
"sku": "[parameters('windowsOSVersion')]",
"version": "latest"
},
"osDisk": {
"name": "swarmmanager1OSDisk",
"vhd": {
"uri": "[concat(reference(resourceId('Microsoft.Storage/storageAccounts', variables('dockerswarmstorageaccountName')), '2016-01-01').primaryEndpoints.blob, variables('swarmmanager1StorageAccountContainerName'), '/', variables('swarmmanager1OSDiskName'), '.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('swarmmanager1NicName'))]"
}
]
}
}
},
{
"name": "[variables('dockerswarmstorageaccountName')]",
"type": "Microsoft.Storage/storageAccounts",
"location": "[resourceGroup().location]",
"apiVersion": "2016-01-01",
"sku": {
"name": "[parameters('dockerswarmstorageaccountType')]"
},
"dependsOn": [],
"tags": {
"displayName": "dockerswarmstorageaccount"
},
"kind": "Storage"
},
{
"name": "[variables('swarmmanager1NicName')]",
"type": "Microsoft.Network/networkInterfaces",
"location": "[resourceGroup().location]",
"apiVersion": "2016-03-30",
"tags": {
"displayName": "swarmmanager1Nic"
},
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('swarmmanager1SubnetRef')]"
},
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('swarmmanagerpublicIPName'))]"
}
}
}
]
}
},
{
"name": "[variables('swarmmanagerpublicIPName')]",
"type": "Microsoft.Network/publicIPAddresses",
"location": "[resourceGroup().location]",
"apiVersion": "2016-03-30",
"dependsOn": [],
"tags": {
"displayName": "swarmmanagerpublicIP"
},
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
"domainNameLabel": "[parameters('swarmmanagerpublicIPDnsName')]"
}
}
},
{
"outputs": {
"returnedIPAddress": {
"type": "string",
"value": "[reference(variables('swarmmanager1NicName')).ipConfigurations[0].properties.privateIPAddress]"
}
}
}
]
}
}
}
]
}
Ok, a couple things - you have your output in the nested template in the resources array - outputs should be a peer of the resources array. That's not getting flagged because of the inline reference() call fails before this.
First, reference() calls are often made very early in the deployment - sometimes earlier than you want them to be. When the resource being referenced is defined in the same template, it works as expected. When it's not defined in the same template, the GET happens immediately and the resource may not exist. That's a nuance of the reference() function that's a little tangential but important to know as you use it...
Combine that behavior with the inline template deployment. Inline deployments have a number of design quirks that make them pretty hard to use for anything "advanced". You won't be able to do what you're doing with an inline deployment. If you use a templateLink (i.e. another file), you can deploy the nic and output the ipconfig in the same template.
That help?
I have had a similar issue, we were deploying using Azure Pipelines, the approach i took was 1) Deploy Template and pass the RG name and VMSS name as template outputs 2) ARM Outputs - Use this snippet to publish the above results as vars to use downstream 3) Azure Powershell to get the IPs of all VMSS instances and publish them as pipeline variables 4) Write the pipeline vars file to a blob. Hope this helps
$iplist=#()
$i=1
$nicinfo=Get-AzureRmNetworkInterface -ResourceGroupName $(ResourceGroupName) -
VirtualMachineScaleSetName $(VmssName)
foreach($nic in $nicinfo){
$iplist += $nic.IpConfigurations.PrivateIpAddress
}
foreach($ip in $iplist){
Write-host Private ip $i is $ip
Write-Host "##vso[task.setvariable variable=Privateip$i;]$ip"
$i++
}