I have contributor access. When I try to download an ARM template from azure portal, I get "access denied : 401" error. What could be the reason and how can I fix it? Strangely no one had this issue on google.
You can also use Azure CLI, Azure PowerShell, or REST API to export ARM templates.
Azure CLI:
echo "Enter the Resource Group name:" &&
read resourceGroupName &&
az group export --name $resourceGroupName
The script displays the template on the console. Copy the JSON, and save as a file.
Note: The export template feature doesn't support exporting Azure Data Factory resources.
Azure Powershell:
To export all resources in a resource group, use the Export-AzResourceGroup cmdlet and provide the resource group name.
$resourceGroupName = Read-Host -Prompt "Enter the Resource Group name"
Export-AzResourceGroup -ResourceGroupName $resourceGroupName
It saves the template as a local file. More options here.
REST API:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/exportTemplate?api-version=2019-10-01
Captures the specified resource group as a template. API Reference here.
Related
When running amplify push -y in the CLI, my project errors with this message:
["Index: 0 State: {\"deploy\":\"waitingForDeployment\"} Message: Resource is not in the state stackUpdateComplete"]
How do I resolve this error?
The "Resource is not in the state stackUpdateComplete" is the message that comes from the root CloudFormation stack associated with the Amplify App ID. The Amplify CLI is just surfacing the error message that comes from the update stack operation. This indicates that the Amplify's CloudFormation stack may have been still be in progress or stuck.
Solution 1 – “deployment-state.json”:
To fix this issue, go to the S3 bucket containing project settings and deleted the “deployment-state.json” file in root folder as this file holds the app deployment states. The bucket should end with, or contain the word “deployment”.
Solution 2 – “Requested resource not found”:
Check the status of the CloudFormation stack and see if you can notice that the stack failed because of a “Requested resource not found” error indicating that the DynamoDB table “tableID” was missing and confirm that you have deleted it (possibly accidentally). Manually create the above DynamoDB table and retry to push again.
Solution 3A - “#auth directive with 'apiKey':
If you recieve an error stating that “#auth directive with 'apiKey' provider found, but the project has no API Key authentication provider configured”. This error appears when you define a public authorisation in your GraphQL schema without specifying a provider. The public authorization specifies that everyone will be allowed to access the API, behind the scenes the API will be protected with an API Key. To be able to use the public API you must have API Key configured.
The #auth directive allows the override of the default provider for a given authorization mode. To fix the issue specify “IAM” as the provider which allows to use an "Unauthenticated Role" from Cognito Identity Pools for public access instead of an API Key.
Below is the sample code for public authorisation rule:
type Todo #model #auth(rules: [{ allow: public, provider: iam, operations: [create, read, update, delete] }]) {
id: ID!
name: String!
description: String
}
After making the above changes, you can run “amplify update api” and add a IAM auth provider, the CLI generated scoped down IAM policies for the "UnAuthenticated" role automatically.
Solution 3B - Parameters: [AuthCognitoUserPoolId] must have values:
Another issue could occur here, where the default authorization type is API Key when you run the command “amplify add api” without specifying the API type. To fix this issue, follow these steps:
Deleted the the API
Recreate a new one by specifying the “Amazon Cognito user pool” as the authorization mode
Add IAM as an additional authorization type
Re-enable #auth directive in the newly created API Schema
Run “amplify push”
Documentation:
Public Authorisation
Troubleshoot CloudFormation stack issues in my AWS Amplify project
We have a service that can be called from a Symfony command and from a normal web request. Is there a way to find out if the service was called from a command or from a web request? If so, if it was called from a command, is there a way to find out the parameters that were used when running the command?
In symfony Console,
the command line context does not know about your VirtualHost or domain name
It means that you can check the request scheme, host, base_url and base path since these request properties have no values in the console context unless you configure them (https://symfony.com/doc/current/console/request_context.html#configuring-the-request-context-globally)
Hi you can use this to know if the service is used from the cli, if it runs with apache you will get this apache2handler
if(php_sapi_name() === 'cli') {
//some code
}
https://www.php.net/manual/en/function.php-sapi-name.php
I am using saltstack state script to create a jar from BitBucket and upload the jar to Artifactory. When uploading to Artifactory I see an authorization error. I am not sure if this is the right approach to achieve the upload to Artifactory.
I tried using CURL to achieve upload. I need to provide -u myUser:myPassword along the CURL command for it to work. I cannot provide the credentials in my salt state scripts. I am looking for a better option to achieve the upload without using login credentials. How to upload artifacts to artifactory using saltstack?
curl -X PUT -T /tmp/Batch.jar http://artifactory/artifactory/Batch.jar
Error:
stdout:
{
\"errors\" : [ {
\"status\" : 401,
\"message\" : \"Unauthorized\"
} ]
}
I've run into this sort of thing a couple of times. The easiest solution is to write a small salt execution module to do this work. This way you can store the artifactory credentials as pillar data and use the normal python requests or salt http helpers to make the web requests.
Looks like salt stack provides a module for artifactory alread: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.artifactory.html
It may not do exactly what you're looking for, but you could definitely extend it: https://github.com/saltstack/salt/blob/develop/salt/modules/artifactory.py
The saltstack docs for writing execution modules can be here:
https://docs.saltstack.com/en/latest/ref/modules/
According to Artifactory documentation, the REST API supports these forms of authentication:
Basic authentication using your username and password
[Simplest] Basic authentication using your username and API Key.
Using a dedicated header (X-JFrog-Art-Api) with your API Key.
Using an access token instead of a password for basic authentication.
[Recommended] Using an access token as a bearer token in an authorization header
(Authorization: Bearer) with your access token.
You will have to choose one of the above.
I'm following tutorial on http://martinabbott.azurewebsites.net/2016/06/11/fun-with-azure-functions-and-the-emotion-api/
Finally got solvet issue with blob trigger. I have verified that my jpg file can be succesfully processed with my API key in the Open API Test console. I have upload project.json file include dependancies to "Microsoft.ProjectOxford.Emotion": "1.0.251"
I'm getting now error. How to solve?
2016-11-07T06:53:44.951 C# Blob Emotion function processed: Microsoft.WindowsAzure.Storage.Blob.CloudBlockBlob
2016-11-07T06:53:45.076 Function completed (Failure, Id=c0c50024-7830-4595-b749-56f58ec79d0b)
2016-11-07T06:53:45.107 Exception while executing function: Functions.BlobTriggerEmotionFunction. Microsoft.ProjectOxford.Common: Exception of type 'Microsoft.ProjectOxford.Common.ClientException' was thrown.
Based on the tutorial you are referencing, for the line of code,
var apiKey = WebConfigurationManager.AppSettings["EMOTION_API_KEY"];
did you set the EMOTION_API_KEY in your Function app's App settings?
You may verify with the following steps:
Visit your Function app through the Functions portal.
Click Function app settings -> Configure app settings.
Verify that the EMOTION_API_KEY exists and that its value matches the one you used in the Open API Test console.
I am trying to create a windows based image on Openstack using glance. I get an error about authentication plugin, I am able to retrieve a token using keystone (token-get), heres is my error :
root#Machine:~# glance --os-username USER --os-password PASS --os-project-domain-name windows --os-project-name windows --os-auth-url http://Controller:35357/v2.0 image-create --name="win8" --property vm_mode=HVM --is-public=true --container-format=ovf --disk-format=vhd < tarred.tgz
An auth plugin is required to fetch a token
TO avoid this problem add OpenStack environment variables:
source admin-openrc.sh