Azure APIM deployment is getting failed. "code": "ResourceDeploymentFailure" - azure-api-management

Deployment is getting failed for Azure APIM with the below error.
{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'."
}
}
Below is the ARM template for APIM:
{
"type": "Microsoft.ApiManagement/service",
"apiVersion": "2020-12-01",
"name": "[variables('apim-name')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('apim-sku')]",
"capacity": "[parameters('apim-capacity')]"
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('Identity-name'))]": {}
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name'))]",
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('Identity-name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets',variables('vnet-name'),variables('apimsubnet'))]"
],
"resources": [
{
"type": "gateways",
"apiVersion": "2020-12-01",
"name": "my-gateway",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', variables('apim-name'))]"
],
"properties": {
"locationData": {
"name": "My internal location"
},
"description": "Self hosted gateway bringing API Management to the edge"
}
},
{
"type": "loggers",
"apiVersion": "2020-12-01",
"name": "AppInsightsLogger",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', variables('apim-name'))]"
],
"properties": {
"loggerType": "applicationInsights",
"resourceId": "[resourceId('Microsoft.Insights/components', variables('app-insights-name'))]",
"credentials": {
"instrumentationKey": "[reference(variables('app-insights-name')).InstrumentationKey]"
}
}
},
{
"type": "diagnostics",
"apiVersion": "2020-12-01",
"name": "applicationinsights",
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', variables('apim-name'))]",
"[resourceId('Microsoft.ApiManagement/service/loggers', variables('apim-name'), 'AppInsightsLogger')]"
],
"properties": {
"alwaysLog": "allErrors",
"httpCorrelationProtocol": "Legacy",
"verbosity": "information",
"logClientIp": true,
"loggerId": "[resourceId('Microsoft.ApiManagement/service/loggers/', variables('apim-name'), 'AppInsightsLogger')]",
"sampling": {
"samplingType": "fixed",
"percentage": 100
},
"frontend": {
"request": {
"body": {
"bytes": 0
}
},
"response": {
"body": {
"bytes": 0
}
}
},
"backend": {
"request": {
"body": {
"bytes": 0
}
},
"response": {
"body": {
"bytes": 0
}
}
}
}
}
],
"properties": {
"publisherName": "[variables('apim-publisher-name')]",
"publisherEmail": "[parameters('apim-publisher-email')]",
"virtualNetworkType": "Internal",
"virtualNetworkConfiguration": {
"subnetResourceId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnet-name'), variables('apimsubnet'))]"
}
}
},

Related

How do I pass secret value from keyvault using Azure ARM Template

I am trying to create Azure Application Gateway with ssl certificate from keyvaults. But didn't find any option to add keyvaults to ARM template with .pfx and .cer files. So I have encoded the certificate contents and added as secret in existing keyvault. Now trying to pass the secrets using ARM template. Validation passed but getting error in Deployment stage. Attached the template and parameters I am using.
Getting Error while deploying the resource
Deployment template validation failed: 'Template parameter JToken type is not valid. Expected 'String, Uri'. Actual 'Object'
"additionalInfo": [
{
"type": "TemplateViolation",
"info": {
"lineNumber": 226,
"linePosition": 33,
"path": "properties.template.parameters.appgwfesslcertsecret"
}
}
]
Updated Template:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"namingSettings": {
"type": "object"
},
"taggingSettings": {
"type": "object"
},
"applicationGatewaySettings": {
"type": "object"
},
"appgwfesslcertsecret": {
"type": "securestring"
},
"appgwbecertsecret": {
"type": "securestring"
}
},
"variables": {
"namePrefix": "[concat(parameters('namingSettings').name.org,'-',parameters('namingSettings').name.cloud,'-',parameters('namingSettings').name.region,'-',parameters('namingSettings').name.businessUnit,'-',parameters('namingSettings').name.account,'-',parameters('namingSettings').name.app,'-',parameters('namingSettings').name.sdlc,'-')]" },
"resources": [
{
"apiVersion": "2018-11-01",
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name)]",
"type": "Microsoft.Network/applicationGateways",
"location": "[resourceGroup().location]",
"copy": {
"name": "appgwCopy",
"count": "[length(parameters('applicationGatewaySettings').settings)]"
},
"tags": "[parameters('taggingSettings').tags]",
"properties": {
"sku": {
"name": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewaySku]",
"tier": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewayTier]",
"capacity": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewayInstanceCount]"
},
"sslPolicy": {
"policyType": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].policyType]",
"policyName": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].policy]"
},
"copy": [
{
"name": "frontendPorts",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendPorts)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendPorts[copyIndex('frontendPorts')].name)]",
"properties": {
"port": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendPorts[copyIndex('frontendPorts')].properties.port]"
}
}
},
{
"name": "gatewayIPConfigurations",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations[copyIndex('gatewayIPConfigurations')].name)]",
"properties": {
"subnet": {
"id": "[resourceId(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations[copyIndex('gatewayIPConfigurations')].properties.subnet.vnetRGName,'microsoft.network/virtualnetworks/subnets', parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations[copyIndex('gatewayIPConfigurations')].properties.subnet.vnetName, parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations[copyIndex('gatewayIPConfigurations')].properties.subnet.subnetName)]"
}
}
}
},
{
"name": "frontendIPConfigurations",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendIPConfigurations)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendIPConfigurations[copyIndex('frontendIPConfigurations')].name)]",
"properties": {
"subnet": {
"id": "[resourceId(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].gatewayIPConfigurations[copyIndex('frontendIPConfigurations')].properties.subnet.vnetRGName,'microsoft.network/virtualnetworks/subnets', parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendIPConfigurations[copyIndex('frontendIPConfigurations')].properties.subnet.vnetName, parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].frontendIPConfigurations[copyIndex('frontendIPConfigurations')].properties.subnet.subnetName)]"
}
}
}
},
{
"name": "backendHttpSettingsCollection",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendHttpSettingsCollection)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendHttpSettingsCollection[copyIndex('backendHttpSettingsCollection')].name)]",
"properties": {
"port": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendHttpSettingsCollection[copyIndex('backendHttpSettingsCollection')].properties.port]",
"protocol": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendHttpSettingsCollection[copyIndex('backendHttpSettingsCollection')].properties.protocol]",
"authenticationCertificates": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendHttpSettingsCollection[copyIndex('backendHttpSettingsCollection')].properties.authenticationCertificates]"
}
}
},
{
"name": "backendAddressPools",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendAddressPools)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].backendAddressPools[copyIndex('backendAddressPools')].name)]"
}
},
{
"name": "httpListeners",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners[copyIndex('httpListeners')].name)]",
"properties": {
"frontendIPConfiguration": {
"id": "[resourceId(resourceGroup().name, 'microsoft.network/applicationGateways/frontendIPConfigurations', concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name),concat(variables('namePrefix'), parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners[copyIndex('httpListeners')].properties.frontendIPConfiguration))]"
},
"frontendPort": {
"id": "[resourceId(resourceGroup().name, 'microsoft.network/applicationGateways/frontendPorts', concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name),concat(variables('namePrefix'), parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners[copyIndex('httpListeners')].properties.frontendPort))]"
},
"protocol": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners[copyIndex('httpListeners')].properties.protocol]",
"sslCertificate": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].httpListeners[copyIndex('httpListeners')].properties.sslCertificate]"
}
}
},
{
"name": "requestRoutingRules",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestRoutingRules)]",
"input": {
"name": "[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestRoutingRules[copyIndex('requestRoutingRules')].name)]",
"properties": {
"httpListener": {
"id": "[resourceId(resourceGroup().name, 'microsoft.network/applicationGateways/httpListeners', concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name),concat(variables('namePrefix'), parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestRoutingRules[copyIndex('requestRoutingRules')].properties.httpListener))]"
},
"backendAddressPool": {
"id": "[resourceId(resourceGroup().name, 'microsoft.network/applicationGateways/backendAddressPools', concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name),concat(variables('namePrefix'), parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestRoutingRules[copyIndex('requestRoutingRules')].properties.backendAddressPool))]"
},
"backendHttpSettings": {
"id": "[resourceId(resourceGroup().name, 'microsoft.network/applicationGateways/backendHttpSettingsCollection', concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name),concat(variables('namePrefix'), parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestRoutingRules[copyIndex('requestRoutingRules')].properties.backendHttpSettings))]"
}
}
}
},
{
"name": "sslCertificates",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].sslCertificates)]",
"input": {
"name": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].sslCertificates[copyIndex('sslCertificates')].name]",
"properties": {
"data": "[parameters('appgwfesslcertsecret')]",
"password": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].sslCertificates[copyIndex('sslCertificates')].properties.password]"
}
}
},
{
"name": "authenticationCertificates",
"count": "[length(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].authenticationCertificates)]",
"input": {
"name": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].authenticationCertificates[copyIndex('authenticationCertificates')].name]",
"properties": {
"data": "[parameters('appgwbecertsecret')]"
}
}
}
],
"probes": [],
"webApplicationFirewallConfiguration": {
"enabled": true,
"firewallMode": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].firewallMode]",
"ruleSetType": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].ruleSetType]",
"ruleSetVersion": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].ruleSetVersion]",
"requestBodyCheck": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestBodyCheck]",
"maxRequestBodySizeInKb": "[if(parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].requestBodyCheck, parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].maxReqBodySize, json('null'))]",
"fileUploadLimitInMb": "[int(100)]"
},
"enableHttp2": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableHTTP2]"
},
"resources": [
{
"type": "providers/diagnosticSettings",
"name": "[concat('Microsoft.Insights/', parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].diagname)]",
"dependsOn": [
"[concat(variables('namePrefix'),parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].name)]"
],
"apiVersion": "2017-05-01-preview",
"properties": {
"name": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].diagname]",
"logs": [
{
"category": "ApplicationGatewayAccessLog",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayAccessLog]",
"retentionPolicy": {
"days": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewayAccessLogRetentionDays]",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayAccessLogRetention]"
}
},
{
"category": "ApplicationGatewayPerformanceLog",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayPerformanceLog]",
"retentionPolicy": {
"days": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewayPerformanceLogRetentionDays]",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayPerformanceLogRetention]"
}
},
{
"category": "ApplicationGatewayFirewallLog",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayFirewallLog]",
"retentionPolicy": {
"days": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].applicationGatewayFirewallLogRetentionDays]",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableApplicationGatewayFirewallLogRetention]"
}
}
],
"metrics": [
{
"category": "AllMetrics",
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableAllMetrics]",
"retentionPolicy": {
"enabled": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].enableAllMetricsRetentionPolicy]",
"days": "[parameters('applicationGatewaySettings').settings[copyIndex('appgwCopy')].allMetricsRetentionDays]"
}
}
]
}
}
]
}
],
"outputs": {}
}
Updated Parameter File:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"namingSettings": {
"value": {
"name": {
"app": "demo",
"cloud": "azu",
"region": "eus2",
}
}
},
"taggingSettings": {
"value": {
"tags": {
"AppID": "demo",
"Environment": "nonprod",
}
}
},
"applicationGatewaySettings": {
"value": {
"settings": [
{
"name": "appgw-pcs01",
"applicationGatewaySku": "WAF_Medium",
"applicationGatewayTier": "WAF",
"applicationGatewayInstanceCount": 2,
"policyType": "Predefined",
"policy": "AppGwSslPolicy20170401S",
"publicIP": null,
"firewallMode": "Prevention",
"diagname": "Demo-Appgw",
"ruleSetType": "OWASP",
"ruleSetVersion": "3.0",
"requestBodyCheck": true,
"maxReqBodySize": 10,
"enableHTTP2": false,
"enableApplicationGatewayAccessLog": true,
"applicationGatewayAccessLogRetentionDays": 30,
"enableApplicationGatewayAccessLogRetention": true,
"enableApplicationGatewayPerformanceLog": true,
"applicationGatewayPerformanceLogRetentionDays": 30,
"enableApplicationGatewayPerformanceLogRetention": true,
"enableApplicationGatewayFirewallLog": true,
"applicationGatewayFirewallLogRetentionDays": 30,
"enableApplicationGatewayFirewallLogRetention": true,
"enableAllMetrics": true,
"enableAllMetricsRetentionPolicy": true,
"allMetricsRetentionDays": 30,
"frontendPorts": [
{
"name": "feport-80",
"properties": {
"port": 80
}
},
{
"name": "feport-443",
"properties": {
"port": 443
}
}
],
"gatewayIPConfigurations": [
{
"name": "gwipconfig-pcs01",
"properties": {
"subnet": {
"vnetName": "demo-vnet",
"vnetRGName": "demo",
"subnetName": "demo-subgw"
}
}
}
],
"sslCertificates": [
{
"name": "appgwfesslcert",
"properties": {
"data": null,
"password": "password"
}
}
],
"authenticationCertificates": [
{
"name": "appgwbecert",
"properties": {
"data": null
}
}
],
"frontEndIPConfigurations": [
{
"name": "feipcfg-pcs01",
"properties": {
"subnet": {
"vnetName": "demo-vnet",
"vnetRGName": "demo",
"subnetName": "demo-subgw"
}
}
}
],
"httpListeners": [
{
"name": "httplistener-pcs01",
"properties": {
"frontendIPConfiguration": "feipcfg-pcs01",
"frontendPort": "feport-80",
"protocol": "Http",
"sslCertificate": {}
}
},
{
"name": "httpslistener-pcs01",
"properties": {
"frontendIPConfiguration": "feipcfg-pcs01",
"frontendPort": "feport-443",
"protocol": "Https",
"sslCertificate": {
"id": "/subscriptions/105dcee5-gy46-48e3-9046-265c7379e647/resourceGroups/demo/providers/Microsoft.Network/applicationGateways/azu-eus2-nonprod-appgw-pcs01/sslCertificates/appgwfesslcert"
}
}
}
],
"backendHttpSettingsCollection": [
{
"name": "httpsetcol-default",
"properties": {
"protocol": "Http",
"port": 80,
"authenticationCertificates": []
}
},
{
"name": "httpssetcol-default",
"properties": {
"protocol": "Https",
"port": 443,
"authenticationCertificates": [
{
"id": "/subscriptions/105dcee5-gy46-48e3-9046-265c7379e647/resourceGroups/demo/providers/Microsoft.Network/applicationGateways/azu-eus2-nonprod-appgw-pcs01/authenticationCertificates/appgwbecert"
}
]
}
}
],
"backendAddressPools": [
{
"name": "beap-pcs01"
}
],
"requestRoutingRules": [
{
"name": "httpreqrtrule-pcs01",
"properties": {
"httpListener": "httplistener-pcs01",
"backendAddressPool": "beap-pcs01",
"backendHttpSettings": "httpsetcol-default"
}
},
{
"name": "httpsreqrtrule-pcs01",
"properties": {
"httpListener": "httpslistener-pcs01",
"backendAddressPool": "beap-pcs01",
"backendHttpSettings": "httpssetcol-default"
}
}
]
}
]
}
},
"appgwfesslcertsecret": {
"value": {
"reference": {
"keyVault": {
"id": "/subscriptions/105dcee5-gy46-48e3-9046-265c7379e647/resourceGroups/demo/providers/Microsoft.KeyVault/vaults/demo-kv-new"
},
"secretName": "appgwfesslcert"
}
}
},
"appgwbecertsecret": {
"value": {
"reference": {
"keyVault": {
"id": "/subscriptions/105dcee5-gy46-48e3-9046-265c7379e647/resourceGroups/demo/providers/Microsoft.KeyVault/vaults/demo-kv-new"
},
"secretName": "appgwbecert"
}
}
}
}
}

you can only reference KV secrets in the parameters section of the template (or parameters file). You cannot use it in a random place in the template
https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-use-key-vault

Install McAfee paid agent on existing Azure VMs using ARM templates

I am looking for a way to onboard already existing Azure windows VMs by adding VM extension with McAfee paid agent using "ARM templates". I am unable to find the proper way to do it .

Here a default quick start template for adding a VM with McAfee trial version, You can utilize this to do the further processing
Template file
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"newStorageAccountName": {
"type": "string",
"metadata": {
"description": "Storage Account Name"
}
},
"publicIPAddressName": {
"type": "string",
"metadata": {
"description": "Public IP Address Name"
}
},
"publicIPAddressType": {
"type": "string",
"defaultValue": "Dynamic",
"allowedValues": [
"Dynamic"
],
"metadata": {
"description": "Public IP Address Type"
}
},
"vmName": {
"type": "string",
"metadata": {
"description": "Name of the VM"
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D3",
"metadata": {
"description": "Size of the VM"
}
},
"imagePublisher": {
"type": "string",
"defaultValue": "MicrosoftWindowsServer",
"metadata": {
"description": "Image Publisher"
}
},
"imageOffer": {
"type": "string",
"defaultValue": "WindowsServer",
"metadata": {
"description": "Image Offer"
}
},
"imageSKU": {
"type": "string",
"defaultValue": "2012-R2-Datacenter",
"metadata": {
"description": "Image SKU"
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Admin username"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Admin password"
}
},
"virtualNetworkName": {
"type": "string",
"metadata": {
"description": "VNET Name"
}
},
"addressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "VNET address space"
}
},
"subnet1Name": {
"type": "string",
"defaultValue": "Subnet-1",
"metadata": {
"description": "Subnet 1 name"
}
},
"subnet1Prefix": {
"type": "string",
"defaultValue": "10.0.0.0/24",
"metadata": {
"description": "Subnet 1 address space"
}
},
"nicName": {
"type": "string",
"metadata": {
"description": "Name of the NIC"
}
},
"vmExtensionName": {
"type": "string",
"metadata": {
"description": "Extension name"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',parameters('virtualNetworkName'))]",
"subnet1Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]",
"storageAccountType": "Standard_LRS"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('newStorageAccountName')]",
"apiVersion": "2015-05-01-preview",
"location": "[parameters('location')]",
"properties": {
"accountType": "[variables('storageAccountType')]"
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[parameters('publicIPAddressName')]",
"location": "[parameters('location')]",
"properties": {
"publicIPAllocationMethod": "[parameters('publicIPAddressType')]"
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('addressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
}
]
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/networkInterfaces",
"name": "[parameters('nicName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', parameters('publicIPAddressName'))]",
"[concat('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',parameters('publicIPAddressName'))]"
},
"subnet": {
"id": "[variables('subnet1Ref')]"
}
}
}
]
}
},
{
"apiVersion": "2017-03-30",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('newStorageAccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', parameters('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('imagePublisher')]",
"offer": "[parameters('imageOffer')]",
"sku": "[parameters('imageSKU')]",
"version": "latest"
},
"osDisk": {
"name": "[concat(parameters('vmName'),'_OSDisk')]",
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',parameters('nicName'))]"
}
]
}
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vmName'),'/', parameters('vmExtensionName'))]",
"apiVersion": "2015-05-01-preview",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
],
"properties": {
"publisher": "McAfee.EndpointSecurity",
"type": "McAfeeEndpointSecurity",
"typeHandlerVersion": "6.0",
"settings": {
"featureVS": "true",
"featureBP": "true",
"featureFW": "true",
"relayServer": "false"
},
"protectedSettings": null
}
}
]
}
You will be able to see the VM extension node in the bottom of the template.
Also please find the param list for the same.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"newStorageAccountName": {
"value": "GEN-UNIQUE-8"
},
"publicIPAddressName": {
"value": "GEN-UNIQUE-8"
},
"publicIPAddressType": {
"value": "Dynamic"
},
"vmName": {
"value": "GEN-UNIQUE-8"
},
"vmSize": {
"value": "Standard_D3"
},
"adminUsername": {
"value": "GEN-UNIQUE"
},
"adminPassword": {
"value": "GEN-PASSWORD"
},
"virtualNetworkName": {
"value": "GEN-VNET-NAME"
},
"nicName": {
"value": "GEN-UNIQUE-8"
},
"vmExtensionName": {
"value": "GEN-UNIQUE-8"
}
}
}
You can visualize it from here :
http://armviz.io/#/?load=https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2Fmcafee-extension-windows-vm%2Fazuredeploy.json
Hope it helps.

Azure GovCloud Template Error

I am using this template enter link description here and I been working through it to convert it from stock to something I can use in the Azure Government Cloud. I am almost complete but I keep getting this last error that I do not know how to rectify. Maybe someone here with more json experience than I do can find this fix simply.
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"uniquePrefix": {
"type": "string",
"metadata": {
"description": "This unique prefix will be used on all the objects created as part of this template."
}
},
"transferVMSize": {
"type": "string",
"defaultValue": "Standard_D4",
"allowedValues": [
"Standard_A4",
"Standard_A7",
"Standard_D4",
"Standard_D14",
"Standard_D2s_v3"
],
"metadata": {
"description": "Size of the VM used to transfer the VM image to various storage accounts."
}
},
"computeVMSize": {
"type": "string",
"defaultValue": "Standard_A1",
"allowedValues": [
"Standard_A1",
"Standard_A2",
"Standard_A3",
"Standard_A4",
"Standard_A5",
"Standard_A6",
"Standard_A7",
"Standard_A8",
"Standard_A9",
"Standard_A10",
"Standard_A11",
"Standard_D1",
"Standard_D2",
"Standard_D3",
"Standard_D3_v2",
"Standard_D4",
"Standard_D4_v2",
"Standard_D5_v2",
"Standard_D11",
"Standard_D12",
"Standard_D12_v2",
"Standard_D13",
"Standard_D13_v2",
"Standard_D14",
"Standard_D14_v2",
"Standard_DS3",
"Standard_DS4",
"Standard_DS12",
"Standard_DS13",
"Standard_DS14",
"Standard_G2",
"Standard_G3",
"Standard_G4",
"Standard_G5",
"Standard_GS2",
"Standard_GS3",
"Standard_GS4",
"Standard_GS5",
"Standard_D2s_v3"
],
"metadata": {
"description": "Size of the VMs to be used for actual computation."
}
},
"computeOSType": {
"type": "string",
"defaultValue": "Linux",
"allowedValues": [
"Linux",
"Windows"
],
"metadata": {
"description": "Compute OS Type"
}
},
"deploymentType": {
"type": "string",
"defaultValue": "VMSS",
"allowedValues": [
"VMSS",
"Single",
"SingleAV"
],
"metadata": {
"description": "This determines whether the VMs will be deployed using scale sets, as individual VMs, or individual VMs in an availability set (maximum 100 for the last option)."
}
},
"numberOfSAs": {
"type": "int",
"metadata": {
"description": "Number of Storage Accounts to upload the custom image to."
}
},
"instanceCountPerSA": {
"type": "int",
"maxValue": 40,
"metadata": {
"description": "Number of VMs per Storage Account."
}
},
"imageLocation": {
"type": "string",
"metadata": {
"description": "URL of the base custom image, in the format of https://accountname.blob.core.windows.net/container/image.vhd."
}
},
"storageAccountKey": {
"type": "securestring",
"metadata": {
"description": "Storage Account key for accessing the base custom image."
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Admin username for the VMs in the deployment."
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Admin password for the VMs in the deployment."
}
}
},
"variables": {
"vnetName": "[concat(parameters('uniquePrefix'), 'vnet')]",
"addressPrefix": "10.0.0.0/16",
"subnetName": "subnet",
"subnetPrefix": "10.0.0.0/21",
"transferImagePublisher": "Canonical",
"transferImageOffer": "UbuntuServer",
"ubuntuOSVersion": "16.04-LTS",
"imagePieces": "[split(parameters('imageLocation'),'/')]",
"blobName": "blob.core.usgovcloudapi.net",
"templateLocation": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/301-custom-images-at-scale/",
"sharedResourcesTemplateUri ": "[concat(variables('templateLocation'), 'shared-resources.json')]",
"finalTemplateUri": "[concat(variables('templateLocation'), 'final_')]",
"downloadTemplateURI": "[concat(variables('templateLocation'), 'download.json')]",
"downloadScriptURI": "[concat(variables('templateLocation'), 'download.sh')]",
"uploadTemplateURI": "[concat(variables('templateLocation'), 'upload.json')]",
"uploadScriptURI": "[concat(variables('templateLocation'), 'upload.sh')]",
"vmStorageAccountContainerName": "transfertestsa",
"OSDiskName": "transfertestvm",
"StorageAccountName": "transfertest"
},
"resources": [{
"name": "[concat(parameters('uniquePrefix'), 'base')]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('sharedResourcesTemplateUri ')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"uniquePrefix": {
"value": "[parameters('uniquePrefix')]"
},
"numberOfSAs": {
"value": "[parameters('numberOfSAs')]"
},
"vnetName": {
"value": "[variables('vnetName')]"
},
"addressPrefix": {
"value": "[variables('addressPrefix')]"
},
"subnetName": {
"value": "[variables('subnetName')]"
},
"subnetPrefix": {
"value": "[variables('subnetPrefix')]"
}
}
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[concat('transfer', parameters('uniquePrefix'), 'sa')]",
"apiVersion": "2015-05-01-preview",
"location": "[resourceGroup().location]",
"properties": {
"accountType": "Standard_LRS"
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat('transfer', parameters('uniquePrefix'), 'ip')]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/networkInterfaces",
"name": "[concat('transfer', parameters('uniquePrefix'), 'nic')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/transfer', parameters('uniquePrefix'), 'ip')]",
"[concat('Microsoft.Resources/deployments/', parameters('uniquePrefix'), 'base')]"
],
"properties": {
"ipConfigurations": [{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', concat('transfer', parameters('uniquePrefix'), 'ip'))]"
},
"subnet": {
"id": "[concat('/subscriptions/', subscription().subscriptionId,'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', variables('vnetName'), '/subnets/', variables('subnetName'))]"
}
}
}]
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Compute/virtualMachines",
"name": "[concat('transfer', parameters('uniquePrefix'), 'vm')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/transfer', parameters('uniquePrefix'), 'sa')]",
"[concat('Microsoft.Network/networkInterfaces/transfer', parameters('uniquePrefix'), 'nic')]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('transferVMSize')]"
},
"osProfile": {
"computerName": "[concat('transfer', parameters('uniquePrefix'), 'vm')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "[variables('transferImagePublisher')]",
"offer": "[variables('transferImageOffer')]",
"sku": "[variables('ubuntuOSVersion')]",
"version": "latest"
},
"osDisk": {
"name": "osdisk",
"vhd": {
"uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/',variables('vmStorageAccountContainerName'),''), '2015-06-15').primaryEndpoints.blob,'vhds/',variables('OSDiskName'),'-osdisk.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [{
"id": "[resourceId('Microsoft.Network/networkInterfaces', concat('transfer', parameters('uniquePrefix'), 'nic'))]"
}]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": "true",
"storageUri": "[concat('http://transfer',parameters('uniquePrefix'),'sa.blob.core.usgovcloudapi.net')]"
}
}
}
},
{
"name": "[concat(parameters('uniquePrefix'), 'script0')]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/transfer', parameters('uniquePrefix'), 'vm')]"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('downloadTemplateURI')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"uniquePrefix": {
"value": "[parameters('uniquePrefix')]"
},
"imageLocation": {
"value": "[parameters('imageLocation')]"
},
"storageAccountKey": {
"value": "[parameters('storageAccountKey')]"
},
"downloadScriptURI": {
"value": "[variables('downloadScriptURI')]"
}
}
}
},
{
"name": "[concat(parameters('uniquePrefix'), 'script', string(add(copyIndex(), 1)))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"dependsOn": [
"[concat('Microsoft.Resources/deployments/', parameters('uniquePrefix'), 'script', copyIndex())]"
],
"copy": {
"name": "uploadLoop",
"count": "[parameters('numberOfSAs')]"
},
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('uploadTemplateURI')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"uniquePrefix": {
"value": "[parameters('uniquePrefix')]"
},
"index": {
"value": "[copyIndex()]"
},
"uploadScriptURI": {
"value": "[variables('uploadScriptURI')]"
}
}
}
},
{
"name": "[concat(parameters('uniquePrefix'), 'full')]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"dependsOn": [
"uploadLoop"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[concat(variables('finalTemplateUri'), parameters('deploymentType'), '.json')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"uniquePrefix": {
"value": "[parameters('uniquePrefix')]"
},
"numberOfSAs": {
"value": "[parameters('numberOfSAs')]"
},
"instanceCountPerSA": {
"value": "[parameters('instanceCountPerSA')]"
},
"vmSize": {
"value": "[parameters('computeVMSize')]"
},
"OSType": {
"value": "[parameters('computeOSType')]"
},
"blobName": {
"value": "[variables('blobName')]"
},
"vnetName": {
"value": "[variables('vnetName')]"
},
"addressPrefix": {
"value": "[variables('addressPrefix')]"
},
"subnetName": {
"value": "[variables('subnetName')]"
},
"subnetPrefix": {
"value": "[variables('subnetPrefix')]"
},
"templateLocation": {
"value": "[variables('templateLocation')]"
},
"adminUsername": {
"value": "[parameters('adminUsername')]"
},
"adminPassword": {
"value": "[parameters('adminPassword')]"
}
}
}
}
]
}
The above is what I am using to launch my template and attached are the parameters that I am inputting and the error message I receive. enter image description hereenter image description here

I fixed the error by forking the script to my own repo and changing every occurrence of the blob reference to gov cloud in all the files needed for that script.

How to create Azure My SQL DB by using ARM template

I have to create one Azure My SQL DB by automation not manually? Can anyone help me to create it through ARM template.

Below is an ARM Template to Create Azure MySQL over Linux VM. You can customize it as per your needs.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"mysqlPassword": {
"type": "securestring",
"metadata": {
"description": "Root password password for the MySQL database."
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Password for the Virtual Machine."
}
},
"sku": {
"type": "string",
"allowedValues": [
"Free",
"Shared",
"Basic",
"Standard",
"Premium"
],
"defaultValue": "Free",
"metadata": {
"description": "The pricing tier for the App Service plan."
}
},
"svcPlanSize": {
"type": "string",
"defaultValue": "F1",
"metadata": {
"description": "The instance size of the app."
}
},
"prefix": {
"type": "string",
"metadata": {
"description": "Prefix for all the resources."
}
}
},
"variables": {
"imagePublisher": "Canonical",
"imageOffer": "UbuntuServer",
"ubuntuOSVersion": "15.10",
"OSDiskName": "osdiskfordockersimple",
"nsgName": "[concat(parameters('prefix'),'NSG')]",
"nicName": "[concat(parameters('prefix'),'VMNic')]",
"dnsNameForPublicIP": "[parameters('prefix')]",
"extensionName": "DockerExtension",
"addressPrefix": "10.0.0.0/16",
"subnetName": "Subnet",
"subnetPrefix": "10.0.0.0/24",
"storageAccountType": "Standard_LRS",
"storageName": "wpac",
"publicIPAddressName": "[concat(parameters('prefix'),'PublicIP')]",
"publicIPAddressType": "Dynamic",
"serverFarmName": "[concat(parameters('prefix'),'SrvFrm')]",
"vmStorageAccountContainerName": "vhds",
"vmName": "[concat(parameters('prefix'),'DockerVM')]",
"vmSize": "Basic_A1",
"virtualNetworkName": "[concat(parameters('prefix'),'VNET')]",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
"nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups',variables('nsgName'))]",
"subnetRef": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]",
"webAppName": "[concat(parameters('prefix'),'WebApp')]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageName')]",
"apiVersion": "2015-05-01-preview",
"location": "[resourceGroup().location]",
"properties": {
"accountType": "[variables('storageAccountType')]"
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "[variables('publicIPAddressType')]",
"dnsSettings": {
"domainNameLabel": "[variables('dnsNameForPublicIP')]"
}
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[variables('nsgID')]"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"networkSecurityGroup": {
"id": "[variables('nsgID')]"
}
}
}
]
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]",
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]"
},
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
]
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[variables('nsgName')]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "mysql",
"properties": {
"description": "Allow MySQL",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "3306",
"sourceAddressPrefix": "Internet",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 100,
"direction": "Inbound"
}
},
{
"name": "ssh",
"properties": {
"description": "Allow SSH",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "22",
"sourceAddressPrefix": "Internet",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
}
]
}
},
{
"apiVersion": "2015-05-01-preview",
"type": "Microsoft.Compute/virtualMachines",
"name": "[variables('vmName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', variables('storageName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[variables('vmSize')]"
},
"osProfile": {
"computername": "[variables('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "[variables('imagePublisher')]",
"offer": "[variables('imageOffer')]",
"sku": "[variables('ubuntuOSVersion')]",
"version": "latest"
},
"osDisk": {
"name": "osdisk1",
"vhd": {
"uri": "[concat('http://',variables('storageName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('OSDiskName'),'.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',variables('nicName'))]"
}
]
}
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(variables('vmName'),'/', variables('extensionName'))]",
"apiVersion": "2015-05-01-preview",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
],
"properties": {
"publisher": "Microsoft.Azure.Extensions",
"type": "DockerExtension",
"typeHandlerVersion": "1.1",
"autoUpgradeMinorVersion": true,
"settings": {
"compose": {
"db": {
"image": "mysql",
"ports": [
"3306:3306"
],
"volumes": [
"/var/lib/mysql:/var/lib/mysql"
],
"environment": [
"[concat('MYSQL_ROOT_PASSWORD=', parameters('mysqlPassword'))]",
"MYSQL_DATABASE=wpacMySQL",
"[concat('MYSQL_USER=', parameters('adminUsername'))]",
"[concat('MYSQL_PASSWORD=', parameters('mysqlPassword'))]"
]
}
}
}
}
},
{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2015-08-01",
"name": "[variables('serverFarmName')]",
"location": "[resourceGroup().location]",
"sku": {
"name": "[parameters('svcPlanSize')]",
"tier": "[parameters('sku')]",
"capacity": 1
}
}
]
}

Azure ARM Template add second disk

I would like to add in my template option for second disk based from "userImageStorageAccountName" My template was wrking until ii try to add second disk then when I try to deploy Vm i receive:
Blockquote {"code":"StorageAccountAlreadyExists","message":"The storage account named TEST already exists under the subscription."}}
But my target is to create in that storage account i don't want to create new storage account
BTW do you have maybe a nice documentation to create template for dummies :D
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "0.0.4.0",
"parameters": {
"VM_name": {
"type": "string",
"minLength": 11,
"maxLength": 12,
"defaultValue": "testxxx0021",
"metadata": {
"description": "Hostnem+dns name"
}
},
"VM_Class": {
"type": "string",
"allowedValues": [
"Standard_A1",
"Standard_A2",
"Standard_A3"
],
"defaultValue": "Standard_A2",
"metadata": {
"description": "type VM"
}
},
"sizeOfEachDataDiskInGB": {
"type": "string",
"defaultValue": "20",
"metadata": {
"description": "Size of each data disk in GB"
}
},
"userImageStorageAccountName": {
"type": "string",
"defaultValue": "TEST",
"metadata": {
"description": "Storage account for machine"
}
},
"Windows_template": {
"type": "string",
"allowedValues": [
"https://TEST.blob.core.windows.net/system/Microsoft.Compute/Images/xxxxxxxx/template-dddosDisk.vhd",
"https://TEST.blob.core.windows.net/testtemp/xxxxxxx.vhd",
"https://TEST.blob.core.windows.net/testtemp/template-xxxxx.vhd"
],
"defaultValue": "https://TEST.blob.core.windows.net/TESTtemp/template-xxxxxxxxx.vhd",
"metadata": {
"description": "Uri of the your user image"
}
},
"adminUserName": {
"type": "securestring",
"defaultValue": "testadmin",
"metadata": {
"description": "UserName for the Virtual Machine"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Password for the Virtual Machine"
}
},
"osType": {
"type": "string",
"allowedValues": [
"Windows",
"Linux"
],
"defaultValue": "Windows",
"metadata": {
"description": "This is the OS that your VM will be running"
}
}
},
"variables": {
"location": "[resourceGroup().location]",
"vmName": "[parameters('VM_name')]",
"virtualNetworkName": "xx.xxx.xxx.0-xx-vnet",
"nicName": "[parameters('VM_name')]",
"addressPrefix": "xx.xxx.xxx.0/22",
"subnet1Name": "xx.xxx.xxx.0-xx-vnet",
"subnet1Prefix": "xx.xxx.xxx.0/24",
"vmStorageAccountContainerName": "vhds",
"storageAccountType": "Standard_LRS",
"storageAccountName": "[parameters('userImageStorageAccountName')]",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
"subnet1Ref": "[concat(variables('vnetID'),'/subnets/',variables('subnet1Name'))]",
"osDiskVhdName": "[concat('http://',parameters('userImageStorageAccountName'),'.blob.core.windows.net/vhds/',variables('vmName'),'osDisk.vhd')]",
"apiVersion": "2015-06-15",
"dataDisk1VhdName": "[concat('http://',variables('storageAccountName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('vmName'),'dataDisk1.vhd')]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageAccountName')]",
"apiVersion": "[variables('apiVersion')]",
"location": "[variables('location')]",
"properties": {
"accountType": "[variables('storageAccountType')]"
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[variables('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnet1Name')]",
"properties": {
"addressPrefix": "[variables('subnet1Prefix')]"
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('subnet1Ref')]"
}
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Compute/virtualMachines",
"name": "[variables('vmName')]",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('VM_Class')]"
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"osDisk": {
"name": "[concat(variables('vmName'),'-osDisk')]",
"osType": "[parameters('osType')]",
"caching": "ReadWrite",
"createOption": "FromImage",
"image": {
"uri": "[parameters('Windows_template')]"
},
"vhd": {
"uri": "[variables('osDiskVhdName')]"
}
}
},
"dataDisks": [
{
"name": "datadisk1",
"diskSizeGB": "[parameters('sizeOfEachDataDiskInGB')]",
"lun": 0,
"vhd": {
"Uri": "[variables('dataDisk1VhdName')]"
},
"createOption": "Empty"
}
],
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": "true",
"storageUri": "[concat('http://',parameters('userImageStorageAccountName'),'.blob.core.windows.net')]"
}
}
}
}
]
}
thx for Help

Looking over the JSON, you are requesting platform to ask user to provide a new storage account. To use exiting storage account you can refer existing parameter to you have already provided .
Original JSON :
"dataDisk1VhdName": "[concat('http://',variables('storageAccountName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('vmName'),'dataDisk1.vhd')]"
Suggested JSON
"dataDisk1VhdName": "[concat('http://',parameters('userImageStorageAccountName'),'.blob.core.windows.net/',variables('vmStorageAccountContainerName'),'/',variables('vmName'),'dataDisk1.vhd')]"
Hope this helps.

Check if the storage account tags have been changed through the Azure/PowerShell portal by somebody else, and are different than the ones specified on the ARM template.
Sounds like a bug on the ARM deployment system, tags should be able to be updated but it is currently failing for storage account resources.
For more info see http://davidjrh.intelequia.com/2016/07/the-storage-account-already-exists.html