Azure Resource Manager | Web App Slots Config | App Service Authentication - json

I successfully deployed my ARM template via ADO last week and realised that i forgot to include App Service Authentication for my Web App slots.
I messed around with the Microsoft.Web/sites/slots/config and ran into some errors that i was able to overcome with the help of few individuals on Stack.
However, now that the code should work it is failing but i am not getting any error codes on Azure DevOps when releasing.
It just says;
2020-07-02T14:20:19.0820320Z ##[error]At least one resource deployment operation failed. Please
list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2020-07-02T14:20:19.0832558Z ##[error]Details:
2020-07-02T14:20:19.0834149Z ##[error]BadRequest:
2020-07-02T14:20:19.0835776Z ##[error]Check out the troubleshooting guide to see if your issue is addressed: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
2020-07-02T14:20:19.0837268Z ##[error]Task failed while creating or updating the template deployment.
Here is my code:
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'),'/staging/auth')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "~1",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": "AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": [
"https://webapptest1a-staging.azurewebsites.net"
],
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},
Anything sticking out like a sore thumb?
I released the code without this part in it, and it worked fine, so it is most likely this little section here that is causing an issue, but all the information i believe is correct.
According to: https://learn.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites/config-authsettings
Thank you for your guidance.

So, after a bit i found an answer;
Here is the working code;
What i had previously done was this;
"name": "[concat(parameters('webAppName'), '/staging/auth')]",
What it needs to be is this;
"name": "[concat(parameters('webAppName'), '/staging/authsettings')]",
The "auth" alone will not match anything, and will give back a bad request. Which is right as nothing under "auth" exists meaning it cannot be matched.
So when you put Auth Settings, it actually works as intended as it matches!
Here is what i followed
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'), '/staging/authsettings')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "1.0.0",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": false,
"allowedExternalRedirectUrls": null,
"defaultProvider":"AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": null,
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},

Related

Azure Resource Manager: Web App Slots Config: App Service Authentication

I am having a issue with applying a App Service Authentication to my Web App Slots.
The error i am receiving is the following:
"The template resource 'webapptest1a/authconfig' for type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Common.Entities.TemplateGenericProperty`1[System.String]' at line '1' and column '8107' has incorrect segment lengths. A nested resource type must have identical number of segments as its resource name. A root resource type must have segment length one greater than its resource name"
Here is my code, which i think is pretty much correct. I am finding it difficult to find references for Web App slots config. I have the Microsoft Documentation and i followed it, but no luck.
Here is my code:
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'),'/authconfig')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "~1",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": "AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": [
"https://webapptest1a-staging.azurewebsites.net"
],
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},
I am really concussed, i have tried many variants but i am not getting close.
I changed the name to few different variants then i was given different errors but in regards to the naming convention.
"name": "[concat(parameters('webAppName'), '/appsettings')]",
I also changed the Depends on twice from:
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
To:
"[concat('Microsoft.Web/sites/', parameters('webAppName'))]",
"[concat(parameters('sqlDatabase'), 'constr')]"
I am really stuck! Would love some guidance.
Thank you
As the error says that "A root level resource must have one less segment in the name than the resource type". Here you are passing the incorrect name for the resource. As the segment length of Type is 4, segment length of Name must be 3. So in the config name you must pass the slot name also something like below (You can change the slot name and config name according to your template)
[concat(parameters('webAppName'), '/staging/web')]
Please check the below example for reference:
{
"type": "Microsoft.Web/sites/slots/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('webAppName'), '/staging/web')]",
"location": "East US",
"dependsOn": [
"[resourceId('Microsoft.Web/sites/slots', parameters('webAppName'), 'staging')]",
"[resourceId('Microsoft.Web/sites', parameters('webAppName'))]"
],
"properties": {
"numberOfWorkers": 1,
"defaultDocuments": [
"Default.htm",
"Default.html",
"Default.asp",
"index.htm",
"index.html",
"iisstart.htm",
"default.aspx",
"index.php",
"hostingstart.html"
],
"netFrameworkVersion": "v4.0",
"requestTracingEnabled": false,
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "VS2019",
"httpLoggingEnabled": false,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": false,
"publishingUsername": "$mytestap345__staging",
"scmType": "None",
"use32BitWorkerProcess": true,
"webSocketsEnabled": false,
"alwaysOn": false,
"managedPipelineMode": "Integrated",
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\\wwwroot",
"preloadEnabled": false
}
],
"loadBalancing": "LeastRequests",
"experiments": {
"rampUpRules": []
},
"autoHealEnabled": false,
"localMySqlEnabled": false,
"ipSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictionsUseMain": false,
"http20Enabled": false,
"minTlsVersion": "1.2",
"ftpsState": "AllAllowed",
"reservedInstanceCount": 0
}
}

Is there a way to UPDATE values based on WHERE conditions between two JSON files

Say I have two versions of the same JSON data. Each object has a unique ID key/pair. Say in one version a certain key has null as its value while the other version has the appropriate values for that key.
Can we match the objects between the two JSON files based on their unique ID value and copy over a certain key's values? I don't want to mess around with the rest of the fields in the JSON object.
Sample:
version 1:
[
{
"contentId": "ID-02",
"title": "Attendance",
"desp": "Daily Attendance",
"contentType": "service",
"url": "ATTENDANCE",
"contentCategory": "Essentials",
"employeeId": null,
"imageUrl": null,
"publishedCourseFlag": "true"
},
{
"contentId": "ID-04",
"title": "Regularise History",
"desp": "Regularise History",
"contentType": "service",
"url": "REGULARISE_HISTORY",
"contentCategory": "Non-Essentials",
"employeeId": null,
"imageUrl": null,
"publishedCourseFlag": "false"
}
]
version 2:
[
{
"contentId": "ID-02",
"title": "Attendance",
"desp": "Daily Attendance",
"contentType": "service",
"url": "ATTENDANCE",
"contentCategory": null,
"employeeId": null,
"imageUrl": null
},
{
"contentId": "ID-04",
"title": "Regularise History",
"desp": "Regularise History",
"contentType": "service",
"url": "REGULARISE_HISTORY",
"contentCategory": null,
"employeeId": null,
"imageUrl": null,
"publishedCourseFlag": "false"
}
]
Here v1 has the contentCategory set while v2 has null. I want to copy the appropriate values from v1 to v2 based on their contentId values. Is there a simple way to do this other than manually copy/paste? I'd like a scripting solution that I can modify to my needs for situations like this. Or a simple query like solution would be even better.
Additionally is it possible to add a certain missing key/value from version 1 to version 2 ? Like Update if present else Insert ? I am hoping for a lot I guess. Completely new to JSON.

BIM360 Project's Service Type undocumented

On GET projects from BIM360, service_typesproperty contains services no documented.
Making a GET request to BIM360 Projects (https://forge.autodesk.com/en/docs/bim360/v1/reference/http/projects-:project_id-GET/), the service_types returns additional values than those documented on https://forge.autodesk.com/en/docs/bim360/v1/overview/parameters/#service-type
{
"id": "{PROJECT_ID}",
"account_id": "{ACCOUNT_ID}",
"name": "Sample Project",
"start_date": "2019-09-25",
"end_date": "2019-10-25",
"value": null,
"currency": null,
"status": "active",
"job_number": null,
"address_line_1": null,
"address_line_2": null,
"city": null,
"state_or_province": null,
"postal_code": null,
"country": "United States",
"business_unit_id": null,
"created_at": "2019-09-25T14:26:04.092Z",
"updated_at": "2019-10-04T16:44:25.271Z",
"project_type": "Demonstration Project",
"timezone": null,
"language": "en",
"construction_type": null,
"contract_type": null,
"last_sign_in": "2019-10-04T16:44:25.000Z",
"service_types": "doc_manager,insight,admin"
}
According to the documentation, only field, glue, schedule, plan and doc_managerare expected.
So at the moment the situation is that those services are not properly documented since they are not fully supported yet. They are actively working in making this services better and documented properly. There is an improvement process being worked on this quarter. Check back with us in a near future, a good structure and improvement to the bim360 service is coming. thank you for reaching out.

How do I delete all the resources within the subnet in cli?

Every time that I try to delete a subnet I got this type of error "Subnet testVMSubnet is in use by /subscriptions/testVMVMNic/ipConfigurations/ipconfigtestVM and cannot be deleted. In order to delete the subnet, delete all the resources within the subnet. See aka.ms/deletesubnet."
So, how do I delete all the resources within the subnet?
[
{
"addressPrefix": "10.0.0.0/24",
"addressPrefixes": null,
"delegations": [],
"etag": "W/\"ba1ae732-1aa2-4d6d-af04-3dc6eaac8338\"",
"id": "/subscriptions/23c7f465-e27b-418b-b8a7-21616582f9bb/resourceGroups/user-qkyosxgoenbq/providers/Microsoft.Network/virtualNetworks/testVMVNET/subnets/testVMSubnet",
"interfaceEndpoints": null,
"ipConfigurationProfiles": null,
"ipConfigurations": [
{
"etag": null,
"id": "/subscriptions/23c7f465-e27b-418b-b8a7-21616582f9bb/resourceGroups/user-qkyosxgoenbq/providers/Microsoft.Network/networkInterfaces/testVMVMNic/ipConfigurations/ipconfigtestVM",
"name": null,
"privateIpAddress": null,
"privateIpAllocationMethod": null,
"provisioningState": null,
"publicIpAddress": null,
"resourceGroup": "user-qkyosxgoenbq",
"subnet": null
}
],
"name": "testVMSubnet",
"networkSecurityGroup": null,
"provisioningState": "Succeeded",
"purpose": null,
"resourceGroup": "user-qkyosxgoenbq",
"resourceNavigationLinks": null,
"routeTable": null,
"serviceAssociationLinks": null,
"serviceEndpointPolicies": null,
"serviceEndpoints": null,
"type": "Microsoft.Network/virtualNetworks/subnets"
}
]
Unfortunately there is no easy way to do this. If you have Network Watcher running in the region where your vnet is located than you can get the topology mapping to find out what is attached to that subnet using the command az network watcher show-topology -g MyResourceGroup. In addition to being only a single region, this only shows resource within a single resource group- items attached to the subnet from a different resource group won't show.
Theoretically you could parse this in order to create a list of delete scripts but this would be rather complex as each resource type has a different command to remove it. The solution depends greatly on how often you need to do this and scale. If it's a one-off, getting the list and manually deleting each item is probably simplest whether you do it from the portal or the cli. For an automated solution you may want to delete and redeploy the resource group or create a cleanup script to compliment your deployment scripts.

How do you get the first element out of a JSON String without knowing the name of the element in FileMaker 16 or 17?

I had an issue today with Filemaker on how to get the first element out of a json result without knowing the key.
Example $json result from an API call
{
"26298070": {
"task_id": "26298070",
"parent_id": "0",
"name": "DEPOT-0045 Research ODBC Model Extraction via Django To cut down on development time from Filemaker to Postgres",
"external_task_id": "32c8fd51-2066-42b9-b88b-8a2275fafc3f",
"external_parent_id": "64e7c829-d88e-48ae-9ba4-bb7a3871a7ce",
"level": "1",
"add_date": "2018-06-04 21:45:16",
"archived": "0",
"color": "#34C644",
"tags": "DEPOT-0045",
"budgeted": "1",
"checked_date": null,
"root_group_id": "91456",
"assigned_to": null,
"assigned_by": null,
"due_date": null,
"note": "",
"context": null,
"folder": null,
"repeat": null,
"billable": "0",
"budget_unit": "hours",
"public_hash": null,
"modify_time": null
}
}
I tried JSONGetElement( $json, "") and got the original json.
I tried JSONGetElement( $json, ".") and got the original json.
I tried JSONGetElement( $json, 1 ) and got nothing.
How do you get the first element out of a JSON String without knowing the name of the element in FileMaker 16 or 17?
Try this for the root element:
JSONListKeys ( $json ; "" )
result: 26298070
Once you get the root, you can get the child keys.
I remembered that FileMaker has a function to extract words from text so I thought I'd see what happened if I extracted the first word as a key.
I tried
JSONGetElement ( $json ; MiddleWords ( $json,1,1 ) )
and got the result I was looking for.
{
"add_date": "2018-06-04 21:45:16",
"archived": "0",
"assigned_by": null,
"assigned_to": null,
"billable": "0",
"budget_unit": "hours",
"budgeted": "1",
"checked_date": null,
"color": "#34C644",
"context": null,
"due_date": null,
"external_parent_id": "64e7c829-d88e-48ae-9ba4-bb7a3871a7ce",
"external_task_id": "32c8fd51-2066-42b9-b88b-8a2275fafc3f",
"folder": null,
"level": "1",
"modify_time": null,
"name": "DEPOT-0045 Research ODBC Model Extraction via Django To cut down on development time from Filemaker to Postgres",
"note": "",
"parent_id": "0",
"public_hash": null,
"repeat": null,
"root_group_id": "91456",
"tags": "DEPOT-0045",
"task_id": "26298070"
}
which makes it easy to parse simple JSON schema's that use attributes for keys.