在过去的几个小时中,我正在尝试通过使用403 Forbidden来解决az group deployment create [...] --template-uri错误的问题:
> az group deployment create --name testDeployment --resource-group "RESOURCE_GROUP_NAME" --template-uri https://gitlab.com/greg.dolniak/azure-test-403/-/raw/master/test.json --verbose --verbose --verbose
[...]
Loaded all modules in 0.442 seconds. (note: there's always an overhead with the first module loaded)
Extensions directory: 'C:\XXX\XXX\.azure\cliextensions'
Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x03692390>]
az_command_data_logger : command args: group deployment create --name {} --resource-group {} --template-uri {} --verbose --verbose --verbose
metadata file logging enabled - writing logs to 'C:\XXX\XXX\.azure\commands'.
Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x03649930>]
Event: CommandInvoker.OnPostArgumentLoad []
Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x036498E8>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x03649FA8>]
Event: CommandInvoker.OnCommandTableLoaded []
Event: CommandInvoker.OnPreParseArgs [<function _documentdb_deprecate at 0x043DFC90>]
Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x034C3D68>, <function CLIQuery.handle_query_parameter at 0x034EDE40>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x03649F60>, <function handler at 0x044B0D20>]
cli.azure.cli.core.util : HTTP Error 403: Forbidden
HTTP Error 403: Forbidden
az_command_data_logger : exit code: 1
telemetry.save : Save telemetry record of length 2518 in cache
telemetry.check : Negative: The C:\XXX\XXX\.azure\telemetry.txt was modified at 2020-04-12 07:17:51.208557, which in less than 600.000000 s
command ran in 1.642 seconds.
相似的命令,从本地运行,没有任何问题:
> az group deployment create --name testDeployment --resource-group "RESOURCE_GROUP_NAME" --template-file test.json --verbose --verbose --verbose
[...]
Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x03469348>, <function _x509_from_base64_to_hex_transform at 0x03469390>]
Event: CommandInvoker.OnFilterResult []
{
"id": "/subscriptions/XXX/resourceGroups/RESOURCE_GROUP_NAME/providers/Microsoft.Resources/deployments/rhcsaDeployment",
"location": null,
"name": "rhcsaDeployment",
"properties": {
"correlationId": "XXX",
"debugSetting": null,
"dependencies": [],
"duration": "PT0.6816683S",
"mode": "Incremental",
"onErrorDeployment": null,
"outputResources": [],
"outputs": {
"testTemplateUrl": {
"type": "String",
"value": "https://gitlab.com/greg.dolniak/azure-test-403/raw/test.json"
}
},
"parameters": {},
"parametersLink": null,
"providers": [],
"provisioningState": "Succeeded",
"template": null,
"templateHash": "12482633646376478463",
"templateLink": null,
"timestamp": "2020-04-12T05:24:41.826785+00:00"
},
"resourceGroup": "RESOURCE_GROUP_NAME",
"type": "Microsoft.Resources/deployments"
}
Event: Cli.PostExecute []
az_command_data_logger : exit code: 0
telemetry.save : Save telemetry record of length 2519 in cache
telemetry.check : Negative: The C:\XXX\XXX\.azure\telemetry.txt was modified at 2020-04-12 07:17:51.208557, which in less than 600.000000 s
command ran in 32.722 seconds.
很少观察到
从CloudShell运行它可以提供相同的结果。 --template-uri的错误403,并成功运行了--template-file参数
Gitlab存储库是公共的,任何人都可以在其中查看内容:https://gitlab.com/greg.dolniak/azure-test-403/-/raw/master/test.json
资源组是在az group create --name ...之前创建的,因此除默认策略外,没有其他应用策略。
两个帐户(用于本地部署的一个帐户和一个用于CloudShell的帐户)都是contributors,分别是订阅和资源组。
可耻的承认---template-uri参数对我有用
为westeurope设置了位置。
请帮助我解决此问题。