serverless-azure-functions icon indicating copy to clipboard operation
serverless-azure-functions copied to clipboard

Published 20 hours ago verified publisher icon serverless

How to use existing resource group while deploying the Azure Functions

Open parag0 opened this issue 5 years ago • 6 comments

Hi,

I was trying to deploy my Azure function on a App Service which is already created. At the time of deployment sls is trying to create new resource group for which I don't have access.

I have tried to use following gist in serverless.yml

provider:
  stage: dev
  name: azure
  region: East US 2
  runtime: nodejs10.x
  resourceGroup: <ALREADY_CREATED_RESOURCE_GROUP_NAME>
  subscriptionId: <SUBSCRIPTION_ID>

And here is the output of sls deploy

$ sls deploy
Serverless: Removing .serverless directory
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: admin event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: image event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: report event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: gaims event: httpTrigger
Serverless: Packaging service...
Serverless: Excluding development dependencies...
Serverless: Logging into Azure
Serverless: Using subscription ID: <SUBSCRIPTION_ID>
Serverless: Creating resource group: <ALREADY_CREATED_RESOURCE_GROUP_NAME>

  Error --------------------------------------------------

  Error: The client '<USER_NAME>' with object id '<OBJECT_ID>' does not have authorization to perform action 
     'Microsoft.Resources/subscriptions/resourcegroups/write' over scope 
    '/subscriptions/SUBSCRIPTION_ID/resourcegroups/ALREADY_CREATED_RESOURCE_GROUP_NAME' or the scope is invalid. 
    If access was recently granted, please refresh your credentials.
      at new RestError (C:\Users\analysis-node\node_modules\@azure\ms-rest-js\lib\restError.ts:18:5)
      at C:\Users\analysis-node\node_modules\@azure\ms-rest-js\lib\policies\deserializationPolicy.ts:117:27
      at process._tickCallback (internal/process/next_tick.js:68:7)

     For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.

  Get Support --------------------------------------------
     Docs:          docs.serverless.com
     Bugs:          github.com/serverless/serverless/issues
     Issues:        forum.serverless.com

  Your Environment Information ---------------------------
     Operating System:          win32
     Node Version:              10.20.1
     Framework Version:         1.71.1
     Plugin Version:            3.6.12
     SDK Version:               2.3.0
     Components Version:        2.30.11

Is there any way to set resource group in serverless cli which can be used while deploying the functions?

parag0 avatar May 24 '20 10:05 parag0

Looking at the error it seems like a permission error. Could you check if you are setting the correct az cli credentials? You can do that either with az account set command or using RBACs.

https://www.serverless.com/framework/docs/providers/azure/guide/credentials/

We have multiple function apps reusing resources (storage account, apims, etc) in the same resource group and it is working for us. You just need to pass the same exact name for the resources and it will reuse them. Example config for that

provider:
  name: azure
  runtime: nodejs10.x
  tenantId: ${self:custom.config.tenantId}
  os: linux
  resourceGroup: ${opt:rg, self:custom.config.resourceGroup}
  region: ${opt:region, 'East US 2'}
  stage: ${opt:stage, 'dev'}
  subscriptionId: ${self:custom.config.subscriptionId}
  type: premium
  appServicePlan:
    name: ${self:custom.config.servicePlanName}
    sku:
      tier: ElasticPremium
      name: EP1
  appInsights:
    name: ${self:custom.config.appInsightsName}
  functionApp:
    name: ${self:custom.config.functionAppName}
  storageAccount:
    name: ${self:custom.config.storageName}

Rapol avatar Jun 10 '20 20:06 Rapol

Thanks. I had the same issue and found this very helpful. I was unable to find this information within the Serverless online documentation. Not sure if I missed it, but is there documentation available for ALL Azure yml properties? This link does not appear to be up to date:

https://www.serverless.com/framework/docs/providers/azure/guide/serverless.yml/

Thanks.

ddudenhefer avatar Oct 22 '20 18:10 ddudenhefer

Yeah the maintainers would need to open a PR to the serverless documentation to update it. They have config documentation here: https://github.com/serverless/serverless-azure-functions/blob/master/docs/CONFIG.md

Also, I find it useful to look at the typescript definition for the config here: https://github.com/serverless/serverless-azure-functions/blob/master/src/models/serverless.ts#L36

Rapol avatar Oct 22 '20 18:10 Rapol

Thank you for sharing and taking the time to respond. I am just starting to dive into this framework and after deploying, some of the initial feedback I received was related to the generated resource names, which my team did not care for. So, this helps a lot!

ddudenhefer avatar Oct 22 '20 18:10 ddudenhefer

Hi @Rapol , here you are using the existing storage account and app insight?

Actually while I am using the existing storage account, getting below error. could you help?

Conflict - { "error": { "code": "StorageAccountAlreadyExists", "message": "The storage account named mdsptestconn already exists under the subscription." } }

knarwari avatar Oct 19 '21 06:10 knarwari

Any update on this?

tgdn avatar Oct 07 '23 16:10 tgdn