Azure 错误“由于违反策略,模板部署失败。请查看详细信息以获取更多信息。”
[英]Azure Error "The template deployment failed because of policy violation. Please see details for more information."
问题描述
在 DevOps 中运行帐户基线管道时出错。 执行自动设置ActivityLog的powershell脚本时,仅在部分订阅上出现错误。 请帮助我如何解决以下错误。
错误消息:内部错误:{'code': 'RequestDisallowedByPolicy', 'target': 'ActivityLogs', 'message': 'Resource 'ActivityLogs' was disallowed by policy. 策略标识符:'[{"policyAssignment":{"name":"拒绝修改活动日志中的诊断设置","id":"/providers/Microsoft.Management/managementGroups/SKT/providers/Microsoft.Authorization/policyAssignments /PA_201027_C_005"}, "policyDefinition":{"name":"拒绝修改活动日志中的诊断设置", "id":"/providers/Microsoft.Management/managementGroups/SKT/providers/Microsoft.Authorization/policyDefinitions/ ff8f7238-2c3c-549f-9613-fcf1b62962a0"}}]'.', 'additionalInfo': [{'type': 'PolicyViolation', 'info': {'policyDefinitionDisplayName': '拒绝修改活动日志中的诊断设置', 'evaluationDetails': {'evaluatedExpressions': [{'result': 'True', 'expressionKind': 'Field', 'expression': 'type', 'path': 'type', 'expressionValue': ' Microsoft.Insights/diagnosticSettings', 'targetValue': 'Microsoft.Insights/diagnosticSettings', 'operator': 'Equals'}, {'result': 'True', 'expressionKind': 'Count', 'expression': ' Microsoft.Insights/诊断 icSettings/logs[ ]', 'path': 'properties.logs[ ]', 'expressionValue': 8, 'targetValue': 1, 'operator': 'GreaterOrEquals'}, {'result': 'True', ' expressionKind': 'Field', 'expression': 'Microsoft.Insights/diagnosticSettings/storageAccountId', 'path': 'properties.storageAccountId', 'expressionValue': '',
活动日志 -> 验证部署 -> “Json”内容
“correlationId”:“619c8334-8463-4a8f-8c2a-e28b405d720e”,“描述”:“”,“eventDataId”:“3502be36-c5e8-404b-947e-f1735debf506”,“eventName”:{“值”:“EndRequest ", "localizedValue": "结束请求" }, "category": { "value": "Administrative", "localizedValue": "Administrative" }, "eventTimestamp": "2022-04-17T09:21:06.2088549Z" , "id": "/subscriptions/b0d5568e-1c80-4e83-a021-bc244dc5bd82/providers/Microsoft.Resources/deployments/InitActivityLogSetting_04170921/events/3502be36-c5e8-404b-947e-f1735debf506/ticks/637857840662088549", "level": “错误”,“operationId”:“619c8334-8463-4a8f-8c2a-e28b405d720e”,“operationName”:{“value”:“Microsoft.Resources/deployments/validate/action”,“localizedValue”:“验证部署”} , "resourceGroupName": "", "resourceProviderName": { "value": "Microsoft.Resources", "localizedValue": "Microsoft Resources" }, "resourceType": { "value": "Microsoft.Resources/deployments", "localizedValue": "Microsoft.Resources/deployments" }, "resourceId": "/下标离子/b0d5568e-1c80-4e83-a021-bc244dc5bd82/providers/Microsoft.Resources/deployments/InitActivityLogSetting_04170921", "status": { "value": "Failed", "localizedValue": "Failed" }, "subStatus": { "value": "BadRequest", "localizedValue": "Bad Request (HTTP Status Code: 400)" }, "submissionTimestamp": "2022-04-17T09:22:53.1947302Z", "subscriptionId": "b0d5568e-1c80 -4e83-a021-bc244dc5bd82", "tenantId": "b20e9363-6cf4-4366-9b50-cec8054c47af", "properties": { "statusCode": "BadRequest", "serviceRequestId": null, "statusMessage": "{" error":{"code":"InvalidTemplateDeployment","message":"由于违反策略,模板部署失败。 请参阅详细信息以获取更多信息。 策略标识符:'[{\"policyAssignment\":{\"name\":\"拒绝修改活动日志中的诊断设置\",\"id\":\"/providers/Microsoft.Management/managementGroups/ SKT/providers/Microsoft.Authorization/policyAssignments/PA_201027_C_005\"},\"policyDefinition\":{\"name\":\"拒绝修改活动日志中的诊断设置\",\"id\":\" /providers/Microsoft.Management/managementGroups/SKT/providers/Microsoft.Authorization/policyDefinitions/ff8f7238-2c3c-549f-9613-fcf1b62962a0\"}}]'.","additionalInfo":[{"type":"PolicyViolation" }]}]}}", "eventCategory": "管理", "实体": "/subscriptions/b0d5568e-1c80-4e83-a021-bc244dc5bd82/providers/Microsoft.Resources/deployments/InitActivityLogSetting_04170921", "消息": " Microsoft.Resources/deployments/validate/action", "hierarchy": "b20e9363-6cf4-4366-9b50-cec8054c47af/SKT/LZ_Divisions/devsecops_ID/b0d5568e-1c80-4e83-a021-bc244dc5bd82" }, "相关事件": [] }
1 个解决方案
解决方案1
1 2022-04-17 12:37:59
您似乎分配了一个 Azure 策略来阻止修改活动日志。 如果您有权限,您可以查看订阅中的策略定义并为您尝试执行的操作添加例外。 如果您不是订阅的管理员,则需要联系他们以添加例外或删除政策。
保单概览
https://learn.microsoft.com/en-us/azure/governance/policy/overview
政策例外
https://learn.microsoft.com/en-us/azure/governance/policy/concepts/exemption-structure
实例部署无法安装您在“Gemfile”中定义的依赖项 gem。 有关详细信息,请参阅“eb-engine.log”。 部署失败
[英]Instance deployment failed to install dependency gems that you defined in 'Gemfile'. For details, see 'eb-engine.log'. The deployment failed
Azure 策略错误:CaseSensitiveDeploymentParameterNamesFound
[英]Azure policy error: CaseSensitiveDeploymentParameterNamesFound
部署错误。 构建失败:构建错误详细信息不可用。 Firebase 云函数
[英]Deployment error. Build failed: Build error details not available. Firebase Cloud Functions
AWS CodeDeploy 错误 - 部署失败,因为指定文件已存在于此位置
[英]AWS CodeDeploy error - The deployment failed because a specified file already exists at this location
Azure App Insights - 脚本错误:浏览器的同源策略阻止我们获取此异常的详细信息
[英]Azure App Insights - Script error: The browser's same-origin policy prevents us from getting the details of this exception
Azure 管道发布管道:ARM 模板部署:资源组 scope 失败,错误代码:部署失败”
[英]Azure pipeline Release pipeline: ARM Template deployment: Resource Group scope fails with ,,Error code: DeploymentFailed"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Azure 策略无效部署
实例部署无法安装您在“Gemfile”中定义的依赖项 gem。 有关详细信息,请参阅“eb-engine.log”。 部署失败
Azure 媒体服务 function 应用程序模板部署失败
Azure 策略错误:CaseSensitiveDeploymentParameterNamesFound
部署错误。 构建失败:构建错误详细信息不可用。 Firebase 云函数
AWS CodeDeploy 错误 - 部署失败,因为指定文件已存在于此位置
Django web azure 部署失败
Azure App Insights - 脚本错误:浏览器的同源策略阻止我们获取此异常的详细信息
Azure 管道发布管道:ARM 模板部署:资源组 scope 失败,错误代码:部署失败”
Azure 应用服务 Python 3.9 部署失败
相关标签