Comments (11)
Aboli-msft
commented on August 25, 2024
Hi @DevanshuSyk , Can you please share exact parameters passed on for Install-AzSKTenantSecuritySolutionConsolidated? That will help us investigate further
from azts-docs.
DevanshuSyk
commented on August 25, 2024
Connect to AzureAD and AzAccount
Note: Tenant Id must be specified when connecting to Azure AD and AzAccount
$TenantId = ""
Connect-AzAccount -Tenant $TenantId
Connect-AzureAD -TenantId $TenantId
-----------------------------------------------------------------#
Step 2: Run installation command.
-----------------------------------------------------------------#
$DeploymentResult = Install-AzSKTenantSecuritySolutionConsolidated -ScanningIdentityHostSubId ""
-ScanningIdentityHostRGName 'AZTS' -ScanningIdentityName 'AZTS'
-SubscriptionId ' -ScanHostRGName 'AZTS'
-Location 'eastus2' -SubscriptionsToScan @("")
-SREEmailIds @('') #Email Ids of Site Reliability Engineers or Users who should receive monitoring alerts -GrantGraphPermissionToScanIdentity:$true
-GrantGraphPermissionToInternalIdentity:$true -SetupAzModules
-AzureEnvironmentName AzureCloud -EnableAutoUpdates
-EnableAzTSUI `
-Verbose
note:tennat and subid has been removed from the post
from azts-docs.
Aboli-msft
commented on August 25, 2024
Hi @DevanshuSyk , seems "`" at end of each of the parameters is missing. Could you please add these and try again as below?
$DeploymentResult = Install-AzSKTenantSecuritySolutionConsolidated -ScanningIdentityHostSubId "" `
-ScanningIdentityHostRGName 'AZTS' `
-ScanningIdentityName 'AZTS' `
-SubscriptionId ' ' `
-ScanHostRGName 'AZTS' `
-Location 'eastus2' `
-SubscriptionsToScan @("") `
-SREEmailIds @('') `
-GrantGraphPermissionToScanIdentity:$true `
-GrantGraphPermissionToInternalIdentity:$true `
-SetupAzModules `
-AzureEnvironmentName AzureCloud `
-EnableAutoUpdates `
-EnableAzTSUI `
-Verbosefrom azts-docs.
DevanshuSyk
commented on August 25, 2024
Hello i am not sure what you mean by parameter missing ?
Are you referring to ScanningIdentityHostSubId or SubscriptionsToScan ? The sub id has been removed from post on purpose
Thankx for the help
from azts-docs.
Aboli-msft
commented on August 25, 2024
Hi @DevanshuSyk , please check updated previous comment
from azts-docs.
DevanshuSyk
commented on August 25, 2024
Ah tyvm .Let me try again
from azts-docs.
DevanshuSyk
commented on August 25, 2024
Same error
Template deployment returned following errors: [10:08:12 AM - The deployment 'AzTSenvironmentsetup-20240604T100650' failed with error(s). Showing 3 out of 9 error(s).
Status Message: The Resource 'Microsoft.Web/sites/AzSK-AzTS-WebApi-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix (Code:ResourceNotFound)
Status Message: The Resource 'Microsoft.Web/sites/AzSK-AzTS-WebApi-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix (Code:ResourceNotFound)
Status Message: The Resource 'Microsoft.Web/sites/AzSK-AzTS-AutoUpdater-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix (Code:ResourceNotFound)
CorrelationId: 1b70944a-68a4-4a4e-831f-8ebf1a43312a].
from azts-docs.
TarunKrShukla
commented on August 25, 2024
Hi @DevanshuSyk ,
Thanks for sharing details, here it's showing only 3 errors out of 9. Can you please check apart from 'this resource not found' error is there any other error.
To see all errors, Go to Azure Portal --> Resource Group --> Deployments --> Check latest AzTS deployment details.
This information is needed to understand why required resource are not getting created.
from azts-docs.
DevanshuSyk
commented on August 25, 2024
hanxk for reply .Here you go .
{
"code": "DeploymentFailed",
"target": "/subscriptions//resourceGroups/AZTS/providers/Microsoft.Resources/deployments/AzTSenvironmentsetup-20240604T100650",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.",
"details": [
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-WebApi-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-WebApi-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-AutoUpdater-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-AutoUpdater-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-UI-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-UI-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-UI-31af7/slots/Staging-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Web/sites/AzSK-AzTS-UI-31af7/slots/Staging-31af7' under resource group 'AZTS' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
},
{
"code": "RoleAssignmentUpdateNotPermitted",
"message": "Tenant ID, application ID, principal ID, and scope are not allowed to be updated."
}
]
}
from azts-docs.
TarunKrShukla
commented on August 25, 2024
This 'RoleAssignmentUpdateNotPermitted' error could occur, if try to run installation command multiple time in same RG, because conflicts occurs due to previous role assignments. If this is the case, please try following,
-
If you can create new Resource group, then please try installation command with new Resource group name. And once setup is completed, clean up old Resource group.
-
If you can't try with new Resource group, then we need to clean up old role assignments,
- Navigate to access management of the resource group (AzTS) where you want to deploy the AzTS instance.
- Find out previous role assignments for managed identity (name will follow this pattern "AzSK-AzTS-InternalMI-XXXXX").
- Delete the identified role assignments and re-run installation command.
from azts-docs.
pranchalsomani
commented on August 25, 2024
Closing this issue as there has been no activity for couple of days. Please feel free to reopen if you have any further questions or comments.
from azts-docs.
Related Issues (20)
- Initial set up
- MMA Removal Utility issue HOT 22
- AzTS dashboard is not loading HOT 2
- Source code for the MMA Removal tool function app HOT 4
- Typo in the function "Update-AzTSMMARemovalUtilityDiscoveryTrigger" in MMARemovalUtilitySetup.ps1 HOT 2
- Cannot reach aztssup contact email HOT 1
- Cannot reach azsksup contact email HOT 2
- Latest/Stable WebAPI package not available HOT 2
- AzTs Dashboard is not loading since the evening HOT 2
- Impact to API Management controls due to ARM API retirements HOT 1
- Deployment issue on 22nd May, 2024 HOT 1
- I can see some subscriptions but not all HOT 3
- Enforcement Page Not Available HOT 2
- Cannot Access HOT 3
- Remediation package link is unavailable. HOT 1
- Deprecated Account Remediation Script uses deprecated Security Assessment HOT 4
- Failed check for "NSG must be configured for Virtual Machine" caused by "OffByPolicy" HOT 2
- Exception required for "Required guest configuration extension is missing in VM" check with Azure Confidential VM HOT 2
- Cannot view compliance in AzTS after activating PIM permission
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azts-docs.