I have developed a Managed application with several components. Now when i deploy the app from the service catalog all components are deployed successfully except the Azure Monitor deploy. It gets suck on a 403 and ends with a bad gateway code.
When i deploy it as a NON managed app all the components are successfully deployed without any errors. So i know the templates are correct.
When i remove the failing azure alert and add a new metric alert using provider 'Microsoft.Insights/metricAlert' to the managed app the deploy works successfully.
So I suspect the provider 'Microsoft.Insights/scheduledQueryRules' is not managed app enabled. (?)
Anyone a idea ?
This is the template i use:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Name of the alert"
}
},
"query": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The log query to execute"
}
},
"threshold": {
"type": "int",
"metadata": {
"description": "The log query threshold"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The Alert description"
}
},
"alertSeverity": {
"type": "string",
"defaultValue": "4",
"metadata": {
"description": "The Alert Severity 4 is the highest"
}
},
"alertThresholdOperator": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": ""
}
},
"sourceId": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Resource ID of the Log Analytics workspace."
}
},
"location": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Location for the alert. Must be the same location as the workspace."
}
},
"actionGroupId": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The ID of the action group that is triggered when the alert is activated."
}
}
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"name": "[parameters('alertName')]",
"apiVersion": "2018-04-16",
"location": "[parameters('location')]",
"properties": {
"description": "",
"enabled": "true",
"source": {
"query": "[parameters('query')]",
"dataSourceId": "[parameters('sourceId')]",
"queryType": "ResultCount"
},
"schedule": {
"frequencyInMinutes": 5,
"timeWindowInMinutes": 5
},
"action": {
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
"severity": "[parameters('alertSeverity')]",
"aznsAction": {
"actionGroup": "[array(parameters('actionGroupId'))]",
"emailSubject": "Alert mail"
},
"trigger": {
"thresholdOperator": "[parameters('alertThresholdOperator')]",
"threshold": "[parameters('threshold')]",
"metricTrigger": {
"thresholdOperator": "GreaterThan",
"threshold": 0,
"metricTriggerType": "Consecutive",
"metricColumn": "Computer,CounterName,InstanceName"
}
}
}
}
}
]
}
part of the errorcode:
....
"properties": {
"statusCode": "BadGateway",
"serviceRequestId": null,
"statusMessage": "{\"error\":{\"code\":\"The remote server returned an error: (403) Forbidden.\",\"message\":{\"lang\":\"en-US\",\"value\":\"The remote server returned an error: (403) Forbidden.\"}}}",
"eventCategory": "Administrative",
"entity": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/mngapp-webapp-01032021094311/providers/Microsoft.Insights/scheduledQueryRules/morethan2requestpersecdetected",
"message": "Microsoft.Insights/scheduledQueryRules/write",
"hierarchy": "a06c42dd-f12b-4f1e-a454-0e7236d84790"
},
....
Thanks, Michel
