markcowl
commented
4 years ago @Manbearpiet If you set $DebugPreference='Continue' the above cmdlet returns no debug traces?
Closed Manbearpiet closed 3 years ago
markcowl
commented
4 years ago @Manbearpiet If you set $DebugPreference='Continue' the above cmdlet returns no debug traces?
Manbearpiet
commented
4 years ago Oh sorry PSA autocompleted it, but didn't finish it :) @markcowl It's there now
ghost
commented
4 years ago Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @jaspkaur28.
dingmeng-xue
commented
4 years ago Automation team, please help to look into it. The information of debug is posted.
jaspkaur28
commented
4 years ago @msvijayn for getting it triaged.
msvijayn
commented
3 years ago @Manbearpiet - Debug variable/flag is an attribute of Azure powershell, which provides debugging details from Azure powershell of the internals steps done by the cmdlet. More info here: https://docs.microsoft.com/powershell/module/microsoft.powershell.core/about/about_preference_variables?#debugpreference.
It is not a flag or variable pushed or available for Azure REST API - in this case for Software Update Configurations.
Hence the o/p is correct. When using $DebugPreference='Continue' a variable for Azure powershell - you should see debugging info from powershell for any cmdlet used - detailing what processing cmdlet does. It doesn't entail debugging information from the Azure REST API calls, which ultimately the Azure PS cmdlet internally calls/abstracts.
Manbearpiet
commented
3 years ago Why is this closed @msvijayn , I still have no information regarding
Get-AzAutomationSoftwareUpdateConfiguration -ResourceGroupName eresgee -AutomationAccountName aaccount -AzureVMResourceId "subscriptions/08ccea82-85e1-4a3e-b0a6-zzzzzzzzzz/resourceGroups/YUFYFYUF_GROUP/providers/Microsoft.Compute/virtualMachines/ghjgjh"@Manbearpiet - see my answer by which I have closed your issue. Have re-opened it now, if you have any further questions.
As stated in the answer, see the links on the functioning of the $DebugPreference from Azure Powershell. It is for providing details of cmdlet execution and not debugging information from Azure.
Manbearpiet
commented
3 years ago Yes, I understand @mattetti thanks for your reply. However my issue is not regarding the built-in DebugPreference, but with the Get-AzAutomationSoftwareUpdateConfiguration -AzureVMResourceId.
This cmdlet with this parameter is not outputting anything.
msvijayn
commented
3 years ago Hi, the command works for me.
Note that Get-AzAutomationSoftwareUpdateConfiguration -AzureVMResourceId will filter and show SUC resources which were created with explicit values in 'AzureVMResourceId' field (i.e.) during creation via New-AzAutomationSoftwareUpdateConfiguration you specified scope using 'AzureVMResourceId' variable and not 'AzureQuery' property.
If you had created SUC with 'AzureVMResourceId' variable and Get-AzAutomationSoftwareUpdateConfiguration -AzureVMResourceId isn't working. Then it would be a bug or issue which would need investigation - possibly unique to you and some other select set of users; as we are not seeing the stated issue on our subscriptions. Suggest creating a support ticket on Azure, to help us investigate the bug report. As the team can get access to at your subscription & configuration details for investigation - only after you approve during the support process.
msvijayn
commented
3 years ago @Manbearpiet - please see my response posted yesterday. If it answers your query, kindly close the issue or we can do it for you if you can confirm the same.
Manbearpiet
commented
3 years ago I understand @msvijayn, that was not the usecase I tested. This refers to the Virtual Machine binding with the Update Management functionality of a Automation Account. Which is shown in https://docs.microsoft.com/en-us/azure/automation/update-management/deploy-updates#schedule-an-update-deployment bullit 6, "Pick Machines".
Most MSP's don't manually add the machines that way, but use the Azure Query functionality (Dynamic Groups) to define the Update Configuration scope. So in that case there is no issue, but it would be handy to mention this in the documentation of the cmdlet? This to prevent creation of similar issues :). i.e. "Dynamic Groups not supported" or a mention "only works when binded as a Machine to the Update Management functionality of the Automation Account."
Thanks for your effort anyway 👍
msvijayn
commented
3 years ago Thanks, @Manbearpiet - I am closing the issue based on your response.
I understand the predicament caused when you're using Dynamic Groups. In short - since the scope is dynamic, it can only be known if provided VM is part of one or more SUC - if we execute all of their dynamic queries, combine their results and filter for provided VM. First and foremost, this can be a very costly operation as some dynamic queries may span hundreds of machines. Second, at Azure we have strict norms around security & privacy - due to which subsystems like Automation can not (and should not) willy-nilly fetch customer data from other subsystems in Azure like your VM details from Compute. And are only allowed to access such information strictly on a must-need basis like when we have to execute the SUC and need to know the machines to do it for. This ensures that in any worst-case occurrence, your data is isolated and not scattered - reduce chances of an issue in one Azure service having impact on another.
I take your suggest of updating the documentation/content for the cmdlet. I guess we are culpable here, as technical folks at Azure - we think everyone understands our lingo and that having distinct variables called 'AzureVMResourceId' & 'AzureQuery', communicates the difference in function.
Manbearpiet
commented
3 years ago I can agree to the cost aspect, however it's odd that functionality is provided for https://docs.microsoft.com/en-us/powershell/module/az.automation/get-azautomationsoftwareupdateconfiguration?view=azps-5.2.0 Get-AzAutomationSoftwareUpdateConfiguration-AzureVMResourceId, which could contain hundreds of machines also. The option is provided for New configurations with -AzureVMResourceId provided , but not the retrieval of current SUC's with Dynamic Groups.
Description
I LOVE the fact that you added this parameter, we really want to index what updateconfigurations a VM uses. However the code returns nothing when fed with a resource-id of a VM. The VM is visible when previewing the updategroups in the schedule. Also it matches by PropertyName but VM's have a different propertyname (Name). Also there's no example with this switch, so how are we supposed to use this?
Steps to reproduce
Environment data
Module versions
Debug output
Error output