Closed johnnycchapman closed 2 years ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @jaspkaur28.
Author: | johnnycchapman |
---|---|
Assignees: | - |
Labels: | `Automation`, `Service Attention`, `question`, `customer-reported`, `needs-triage` |
Milestone: | - |
@johnnycchapman : You need to enable soft delete and purge protection on the key Vault. https://docs.microsoft.com/en-us/azure/automation/automation-secure-asset-encryption#prerequisites-for-using-customer-managed-keys-in-azure-automation
@jaspkaur28, If you see the screenshot below these were already enabled. I also tried reenabling them programmatically and still got the same error.
Does anyone have any other suggestions? I have also tried running an Invoke-RestMethod call to achieve the same thing, but I get a BadRequest error with that as well.
@johnnycchapman Automation PG will get the issue investigated this week. Will keep you posted.
@jaspkaur28 Okay, great. Thank you
@johnnycchapman Automation team has identified it as issue and we've created a work item to fix it in the coming month. I will share an update once the fix is deployed.
@johnnycchapman The issue has been addressed and the fix has been deployed. Could you please retry and check?
I just tried re-running it and when running with the debug flag I still get the same error response below.
Body: { "code": "BadRequest", "message": "'Soft Delete’ and 'Do Not Purge' feature is not enabled on the key vault. To use Azure Automation with customer managed keys, both of these features must be turned on t o allow for recovery of keys in case of accidental deletion. For more details see aka.ms/AACMK" }
Set-AzAutomationAccount : Operation returned an invalid status code 'BadRequest' At line:5 char:1
+ CategoryInfo : CloseError: (:) [Set-AzAutomationAccount], ErrorResponseException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Automation.Cmdlet.SetAzureAutomationAccount
@johnnycchapman Could you please give it another try? The fix was not rolled out in the region you tried 5 days back. The deployment has successfully completed in all the regions today.
I was just able to run it all the way through. Thank you making this fix. I will go ahead an close this issue.
Description
I am getting a BadRequest error when trying to run Set-AzAutomationAccount to add customer managed keys to my automation account. When running with the -debug, I get the response below.
Steps to reproduce
Login to Azure Government and run the command below.
Environment data
Module versions
Debug output
Error output