yungezz
commented
11 months ago hi @rhuanbarreto, thanks for the feedback. we're looking at supporting it.
Open rhuanbarreto opened 11 months ago
yungezz
commented
11 months ago hi @rhuanbarreto, thanks for the feedback. we're looking at supporting it.
rhuanbarreto
commented
2 weeks ago Hi! Sorry to ping here. Did you get the chance to look into it? @anthonychu
yungezz
commented
2 weeks ago ServiceConnector backend support is there. Missing piece is Portal integration at ACA Job Portal.
rhuanbarreto
commented
2 weeks ago So can I try this already with Azure ARM? I can run some pulumi deployments and check.
yungezz
commented
2 weeks ago yes, rest API or ARM template should work now.
rhuanbarreto
commented
2 weeks ago @yungezz my deployment failed (403) due to lack of RBAC:
Code="UnauthorizedResourceAccess" Message="Execution failed. The client '856f7420-2d07-4a6d-b7df-c5d853c27253' with object id '856f7420-2d07-4a6d-b7df-c5d853c27253' does not have authorization to perform action 'Microsoft.App/jobs/read' over scope '/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.App/jobs/REDACTED' or the scope is invalid. If access was recently granted, please refresh your credentials.\nStatus: 403 (Forbidden)\nErrorCode: AuthorizationFailed\n\nContent:\n{\"error\":{\"code\":\"AuthorizationFailed\",\"message\":\"The client '856f7420-2d07-4a6d-b7df-c5d853c27253' with object id '856f7420-2d07-4a6d-b7df-c5d853c27253' does not have authorization to perform action 'Microsoft.App/jobs/read' over scope '/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.App/jobs/REDACTED' or the scope is invalid. If access was recently granted, please refresh your credentials.\"}}\n\nHeaders:\nCache-Control: no-cache\nPragma: no-cache\nx-ms-failure-cause: REDACTED\nx-ms-request-id: 2ee3cd2a-919d-4577-be59-e31ccdb176c0\nx-ms-correlation-request-id: REDACTED\nx-ms-routing-request-id: REDACTED\nStrict-Transport-Security: REDACTED\nX-Content-Type-Options: REDACTED\nX-Cache: REDACTED\nX-MSEdge-Ref: REDACTED\nDate: Tue, 05 Nov 2024 15:36:33 GMT\nContent-Length: 469\nContent-Type: application/json; charset=utf-8\nExpires: -1\n"I discovered that 856f7420-2d07-4a6d-b7df-c5d853c27253 is the object id for azure service connector:
I already use linkers for apps. So probably something is missing on the backend side. Can you check?
yungezz
commented
2 weeks ago hi @brycechen1849 , could you pls look at the error and check if our 1st party app got necessary permissions actually?
brycechen1849
commented
2 weeks ago I'm looking into the issue
rhuanbarreto
commented
2 weeks ago Thanks! Ping me when it's fixed so I can retry.
Is your feature request related to a problem? Please describe.
Container Apps have access to Service Connector. But Jobs don't
Describe the solution you'd like.
I want to be able to use Service Connector in Jobs.
Describe alternatives you've considered.
Today I need to apply all configurations manually.
Additional context.
I use Pulumi for deploying those resources.