search

serverless / serverless-azure-functions

Serverless Azure Functions Plugin – Add Azure Functions support to the Serverless Framework
MIT License
266 stars 162 forks source link

How to use existing resource group while deploying the Azure Functions #469

Open parag0 opened 4 years ago

parag0 commented 4 years ago

Hi,

I was trying to deploy my Azure function on a App Service which is already created. At the time of deployment sls is trying to create new resource group for which I don't have access.

I have tried to use following gist in serverless.yml

provider:
  stage: dev
  name: azure
  region: East US 2
  runtime: nodejs10.x
  resourceGroup: <ALREADY_CREATED_RESOURCE_GROUP_NAME>
  subscriptionId: <SUBSCRIPTION_ID>

And here is the output of sls deploy

$ sls deploy
Serverless: Removing .serverless directory
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: admin event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: image event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: report event: httpTrigger
Serverless: Parsing Azure Functions Bindings.json...
Serverless: Building binding for function: gaims event: httpTrigger
Serverless: Packaging service...
Serverless: Excluding development dependencies...
Serverless: Logging into Azure
Serverless: Using subscription ID: <SUBSCRIPTION_ID>
Serverless: Creating resource group: <ALREADY_CREATED_RESOURCE_GROUP_NAME>

  Error --------------------------------------------------

  Error: The client '<USER_NAME>' with object id '<OBJECT_ID>' does not have authorization to perform action 
     'Microsoft.Resources/subscriptions/resourcegroups/write' over scope 
    '/subscriptions/SUBSCRIPTION_ID/resourcegroups/ALREADY_CREATED_RESOURCE_GROUP_NAME' or the scope is invalid. 
    If access was recently granted, please refresh your credentials.
      at new RestError (C:\Users\analysis-node\node_modules\@azure\ms-rest-js\lib\restError.ts:18:5)
      at C:\Users\analysis-node\node_modules\@azure\ms-rest-js\lib\policies\deserializationPolicy.ts:117:27
      at process._tickCallback (internal/process/next_tick.js:68:7)

     For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.

  Get Support --------------------------------------------
     Docs:          docs.serverless.com
     Bugs:          github.com/serverless/serverless/issues
     Issues:        forum.serverless.com

  Your Environment Information ---------------------------
     Operating System:          win32
     Node Version:              10.20.1
     Framework Version:         1.71.1
     Plugin Version:            3.6.12
     SDK Version:               2.3.0
     Components Version:        2.30.11

Is there any way to set resource group in serverless cli which can be used while deploying the functions?

Rapol commented 4 years ago

Looking at the error it seems like a permission error. Could you check if you are setting the correct az cli credentials? You can do that either with az account set command or using RBACs.

https://www.serverless.com/framework/docs/providers/azure/guide/credentials/

We have multiple function apps reusing resources (storage account, apims, etc) in the same resource group and it is working for us. You just need to pass the same exact name for the resources and it will reuse them. Example config for that

provider:
  name: azure
  runtime: nodejs10.x
  tenantId: ${self:custom.config.tenantId}
  os: linux
  resourceGroup: ${opt:rg, self:custom.config.resourceGroup}
  region: ${opt:region, 'East US 2'}
  stage: ${opt:stage, 'dev'}
  subscriptionId: ${self:custom.config.subscriptionId}
  type: premium
  appServicePlan:
    name: ${self:custom.config.servicePlanName}
    sku:
      tier: ElasticPremium
      name: EP1
  appInsights:
    name: ${self:custom.config.appInsightsName}
  functionApp:
    name: ${self:custom.config.functionAppName}
  storageAccount:
    name: ${self:custom.config.storageName}
ddudenhefer commented 4 years ago

Thanks. I had the same issue and found this very helpful. I was unable to find this information within the Serverless online documentation. Not sure if I missed it, but is there documentation available for ALL Azure yml properties? This link does not appear to be up to date:

https://www.serverless.com/framework/docs/providers/azure/guide/serverless.yml/

Thanks.

Rapol commented 4 years ago

Yeah the maintainers would need to open a PR to the serverless documentation to update it. They have config documentation here: https://github.com/serverless/serverless-azure-functions/blob/master/docs/CONFIG.md

Also, I find it useful to look at the typescript definition for the config here: https://github.com/serverless/serverless-azure-functions/blob/master/src/models/serverless.ts#L36

ddudenhefer commented 4 years ago

Thank you for sharing and taking the time to respond. I am just starting to dive into this framework and after deploying, some of the initial feedback I received was related to the generated resource names, which my team did not care for. So, this helps a lot!

knarwari commented 3 years ago

Hi @Rapol , here you are using the existing storage account and app insight?

Actually while I am using the existing storage account, getting below error. could you help?

Conflict - { "error": { "code": "StorageAccountAlreadyExists", "message": "The storage account named mdsptestconn already exists under the subscription." } }

tgdn commented 1 year ago

Any update on this?