[ansible-project] How to use existing network in a different RG in Azure with ansible

Fri, 27 Jan 2023 12:46:15 -0800 


My goal here is to create a VM in Azure with Ansible 

 - name: Create a VM 

      azure.azcollection.azure_rm_virtualmachine:

        resource_group: RG-Bill

        name: testvm002

        vm_size: Standard_DS1_v2

        admin_username: centos

        ssh_public_keys:

          - path: /home/centos/.ssh/authorized_keys

            key_data:  blah blah

        virtual_network_resource_group: RG-Net

        virtual_network_name: VNET1

       subnet_name: SUBNET_VNET1

        public_ip_allocation: Disabled  

        image:

          offer: CentOS

          publisher: OpenLogic

          sku: "7.5"

          version: latest

 

 

 

What happens here is the PB throws the error:

"Error creating default security rule testvm00201 - (AuthorizationFailed) 
The client 'xxxxxxxxxxx' with object id 'xxxxxxxxxxxxxxxxxxxxx' does not 
have authorization to perform action 
'Microsoft.Network/networkSecurityGroups/write' over scope 
'/subscriptions/xxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201'
 
or the scope is invalid. If access was recently granted, please refresh 
your credentials.\nCode: AuthorizationFailed\nMessage: The client 
'xxxxxxxxxxxxxxxxxxx' with object id 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxx' does 
not have authorization to perform action 
'Microsoft.Network/networkSecurityGroups/write' over scope 
'/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201'
 
or the scope is invalid. If access was recently granted, please refresh 
your credentials.",

 

I think I know what the problem is; to me it looks like it is trying to 
create a NSG and I do not have privs for that, so the way to resolve this 
is tell my PB to use a network that is already setup, but the network that 
is already setup is in a different resource group (RG-Net) and my VM is 
being build in RG-Bill so my question is how to I tell it to use my 
existing network (VNET1) and subnet (SUBNET_VNET1) that is in the resource 
group RG_Net?

 

I looked up and thought I could set it via:

 

        virtual_network_resource_group: RG-Net

        virtual_network_name: VNET1

 

 

But as you can see it threw the error yet again, really am stuck here, what 
do you think?

 Thanks in Advance


Bill

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/122dc5f5-d02e-4c31-8201-b552b91d2bd1n%40googlegroups.com.

Reply via email to