[ansible-project] How to use existing network in a different RG in Azure with ansible

Fri, 27 Jan 2023 12:46:15 -0800 


My goal here is to create a VM in Azure with Ansible 

 - name: Create a VM 

      azure.azcollection.azure_rm_virtualmachine:

        resource_group: RG-Bill

        name: testvm002

        vm_size: Standard_DS1_v2

        admin_username: centos

        ssh_public_keys:

          - path: /home/centos/.ssh/authorized_keys

            key_data:  blah blah

        virtual_network_resource_group: RG-Net

        virtual_network_name: VNET1

       subnet_name: SUBNET_VNET1

        public_ip_allocation: Disabled  

        image:

          offer: CentOS

          publisher: OpenLogic

          sku: "7.5"

          version: latest

 

 

 

What happens here is the PB throws the error:

"Error creating default security rule testvm00201 - (AuthorizationFailed) 
The client 'xxxxxxxxxxx' with object id 'xxxxxxxxxxxxxxxxxxxxx' does not 
have authorization to perform action 
'Microsoft.Network/networkSecurityGroups/write' over scope 
'/subscriptions/xxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201'
 
or the scope is invalid. If access was recently granted, please refresh 
your credentials.\nCode: AuthorizationFailed\nMessage: The client 
'xxxxxxxxxxxxxxxxxxx' with object id 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxx' does 
not have authorization to perform action 
'Microsoft.Network/networkSecurityGroups/write' over scope 
'/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201'
 
or the scope is invalid. If access was recently granted, please refresh 
your credentials.",

 

I think I know what the problem is; to me it looks like it is trying to 
create a NSG and I do not have privs for that, so the way to resolve this 
is tell my PB to use a network that is already setup, but the network that 
is already setup is in a different resource group (RG-Net) and my VM is 
being build in RG-Bill so my question is how to I tell it to use my 
existing network (VNET1) and subnet (SUBNET_VNET1) that is in the resource 
group RG_Net?

 

I looked up and thought I could set it via:

 

        virtual_network_resource_group: RG-Net

        virtual_network_name: VNET1

 

 

But as you can see it threw the error yet again, really am stuck here, what 
do you think?

 Thanks in Advance


Bill

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/122dc5f5-d02e-4c31-8201-b552b91d2bd1n%40googlegroups.com.

Reply via email to