question

AshishJ avatar image
0 Votes"
AshishJ asked AshishJ action

Can not create azure batch pool in virtual network or

I am getting an error while creating an azure batch pool, I have created a batch account without public address, in a vnet, also created and disabled the private link, private-connectivity when I execute az CLI

az batch account login -g myRg --name myPool --shared-key-auth

az batch pool create --id myPoo-windows --os-family 4 --target-dedicated 2 --vm-size small

to crate batch pool it throws an Authorization error This request is not authorized to perform this operation

Am not sure at this stage, even though I have had my RBAC as a contributor on the resource any help is much appreciated


azure-batch
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

whoward-msft avatar image
0 Votes"
whoward-msft answered zfengms-4448 commented

Hi @AshishJ,

In the commands your providing your using shared-key auth, if you intend to use Azure AD and RBAC don't use the --shared-key-auth param.


If you must use shared-key-auth please please verify that your shared key is valid and debug and troubleshoot the login cmdlet:

az batch account login -g myRg --name myPool --shared-key-auth --show --debug.

Once you can see the debug logs you can validate your key is correct.



I would recommend using RBAC and just not use the --shared-key-auth param.

· 4
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AshishJ avatar image AshishJ ·

Hii @WinstonHoward-MSFT

Thank you for your reply, the debug cmd gives lot of information including python adal, am a bit confused here and don't want to take any chances with my limited knowledge, do you want me to share the entire o/p

Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f5300c7de18>]

az_command_data_logger : exit code: 0
Command ran in 1.761 seconds (init: 0.100, invoke: 1.661)
telemetry.save : Save telemetry record of length 2984 in cache
telemetry.check : Returns Positive.
telemetry.main : Begin creating telemetry upload process.
telemetry.process : Creating upload process: "/opt/az/bin/python3 /opt/az/lib/python3.6/site-packages/azure/cli/telemetry/ init.py /home/ashish/.azure"
telemetry.process : Return from creating process
telemetry.main : Finish creating telemetry upload process.


0 Votes 0 ·
whoward-msft avatar image whoward-msft AshishJ ·

@AshishJ,

Did you try to login with AD? Such as:

az batch account login -g myRg --name myPool

az batch pool create --id myPoo-windows --os-family 4 --target-dedicated 2 --vm-size small


Lets try to log in without the token before debugging.

0 Votes 0 ·
AshishJ avatar image AshishJ whoward-msft ·

@WinstonHoward-MSFT My extreme apologies, i could not reply due to holidays,

0 Votes 0 ·
AshishJ avatar image AshishJ whoward-msft ·

@WinstonHoward-MSFT As I said I had enabled Private end point hence I can not access this, not sure how to do i create the pool?
47288-batch-pool-login.png


0 Votes 0 ·
batch-pool-login.png (8.4 KiB)