This is the snippets of the logs that show the detailed Azure Policy JSON file and its response.
Code: Select all
[15.02.2024 19:45:03.761] <01> Info (3) [AzureRmAPI] Request: https://management.azure.com/subscriptions/GUID/resourceGroups/RG-NAME/providers/Microsoft.Compute/virtualmachines/Az-VM-NAME?api-version=2018-06-01
[15.02.2024 19:45:03.995] <01> Error (3) Failed to perform http request
[15.02.2024 19:45:03.995] <01> Error (3) The remote server returned an error: (403) Forbidden. (System.Net.WebException)
[15.02.2024 19:45:03.995] <01> Error (3) at System.Net.HttpWebRequest.GetResponse()
[15.02.2024 19:45:03.995] <01> Error (3) at Veeam.Backup.AzureAPI.CAzureRMAPI.DoWebRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:03.995] <01> Error (3) at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:03.995] <01> Info (3) Error response: {
"error": {
"code": "RequestDisallowedByPolicy",
"target": "Az-VM-NAME",
"message": "Resource 'Az-VM-NAME' was disallowed by policy. Reasons: 'You are deploying a VM size not approved the IT Team. please modify the size of the VM and redeploy. Contact IT Support if you need help.'. See error details for policy resource IDs.",
"additionalInfo": [
{
"type": "PolicyViolation",
"info": {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Compute/virtualmachines",
"targetValue": "Microsoft.Compute/virtualMachines",
"operator": "Equals"
},
{
"result": "False",
"expressionKind": "Field",
"expression": "Microsoft.Compute/virtualMachines/sku.name",
"path": "properties.hardwareProfile.vmSize",
"expressionValue": "Standard_B8ls_v2",
"targetValue": [
"basic_a0",
"basic_a1",
"basic_a2"
],
"operator": "In"
}
],
"reason": "Not approved by the IT team. please modify the size of the VM and redeploy. Contact IT Support if you need help."
},
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/POLICY-GUID",
"policyDefinitionName": "POLICY-GUID",
"policyDefinitionDisplayName": "Allowed virtual machine size SKUs",
"policyDefinitionEffect": "Deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/Root-Management-Group/providers/Microsoft.Authorization/policyAssignments/POLICY-GUID",
"policyAssignmentName": "POLICY-GUID",
"policyAssignmentDisplayName": "Specific virtual machine SKU sizes",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/Root-Management-Group",
"policyAssignmentParameters": {
"listOfAllowedSKUs": [
"basic_a0",
"basic_a1",
"basic_a2"
]
},
"policyExemptionIds": []
}
}
]
}
}
[15.02.2024 19:45:04.011] <01> Error (3) Failed to deploy vm
[15.02.2024 19:45:04.011] <01> Error (3) Insufficient Azure API permissions (Veeam.Backup.AzureAPI.CAzureWebException)
[15.02.2024 19:45:04.011] <01> Error (3) at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:04.011] <01> Error (3) at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestMethod, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody, Int32 retryCount)
[15.02.2024 19:45:04.011] <01> Error (3) at Veeam.Backup.AzureAPI.CAzureVmRmInvoker.CreateOrUpdate(String resourceGroup, CAzureRmVmInfo vmInfo)
[15.02.2024 19:45:04.011] <01> Error (3) at Veeam.Backup.Core.CAzureRmVmDeployer.DeployVm(CAzureVmSpec vmSpec, EAzureHvGenerationType generation, IAzureRestoreDisk systemDisk, IAzureRestoreDisk[] dataDisks, EGuestOsKind osKind, EAzureDiskManagementType diskManagementType, CAzureVmOriginalContext context, ISessionLogger logger)
[15.02.2024 19:45:04.011] <01> Info (3) [AzureRmInvoker] Deleting network interface
If this error can be avoided at the beginning of the restoration process / validated before, it is very helpful.
Thank you.