You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I cant seem to get the attached policy assignment deployed in my tenant. The file is json valid and as far as i can tell correctly defined.
The error i get from the action is like the issue topic says: Error: Table data must not contain control characters.
All other assignments seem to work as expected.
I cannot find any control characters, please let me know if i can do anything to help.
Attached is the policy and assignment file. The policy got deployed fine.
{
"name": "Deploy-Budget",
"type": "Microsoft.Authorization/policyDefinitions",
"properties": {
"policyType": "Custom",
"mode": "All",
"displayName": "Deploy a default budget on all subscriptions under the assigned scope",
"description": "Deploy a default budget on all subscriptions under the assigned scope",
"metadata": {
"version": "1.0.0",
"category": "Budget"
},
"parameters": {
"amount": {
"type": "String",
"defaultValue": "1000",
"metadata": {
"description": "The total amount of cost or usage to track with the budget"
}
},
"timeGrain": {
"type": "String",
"defaultValue": "Monthly",
"allowedValues": [
"Monthly",
"Quarterly",
"Annually",
"BillingMonth",
"BillingQuarter",
"BillingAnnual"
],
"metadata": {
"description": "The time covered by a budget. Tracking of the amount will be reset based on the time grain."
}
},
"firstThreshold": {
"type": "String",
"defaultValue": "90",
"metadata": {
"description": "Threshold value associated with a notification. Notification is sent when the cost exceeded the threshold. It is always percent and has to be between 0 and 1000."
}
},
"secondThreshold": {
"type": "String",
"defaultValue": "100",
"metadata": {
"description": "Threshold value associated with a notification. Notification is sent when the cost exceeded the threshold. It is always percent and has to be between 0 and 1000."
}
},
"contactRoles": {
"type": "Array",
"defaultValue": [
"Owner",
"Contributor"
],
"metadata": {
"description": "The list of contact RBAC roles, in an array, to send the budget notification to when the threshold is exceeded."
}
},
"contactEmails": {
"type": "Array",
"defaultValue": [],
"metadata": {
"description": "The list of email addresses, in an array, to send the budget notification to when the threshold is exceeded."
}
},
"contactGroups": {
"type": "Array",
"defaultValue": [],
"metadata": {
"description": "The list of action groups, in an array, to send the budget notification to when the threshold is exceeded. It accepts array of strings."
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions"
}
]
},
"then": {
"effect": "DeployIfNotExists",
"details": {
"type": "Microsoft.Consumption/budgets",
"deploymentScope": "Subscription",
"existenceScope": "Subscription",
"existenceCondition": {
"allOf": [
{
"field": "Microsoft.Consumption/budgets/amount",
"equals": "[parameters('amount')]"
},
{
"field": "Microsoft.Consumption/budgets/timeGrain",
"equals": "[parameters('timeGrain')]"
},
{
"field": "Microsoft.Consumption/budgets/category",
"equals": "Cost"
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],
"deployment": {
"location": "norwayeast",
"properties": {
"mode": "Incremental",
"parameters": {
"amount": {
"value": "[parameters('amount')]"
},
"timeGrain": {
"value": "[parameters('timeGrain')]"
},
"firstThreshold": {
"value": "[parameters('firstThreshold')]"
},
"secondThreshold": {
"value": "[parameters('secondThreshold')]"
},
"contactEmails": {
"value": "[parameters('contactEmails')]"
},
"contactRoles": {
"value": "[parameters('contactRoles')]"
},
"contactGroups": {
"value": "[parameters('contactGroups')]"
}
},
"template": {
"$schema": "http://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"amount": {
"type": "String"
},
"timeGrain": {
"type": "String"
},
"firstThreshold": {
"type": "String"
},
"secondThreshold": {
"type": "String"
},
"contactEmails": {
"type": "Array"
},
"contactRoles": {
"type": "Array"
},
"contactGroups": {
"type": "Array"
},
"startDate": {
"type": "String",
"defaultValue": "[concat(utcNow('MM'), '/01/', utcNow('yyyy'))]"
}
},
"resources": [
{
"type": "Microsoft.Consumption/budgets",
"apiVersion": "2019-10-01",
"name": "default-sandbox-budget",
"properties": {
"timePeriod": {
"startDate": "[parameters('startDate')]"
},
"timeGrain": "[parameters('timeGrain')]",
"amount": "[parameters('amount')]",
"category": "Cost",
"notifications": {
"NotificationForExceededBudget1": {
"enabled": true,
"operator": "GreaterThan",
"threshold": "[parameters('firstThreshold')]",
"contactEmails": "[parameters('contactEmails')]",
"contactRoles": "[parameters('contactRoles')]",
"contactGroups": "[parameters('contactGroups')]"
},
"NotificationForExceededBudget2": {
"enabled": true,
"operator": "GreaterThan",
"threshold": "[parameters('secondThreshold')]",
"contactEmails": "[parameters('contactEmails')]",
"contactRoles": "[parameters('contactRoles')]",
"contactGroups": "[parameters('contactGroups')]"
}
}
}
}
]
}
}
}
}
}
}
},
"id": "/providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deploy-Budget"
}
Debug output from the Github Action "Create or Update Azure Policies" step.
##[debug]Evaluating condition for step: 'Create or Update Azure Policies'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Create or Update Azure Policies
##[debug]Loading inputs
##[debug]Loading env
Run azure/manage-azure-policy@v0
##[debug]Looking for policy definition paths to include...
##[debug]Policy file pattern: policies/**/policy.json
##[debug] Matching policy paths: policies/allowed_locations/policy.json,policies/append_appservice_httpsonly/policy.json,policies/append_appservice_latesttls/policy.json,policies/deny_appserviceapiapp_http/policy.json,policies/deny_appservicefunctionapp_http/policy.json,policies/deny_appservicewebapp_http/policy.json,policies/deny_publicip/policy.json,policies/deploy_budget/policy.json
##[debug]Looking for policy definition paths to ignore...
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Found the following policy paths that match the given path filters:
##[debug]
##[debug]policies/allowed_locations
##[debug]policies/append_appservice_httpsonly
##[debug]policies/append_appservice_latesttls
##[debug]policies/deny_appserviceapiapp_http
##[debug]policies/deny_appservicefunctionapp_http
##[debug]policies/deny_appservicewebapp_http
##[debug]policies/deny_publicip
##[debug]policies/deploy_budget
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Looking for policy initiative paths to include...
##[debug]Policy file pattern: policies/**/policyset.json
##[debug] Matching policy paths:
##[debug]Looking for policy initiative paths to ignore...
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Found no policy initiatives that match the given path filters.
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Looking for policy assignment paths to include...
##[debug]Assignment pattern: policies/**/assign.*.json
##[debug] Matching assignment paths: policies/allowed_locations/assign.allowed_locations.json,policies/append_appservice_httpsonly/assign.append_appservice_httpsonly_root.json,policies/append_appservice_latesttls/assign.append_appservice_latesttls_root.json,policies/deny_appserviceapiapp_http/assign.deny_appserviceapiapp_http_root.json,policies/deny_appservicefunctionapp_http/assign.deny_appservicefunctionapp_http_root.json,policies/deny_appservicewebapp_http/assign.deny_appservicewebapp_http_root.json,policies/deny_publicip/assign.deny_publicip.json,policies/deploy_budget/assign.deploy_budget_root.json
##[debug]Looking for policy assignment paths to ignore...
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Found the following policy assignment paths that match the given path filters:
##[debug]
##[debug]policies/allowed_locations/assign.allowed_locations.json
##[debug]policies/append_appservice_httpsonly/assign.append_appservice_httpsonly_root.json
##[debug]policies/append_appservice_latesttls/assign.append_appservice_latesttls_root.json
##[debug]policies/deny_appserviceapiapp_http/assign.deny_appserviceapiapp_http_root.json
##[debug]policies/deny_appservicefunctionapp_http/assign.deny_appservicefunctionapp_http_root.json
##[debug]policies/deny_appservicewebapp_http/assign.deny_appservicewebapp_http_root.json
##[debug]policies/deny_publicip/assign.deny_publicip.json
##[debug]policies/deploy_budget/assign.deploy_budget_root.json
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Ignoring policy with BuiltIn type. Id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/e56962a6-4747-49cd-b67b-bf8b01975c4c, path : policies/allowed_locations
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Checking if assignment path 'policies/allowed_locations/assign.allowed_locations.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/allowed_locations/assign.allowed_locations.json' is set to enforce
##[debug]Checking if assignment path 'policies/append_appservice_httpsonly/assign.append_appservice_httpsonly_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/append_appservice_httpsonly/assign.append_appservice_httpsonly_root.json' is set to enforce
##[debug]Checking if assignment path 'policies/append_appservice_latesttls/assign.append_appservice_latesttls_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/append_appservice_latesttls/assign.append_appservice_latesttls_root.json' is set to enforce
##[debug]Checking if assignment path 'policies/deny_appserviceapiapp_http/assign.deny_appserviceapiapp_http_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/deny_appserviceapiapp_http/assign.deny_appserviceapiapp_http_root.json' is set to enforce
##[debug]Checking if assignment path 'policies/deny_appservicefunctionapp_http/assign.deny_appservicefunctionapp_http_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/deny_appservicefunctionapp_http/assign.deny_appservicefunctionapp_http_root.json' is set to enforce
##[debug]Checking if assignment path 'policies/deny_appservicewebapp_http/assign.deny_appservicewebapp_http_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/deny_appservicewebapp_http/assign.deny_appservicewebapp_http_root.json' is set to enforce
##[debug]Checking if assignment path 'policies/deny_publicip/assign.deny_publicip.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/deny_publicip/assign.deny_publicip.json' is set to enforce
##[debug]Checking if assignment path 'policies/deploy_budget/assign.deploy_budget_root.json' is set to do not enforce
##[debug]Checking if assignment path 'policies/deploy_budget/assign.deploy_budget_root.json' is set to enforce
##[debug]"/usr/bin/az" cloud show
##[debug]"/usr/bin/az" account get-access-token --resource=https://management.azure.com
::add-mask::***
##[debug][POST]https://management.azure.com/batch?api-version=2020-09-01
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Status of batch calls:
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Name : 0. Status : 200
##[debug]Name : 1. Status : 200
##[debug]Name : 2. Status : 200
##[debug]Name : 3. Status : 200
##[debug]Name : 4. Status : 200
##[debug]Name : 5. Status : 200
##[debug]Name : 6. Status : 200
##[debug]Name : 7. Status : 200
##[debug]Name : 8. Status : 200
##[debug]Name : 9. Status : 200
##[debug]Name : 10. Status : 200
##[debug]Name : 11. Status : 200
##[debug]Name : 12. Status : 200
##[debug]Name : 13. Status : 200
##[debug]Name : 14. Status : 404
##[debug]----------------------------------------------------------------------------------------------------
##[debug]End
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Append-AppService-httpsonly : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Append-AppService-latestTLS : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deny-AppServiceApiApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deny-AppServiceFunctionApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deny-AppServiceWebApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deny-PublicIP : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyDefinitions/Deploy-Budget : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/GO-Allowed-Locations : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Append-AppServ-httpson : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Append-AppServ-latestT : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Deny-AppSvcAPIApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Deny-AppSvcFuncApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Deny-AppSvcWebApp-http : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Comparing Hash for policy id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/GO-Deny-PublicIP : true
##[debug]----------------------------------------------------------------------------------------------------
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Policy with id : /providers/Microsoft.Management/managementGroups/gitopslab/providers/Microsoft.Authorization/policyAssignments/Deploy-Budget, path : policies/deploy_budget/assign.deploy_budget_root.json does not exist in azure. A new policy will be created.
##[debug]----------------------------------------------------------------------------------------------------
##[debug]"/usr/bin/az" account get-access-token --resource=https://management.azure.com
::add-mask::***
##[debug][POST]https://management.azure.com/batch?api-version=2020-09-01
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Status of batch calls:
##[debug]----------------------------------------------------------------------------------------------------
##[debug]Name : 0. Status : 400
##[debug]----------------------------------------------------------------------------------------------------
##[debug]End
##[debug]----------------------------------------------------------------------------------------------------
##[debug]"/usr/bin/az" account get-access-token --resource=https://management.azure.com
::add-mask::***
##[debug]----------------------------------------------------------------------------------------------------
##[debug]No role assignments needs to be created
##[debug]----------------------------------------------------------------------------------------------------
Error: Table data must not contain control characters.
----------------------------------------------------------------------------------------------------
Error : Error: Table data must not contain control characters.
----------------------------------------------------------------------------------------------------
Error: Found '1' failure(s) while deploying policies.
##[debug]Node Action run completed with exit code 1
##[debug]AZURE_HTTP_USER_AGENT='**'
##[debug]Finishing: Create or Update Azure Policies
The text was updated successfully, but these errors were encountered:
I cant seem to get the attached policy assignment deployed in my tenant. The file is json valid and as far as i can tell correctly defined.
The error i get from the action is like the issue topic says:
Error: Table data must not contain control characters.
All other assignments seem to work as expected.
I cannot find any control characters, please let me know if i can do anything to help.
Attached is the policy and assignment file. The policy got deployed fine.
Policy Assignment
Policy object
Debug output from the Github Action "Create or Update Azure Policies" step.
The text was updated successfully, but these errors were encountered: