// cancelDeployment cancels a template deployment. func (env *azureEnviron) cancelDeployment(name string) error { deploymentsClient := resources.DeploymentsClient{env.resources} logger.Debugf("- canceling deployment %q", name) var cancelResult autorest.Response if err := env.callAPI(func() (autorest.Response, error) { var err error cancelResult, err = deploymentsClient.Cancel(env.resourceGroup, name) return cancelResult, err }); err != nil { if cancelResult.Response != nil { switch cancelResult.StatusCode { case http.StatusNotFound: return errors.NewNotFound(err, fmt.Sprintf("deployment %q not found", name)) case http.StatusConflict: if err, ok := errorutils.ServiceError(err); ok { if err.Code == serviceErrorCodeDeploymentCannotBeCancelled { // Deployments can only canceled while they're running. return nil } } } } return errors.Annotatef(err, "canceling deployment %q", name) } return nil }
func createRoleAssignment( authorizationClient authorization.ManagementClient, subscriptionId string, servicePrincipalObjectId string, newUUID func() (utils.UUID, error), ) error { // Find the role definition with the name "Owner". roleScope := path.Join("subscriptions", subscriptionId) roleDefinitionsClient := authorization.RoleDefinitionsClient{authorizationClient} result, err := roleDefinitionsClient.List(roleScope, "roleName eq 'Owner'") if err != nil { return errors.Annotate(err, "listing role definitions") } if result.Value == nil || len(*result.Value) == 0 { return errors.NotFoundf("Owner role definition") } roleDefinitionId := (*result.Value)[0].ID // The UUID value for the role assignment name is unimportant. Azure // will prevent multiple role assignments for the same role definition // and principal pair. roleAssignmentUUID, err := newUUID() if err != nil { return errors.Annotate(err, "generating role assignment ID") } roleAssignmentsClient := authorization.RoleAssignmentsClient{authorizationClient} roleAssignmentName := roleAssignmentUUID.String() if _, err := roleAssignmentsClient.Create(roleScope, roleAssignmentName, authorization.RoleAssignmentCreateParameters{ Properties: &authorization.RoleAssignmentProperties{ RoleDefinitionID: roleDefinitionId, PrincipalID: to.StringPtr(servicePrincipalObjectId), }, }); err != nil { if err, ok := errorutils.ServiceError(err); ok { const serviceErrorCodeRoleAssignmentExists = "RoleAssignmentExists" if err.Code == serviceErrorCodeRoleAssignmentExists { return nil } } return errors.Annotate(err, "creating role assignment") } return nil }
func isMultipleObjectsWithSameKeyValueErr(err error) bool { if err, ok := errorutils.ServiceError(err); ok { return err.Code == "Request_MultipleObjectsWithSameKeyValue" } return false }