In Azureml studio i go into service connection and try to test the connection using Microsoft Entra but getting " Required metadata property ContainerName is missing."
however when i go into azure portal and go into storage account to see files in container the Microsoft Entra auth works.
Not sure why this is. is it a bug within azure machine learning studio?
i setup resources using bicep templates below i have attached bicep templates. To me this all looks correct but maybe am missing something
#disable-next-line no-unused-params
param busUnit string
#disable-next-line no-unused-params
param costCode string
#disable-next-line no-unused-params
param reg string
param env string
param project string
param appTags object
param keyVaultId string
param loc string
var addAppTags = {
}
var appTagsComb = union(appTags, addAppTags)
var envConfigMap = {
sbx: {
secGrpId: 'mysbxid'
}
dev: {
secGrpId: 'mydevid'
}
ppd: {
secGrpId: 'myppdid'
}
prd: {
secGrpId: 'myprdid'
}
}
resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = {
name: 'log-${project}-${env}'
location: loc
properties: {
sku: {
name: 'PerGB2018'
}
retentionInDays: 90
workspaceCapping: {
dailyQuotaGb: 1
}
}
}
resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
name: 'appi-${project}-${env}'
location: loc
kind: 'web'
properties: {
Application_Type: 'web'
WorkspaceResourceId: logAnalyticsWorkspace.id
}
tags: appTagsComb
}
output MlIdentity string = machineLearning.identity.principalId
resource containerRegistry 'Microsoft.ContainerRegistry/registries@2023-07-01' = {
#disable-next-line BCP334
name: 'cr${project}${env}'
location: loc
tags: appTagsComb
sku: {
name: 'Basic'
}
properties: {
adminUserEnabled: true
}
}
resource storage 'Microsoft.Storage/storageAccounts@2023-04-01' = {
#disable-next-line BCP334
name: 'st${project}${env}'
location: loc
sku: {
name: 'Standard_LRS'
}
kind: 'StorageV2'
properties: {
allowBlobPublicAccess: false
supportsHttpsTrafficOnly: true
minimumTlsVersion: 'TLS1_2'
isHnsEnabled: false
encryption: {
services: {
file: {
keyType: 'Account'
enabled: true
}
blob: {
keyType: 'Account'
enabled: true
}
}
keySource: 'Microsoft.Storage'
}
accessTier: 'Hot'
}
tags: appTags
}
resource blobServices 'Microsoft.Storage/storageAccounts/blobServices@2023-04-01' = {
parent: storage
name: 'default'
properties: {
cors: {
corsRules: []
}
deleteRetentionPolicy: {
enabled: true
days: 7
}
}
}
resource containers 'Microsoft.Storage/storageAccounts/blobServices/containers@2021-06-01' = {
parent: blobServices
#disable-next-line BCP334
name: 'bc${project}${env}'
properties: {
publicAccess: 'None'
}
}
resource machineLearning 'Microsoft.MachineLearningServices/workspaces@2024-04-01' = {
name: 'mlw-${project}-${env}'
location: loc
tags: appTagsComb
identity: {
type: 'SystemAssigned'
}
properties: {
applicationInsights: appInsights.id
containerRegistry: containerRegistry.id
keyVault: keyVaultId
storageAccount: storage.id
}
}
resource amlci 'Microsoft.MachineLearningServices/workspaces/computes@2024-04-01' = {
name: 'mlw-${project}-${env}-cluster'
parent: machineLearning
location: loc
identity: {
type: 'SystemAssigned'
}
properties: {
computeType: 'AmlCompute'
properties: {
vmSize: 'Standard_DS3_v2'
subnet: null
osType: 'Linux'
scaleSettings: {
maxNodeCount: 5
minNodeCount: 0
}
}
}
}
resource amlds 'Microsoft.MachineLearningServices/workspaces/datastores@2023-04-01' = {
name: 'mlw${project}${env}datastore'
parent: machineLearning
properties: {
credentials: {
credentialsType: 'None'
}
datastoreType: 'AzureBlob'
accountName: storage.name
containerName: containers.name
endpoint: 'core.windows.net'
protocol: 'https'
serviceDataAccessAuthIdentity: 'WorkspaceSystemAssignedIdentity'
}
}
resource containerGroup 'Microsoft.ContainerInstance/containerGroups@2023-05-01' = {
name: 'ci${project}${env}'
location: loc
properties: {
containers: [
{
name: 'ci${project}${env}'
properties: {
image: 'mcr.microsoft.com/azuredocs/aci-helloworld'
ports: [
{
port: 80
protocol: 'TCP'
}
]
resources: {
requests: {
cpu: 1
memoryInGB: 2
}
}
}
}
]
osType: 'Linux'
restartPolicy: 'Always'
ipAddress: {
type: 'Public'
ports: [
{
port: 80
protocol: 'TCP'
}
]
}
}
}
@description('This is the built-in azureml data scientist role. See https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles')
resource AzureMLDataScientistRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
scope: resourceGroup()
name: 'f6c7c914-8db3-469d-8ca1-694a8f32e121'
}
@description('This is the built-in Storage Blob Data Contributor role. See https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles')
resource StorageBlobDataContributorRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
scope: resourceGroup()
name: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
}
resource AzureMLDataScientistRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(machineLearning.id, AzureMLDataScientistRoleDefinition.id)
properties: {
roleDefinitionId: AzureMLDataScientistRoleDefinition.id
principalId: envConfigMap[env].secGrpId
principalType: 'Group'
}
scope: machineLearning
}
resource StorageBlobDataContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(storage.id, StorageBlobDataContributorRoleDefinition.id)
properties: {
roleDefinitionId: StorageBlobDataContributorRoleDefinition.id
principalId: envConfigMap[env].secGrpId
principalType: 'Group'
}
scope: storage
}
what i have tried adding metadata param to container resource but still getting same error so not sure what it could be.
metadata: {
ContainerName: 'bc${project}${env}'
}