Azure Automation - Source Control - PAT - Powershell

JonasD 20 Reputation points
2023-03-20T10:28:03.7366667+00:00

I have created an azure automation account and wish to setup a source control connection with github using a PAT.

The PAT has been created with the correct permissions but when I try to run the powershell command I get the following error

New-AzAutomationSourceControl : Resource 'datacenterAzureAutomation' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"Deny Disallowed Locations","id":"/providers/Microsoft.Management/managementGroups/xxx/providers/Microsoft.Authorization/policyAssignments/Deny Locations Assign"},"policyDefinition":{"name":"Deny Disallowed Locations","id":"/providers/Microsoft.Management/managementgroups/xxx/providers/Microsoft.Authorization/policyDefinitions/Deny Disallowed Locations"}},{"policyAssignment":{"name":"Whitelist Azure Regions","id":"/providers/Microsoft.Management/managementGroups/xxx/providers/Microsoft.Authorization/policyAssignments/whitelist_regions"},"policyDefinition":{"name":"Whitelist Azure Regions","id":"/providers/Microsoft.Management/managementGroups/xxx/prov iders/Microsoft.Authorization/policyDefinitions/whitelist_regions"}}]'.

However when I try to add the sourcecontrol using the UI it works (but no option to authenticate by using the PAT).

The automation account has been created in the correct location and there is no location parameter for the sourcecontrol connection so I am confused why I am getting this error.

The cmdlet I am running:

New-AzAutomationSourceControl -ResourceGroupName "
Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,111 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,035 questions
Accepted answer
  1. Limitless Technology 43,926 Reputation points
    2023-03-21T15:31:28.55+00:00

    Hello there,

    A policy assignment enables enforcement of a built-in policy definition that prevents public IPs on network interfaces.

    You can use the name of a policy assignment or policy definition to get more details about a policy that caused the error. The example commands use placeholders for input.

    This article describes the cause of the RequestDisallowedByPolicy error and provides a solution for the error.

    https://learn.microsoft.com/en-us/azure/azure-resource-manager/troubleshooting/error-policy-requestdisallowedbypolicy?tabs=azure-cli

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer--

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest