I have this template below where I am creating role assignments through a PowerShell script which I have some Write-Host
in it. How can I see the output or stdout
/stderr
?
Template:
@description('Add role assignments to any resource using a PowerShell script.')
resource addRoleAssignments 'Microsoft.Resources/deploymentScripts@2023-08-01' = {
// Disable the rule because the resource name is dynamic and cannot be stable, check docks at https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-script-template#run-script-more-than-once
#disable-next-line use-stable-resource-identifiers
name: 'AddRoleAssignments'
location: resourceGroup().location
kind: 'AzurePowerShell'
properties: {
azPowerShellVersion: '13.2'
environmentVariables: []
scriptContent: loadTextContent('AddRoleAssignments.ps1')
arguments: '-SubscriptionId ${subscriptionId} -ResourceGroup ${resourceGroupName} -RoleAssignmentsBase64 "${allRoleAssignmentsEncoded}"'
cleanupPreference: 'OnSuccess'
retentionInterval: 'P1D'
// Deployment scripts are idempotent, so we can use utcnow on Tag to force an update
forceUpdateTag: 'Run-${timestamp}'
}
}
@description('Output all role assignments.')
output allRoleAssignments array = allRoleAssignments
@description('Output the number of successful role assignments.')
output successCount int = addRoleAssignments.properties.outputs.success
@description('Output the number of failed role assignments.')
output failsCount int = addRoleAssignments.properties.outputs.fails
@description('Output the number of skipped role assignments.')
output skippingCount int = addRoleAssignments.properties.outputs.skipping
If I use Logs from deployment-script-azcli-inputs-outputs example:
@description('Logs from the deployment script.')
resource logs 'Microsoft.Resources/deploymentScripts/logs@2023-08-01' existing = {
parent: addRoleAssignments
name: 'default'
}
@description('The logs written by the script')
output logs array = split(logs.properties.log, '\n')
I get this error:
{"status":"Failed","error":{"code":"DeploymentFailed","target":"/subscriptions/1111-11111-1111-1111-111/resourceGroups/wcx-us-gmath/providers/Microsoft.Resources/deployments/roleAssignments.deploymentTemplate","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"ResourceDeploymentFailure","target":"/subscriptions/17581539-6d93-45c3-87f5-d49bc0553c4b/resourceGroups/wcx-us-gmath/providers/Microsoft.Resources/deploymentScripts/AddRoleAssignments","message":"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'failed'.","details":[{"code":"DeploymentScriptOperationFailed","message":"Encountered an internal server error. The tracking activity id is '054a7492-0e0f-4886-bf9b-4e9c90713d46', correlation id is 'bbbf4437-7478-40a9-94c8-d35c78441e62'."}]}]}}
I cannot see nothing here in Logs:
Part of Powershell code:
param (
[string]$SubscriptionId,
[string]$ResourceGroup,
[string]$RoleAssignmentsJson
)
# Convert JSON string to PowerShell object
try {
$decodedJson = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($RoleAssignmentsBase64))
$roleAssignments = $decodedJson | ConvertFrom-Json -ErrorAction Stop
Write-Host "📄 Decoded and parsed $($roleAssignments.Count) role assignments from JSON input."
} catch {
Write-Error "❌ Failed to parse role assignments JSON input. Error: $_"
exit 1
}
# Count to be used for logging
$successCount = 0
$failCount = 0
$skippingCount = 0
foreach ($assignment in $roleAssignments) {
$assigneeName = $assignment.assigneeName
$resourceName = $assignment.resourceName.ToLower()
$provider = $assignment.provider.ToLower()
$roles = $assignment.roles
...
}
Write-Host "📊 Role assignments completed. Success: $successCount, Failed: $failCount"
$DeploymentScriptOutputs = @{}
$DeploymentScriptOutputs['success'] = $successCount
$DeploymentScriptOutputs['fails'] = $failCount
$DeploymentScriptOutputs['skipping'] = $skippingCount
Deployment scripts (see documentation) run on Azure Container Instances.
I imagine using icons (i.e.: ❌, 📊) in the logs would cause some issues as it can probably only handle plain text.