unable to create VM

[Akashken]

Describe the bug

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_D2s_v5 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys
The default value of '--size' will be changed to 'Standard_D2s_v5' from 'Standard_DS1_v2' in a future release.
The command failed with an unexpected error. Here is the traceback:
The content for this response was already consumed
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 703, in _run_job
result = cmd_copy(parlicyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d"},"policyDefinition":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Target: my-vm
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Compute/virtualMach
RuntimeError: The content for this response was already consumed

Related command

az vm create

Errors

az
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 7094, in begin_create_or_update
raw_result = self._create_or_update_initial(
^^^^^^^^
"policyEnrollmentIds": []
} (RequestDisallowedByPolicy) Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"", line 897, in content
raise RuntimeError("The content for this response was already consumed")
RuntimeError: The content for this response was already consumed

Issue script & Debug output

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_D2s_v5 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys
The default value of '--size' will be changed to 'Standard_D2s_v5' from 'Standard_DS1_v2' in a future release.
The command failed with an unexpected error. Here is the traceback:
The content for this response was already consumed
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 703, in _run_job
result = cmd_copy(params)
^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 336, in call
return self.handler(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/command_operation.py", line 120, in handler
return op(**command_args)
^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/command_modules/vm/custom.py", line 1171, in create_vm
LongRunningOperation(cmd.cli_ctx)(client.begin_create_or_update(resource_group_name, deployment_name, deployment))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/core/tracing/decorator.py", line 119, in wrapper_use_tracer
return func(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 7094, in begin_create_or_update
raw_result = self._create_or_update_initial(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 6987, in _create_or_update_initial
raise HttpResponseError(response=response, error_format=ARMErrorFormat)
azure.core.exceptions.HttpResponseError: (InvalidTemplateDeployment) The template deployment failed with multiple errors. Please see details for more information.
Code: InvalidTemplateDeployment
Message: The template deployment failed with multiple errors. Please see details for more information.
Exception Details: (RequestDisallowedByPolicy) Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Target: my-vmNSG
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Network/networkSecurityGroups",
"targetValue": "Microsoft.Network/networkSecurityGroups",
"operator": "Equals"
},
{
"result": "True",
"expressionKind": "Count",
"expression": "Microsoft.Network/networkSecurityGroups/securityRules[]",
"path": "properties.securityRules[]",
"expressionValue": 1,
"targetValue": 0,
"operator": "Greater"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionName": "9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa",
"policyAssignmentName": "7c206d4870f040c6b30303fa",
"policyAssignmentDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG
File "/usr/lib64/az/lib/python3.12/site-packages/requests/models.py", line 897, in content
raise RuntimeError("The content for this response was already consumed")
RuntimeError: The content for this response was already consumed

Expected behavior

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_D2s_v5 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys
The default value of '--size' will be changed to 'Standard_D2s_v5' from 'Standard_DS1_v2' in a future release.
The command failed with an unexpected error. Here is the traceback:
The content for this response was already consumed
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 703, in _run_job
result = cmd_copy(params)
^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 336, in call
return self.handler(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/command_operation.py", line 120, in handler
return op(**command_args)
^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/command_modules/vm/custom.py", line 1171, in create_vm
LongRunningOperation(cmd.cli_ctx)(client.begin_create_or_update(resource_group_name, deployment_name, deployment))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/core/tracing/decorator.py", line 119, in wrapper_use_tracer
return func(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 7094, in begin_create_or_update
raw_result = self._create_or_update_initial(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 6987, in _create_or_update_initial
raise HttpResponseError(response=response, error_format=ARMErrorFormat)
azure.core.exceptions.HttpResponseError: (InvalidTemplateDeployment) The template deployment failed with multiple errors. Please see details for more information.
Code: InvalidTemplateDeployment
Message: The template deployment failed with multiple errors. Please see details for more information.
Exception Details: (RequestDisallowedByPolicy) Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Target: my-vmNSG
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Network/networkSecurityGroups",
"targetValue": "Microsoft.Network/networkSecurityGroups",
"operator": "Equals"
},
{
"result": "True",
"expressionKind": "Count",
"expression": "Microsoft.Network/networkSecurityGroups/securityRules[]",
"path": "properties.securityRules[]",
"expressionValue": 1,
"targetValue": 0,
"operator": "Greater"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionName": "9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa",
"policyAssignmentName": "7c206d4870f040c6b30303fa",
"policyAssignmentDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {},
"policyExemptionIds": [],
"policyEnrollmentIds": []
} (RequestDisallowedByPolicy) Resource 'my-vmVMNic' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d"},"policyDefinition":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vmVMNic' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d"},"policyDefinition":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960","version":"1.0.0"}}]'.
Target: my-vmVMNic
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Network/networkInterfaces",
"targetValue": "Microsoft.Network/networkInterfaces",
"operator": "Equals"
},
{
"result": "False",
"expressionKind": "Field",
"expression": "Microsoft.Network/networkInterfaces/ipconfigurations[].publicIpAddress.id",
"path": "properties.ipConfigurations[].properties.publicIpAddress.id",
"expressionValue": "/subscriptions/fe298fd9-3668-41f7-ad88-ef78236c967b/resourceGroups/IntroAzureRG/providers/Microsoft.Network/publicIPAddresses/my-vmPublicIP",
"targetValue": "*",
"operator": "NotLike"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960",
"policyDefinitionName": "4dd4c538-9f9e-422f-a12d-2ee411672960",
"policyDefinitionDisplayName": "LTIM - Network interfaces should not have public IPs",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d",
"policyAssignmentName": "68cbd21a92ec43d983c3422d",
"policyAssignmentDisplayName": "LTIM - Network interfaces should not have public IPs",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {},
"policyExemptionIds": [],
"policyEnrollmentIds": []
} (RequestDisallowedByPolicy) Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d"},"policyDefinition":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d"},"policyDefinition":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Target: my-vm
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Compute/virtualMachines",
"targetValue": [
"Microsoft.Compute/virtualMachines"
],
"operator": "In"
},
{
"result": "True",
"expressionKind": "Field",
"expression": "Microsoft.Compute/imagePublisher",
"path": "properties.storageProfile.imageReference.publisher",
"expressionValue": "Canonical",
"targetValue": "True",
"operator": "Exists"
},
{
"result": "False",
"expressionKind": "Field",
"expression": "Microsoft.Compute/imagePublisher",
"path": "properties.storageProfile.imageReference.publisher",
"expressionValue": "Canonical",
"targetValue": [
"Cloud-IFSR"
],
"operator": "In"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f",
"policyDefinitionName": "e25cb861-3d76-4f00-9d9b-8592d1c2459f",
"policyDefinitionDisplayName": "LTIM - AllowedImage",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d",
"policyAssignmentName": "ee979ac2bd22451ba019721d",
"policyAssignmentDisplayName": "LTIM - AllowedImage",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {
"listOfAllowedimagePublishers": [
"Cloud-IFSR"
]
},
"policyExemptionIds": [],
"policyEnrollmentIds": []
}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/arm.py", line 109, in handle_template_based_exception
raise CLIError(ex.inner_exception.error.message)

File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/arm.py", line 112, in handle_template_based_exception
raise_subdivision_deployment_error(ex.response.internal_response.text, ex.error.code if ex.error else None)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/requests/models.py", line 926, in text
if not self.content:
^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/requests/models.py", line 897, in content
raise RuntimeError("The content for this response was already consumed")
RuntimeError: The content for this response was already consumed

Environment Summary

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_D2s_v5 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys
The default value of '--size' will be changed to 'Standard_D2s_v5' from 'Standard_DS1_v2' in a future release.
The command failed with an unexpected error. Here is the traceback:
The content for this response was already consumed
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 703, in _run_job
result = cmd_copy(params)
^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 336, in call
return self.handler(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/command_operation.py", line 120, in handler
return op(**command_args)
^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/command_modules/vm/custom.py", line 1171, in create_vm
LongRunningOperation(cmd.cli_ctx)(client.begin_create_or_update(resource_group_name, deployment_name, deployment))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/core/tracing/decorator.py", line 119, in wrapper_use_tracer
return func(args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 7094, in begin_create_or_update
raw_result = self._create_or_update_initial(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/mgmt/resource/resources/v2024_11_01/operations/_operations.py", line 6987, in _create_or_update_initial
raise HttpResponseError(response=response, error_format=ARMErrorFormat)
azure.core.exceptions.HttpResponseError: (InvalidTemplateDeployment) The template deployment failed with multiple errors. Please see details for more information.
Code: InvalidTemplateDeployment
Message: The template deployment failed with multiple errors. Please see details for more information.
Exception Details: (RequestDisallowedByPolicy) Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vmNSG' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa"},"policyDefinition":{"name":"LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10","version":"1.0.0"}}]'.
Target: my-vmNSG
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Network/networkSecurityGroups",
"targetValue": "Microsoft.Network/networkSecurityGroups",
"operator": "Equals"
},
{
"result": "True",
"expressionKind": "Count",
"expression": "Microsoft.Network/networkSecurityGroups/securityRules[]",
"path": "properties.securityRules[]",
"expressionValue": 1,
"targetValue": 0,
"operator": "Greater"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionName": "9e047ff3-2cf0-4cbc-9f55-69b1b57c1a10",
"policyDefinitionDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/7c206d4870f040c6b30303fa",
"policyAssignmentName": "7c206d4870f040c6b30303fa",
"policyAssignmentDisplayName": "LTIM - Deny adding '0.0.0.0/0' & 'Any' as source/destination in NSG Rule",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {},
"policyExemptionIds": [],
"policyEnrollmentIds": []
} (RequestDisallowedByPolicy) Resource 'my-vmVMNic' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d"},"policyDefinition":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vmVMNic' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d"},"policyDefinition":{"name":"LTIM - Network interfaces should not have public IPs","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960","version":"1.0.0"}}]'.
Target: my-vmVMNic
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Network/networkInterfaces",
"targetValue": "Microsoft.Network/networkInterfaces",
"operator": "Equals"
},
{
"result": "False",
"expressionKind": "Field",
"expression": "Microsoft.Network/networkInterfaces/ipconfigurations[].publicIpAddress.id",
"path": "properties.ipConfigurations[].properties.publicIpAddress.id",
"expressionValue": "/subscriptions/fe298fd9-3668-41f7-ad88-ef78236c967b/resourceGroups/IntroAzureRG/providers/Microsoft.Network/publicIPAddresses/my-vmPublicIP",
"targetValue": "*",
"operator": "NotLike"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/4dd4c538-9f9e-422f-a12d-2ee411672960",
"policyDefinitionName": "4dd4c538-9f9e-422f-a12d-2ee411672960",
"policyDefinitionDisplayName": "LTIM - Network interfaces should not have public IPs",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/68cbd21a92ec43d983c3422d",
"policyAssignmentName": "68cbd21a92ec43d983c3422d",
"policyAssignmentDisplayName": "LTIM - Network interfaces should not have public IPs",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {},
"policyExemptionIds": [],
"policyEnrollmentIds": []
} (RequestDisallowedByPolicy) Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d"},"policyDefinition":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Code: RequestDisallowedByPolicy
Message: Resource 'my-vm' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d"},"policyDefinition":{"name":"LTIM - AllowedImage","id":"/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f","version":"1.0.0"}}]'.
Target: my-vm
Additional Information:Type: PolicyViolation
Info: {
"evaluationDetails": {
"evaluatedExpressions": [
{
"result": "True",
"expressionKind": "Field",
"expression": "type",
"path": "type",
"expressionValue": "Microsoft.Compute/virtualMachines",
"targetValue": [
"Microsoft.Compute/virtualMachines"
],
"operator": "In"
},
{
"result": "True",
"expressionKind": "Field",
"expression": "Microsoft.Compute/imagePublisher",
"path": "properties.storageProfile.imageReference.publisher",
"expressionValue": "Canonical",
"targetValue": "True",
"operator": "Exists"
},
{
"result": "False",
"expressionKind": "Field",
"expression": "Microsoft.Compute/imagePublisher",
"path": "properties.storageProfile.imageReference.publisher",
"expressionValue": "Canonical",
"targetValue": [
"Cloud-IFSR"
],
"operator": "In"
}
]
},
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyDefinitions/e25cb861-3d76-4f00-9d9b-8592d1c2459f",
"policyDefinitionName": "e25cb861-3d76-4f00-9d9b-8592d1c2459f",
"policyDefinitionDisplayName": "LTIM - AllowedImage",
"policyDefinitionVersion": "1.0.0",
"policyDefinitionEffect": "deny",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54/providers/Microsoft.Authorization/policyAssignments/ee979ac2bd22451ba019721d",
"policyAssignmentName": "ee979ac2bd22451ba019721d",
"policyAssignmentDisplayName": "LTIM - AllowedImage",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/ff355289-721e-4dd7-a663-afec62ab9d54",
"policyAssignmentParameters": {
"listOfAllowedimagePublishers": [
"Cloud-IFSR"
]
},
"policyExemptionIds": [],
"policyEnrollmentIds": []
}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/arm.py", line 109, in handle_template_based_exception
raise CLIError(ex.inner_exception.error.message)
^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'error'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.12/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 666, in execute
raise ex
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 734, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/init.py", line 726, in _run_job
return cmd_copy.exception_handler(ex)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/azure/cli/core/commands/arm.py", line 112, in handle_template_based_exception
raise_subdivision_deployment_error(ex.response.internal_response.text, ex.error.code if ex.error else None)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/requests/models.py", line 926, in text
if not self.content:
^^^^^^^^^^^^
File "/usr/lib64/az/lib/python3.12/site-packages/requests/models.py", line 897, in content
raise RuntimeError("The content for this response was already consumed")
RuntimeError: The content for this response was already consumed

Additional context

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_D2s_v5 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys
The default value of '--size' will be changed to 'Standard_D2s_v5' from 'Standard_DS1_v2' in a future release.
The command failed with an unexpected error. Here is the traceback:
The content for this response was already consumed
t
raise RuntimeError("The content for this response was already consumed")
RuntimeError: The content for this response was already consumed

[yonzhan]

Thank you for opening this issue, we will look into it.

[github-actions]

Here are some similar issues that might help you. Please check if they can solve your problem.

• Exercise - Create an Azure virtual machine - Failure to Create Virtual Machne #32247
• Exercise - Create an Azure virtual machine - Failure to Create Virtual Machine #32266

---

Possible solution (Extracted from existing issue, might be incorrect; please verify carefully)

Solution 1:

For the problem was solved when I changed the size and the location for the virtual machine.

Reference:

• Exercise - Create an Azure virtual machine - Failure to Create Virtual Machne #32247 (comment)

Solution 2:

I changed location to useast2 and size to StandardD2as_v6 and it worked afterwards!

Reference:

• Exercise - Create an Azure virtual machine - Failure to Create Virtual Machne #32247 (comment)

Solution 3:

Solution:
retain all the parameters except the "size".

Use this instead of what was on the script: "Standard_DC1ds_v3"

Remember to DELETE the resources after your exercise.

Here is the exact script that works seamlessly.

az vm create --resource-group "IntroAzureRG" --name my-vm --size Standard_DC1ds_v3 --public-ip-sku Standard --image Ubuntu2204 --admin-username azureuser --generate-ssh-keys

Reference:

• Exercise - Create an Azure virtual machine - Failure to Create Virtual Machne #32247 (comment)

Powered by issue-sentinel

[SVANT888]

I am also having the same issue and the suggested solutions are not working.