How to use existing network in a different RG in Azure with ansible

Archives Ansible Project
1

My goal here is to create a VM in Azure with Ansible

  • name: Create a VM

azure.azcollection.azure_rm_virtualmachine:

resource_group: RG-Bill

name: testvm002

vm_size: Standard_DS1_v2

admin_username: centos

ssh_public_keys:

  • path: /home/centos/.ssh/authorized_keys

key_data: blah blah

virtual_network_resource_group: RG-Net

virtual_network_name: VNET1

subnet_name: SUBNET_VNET1

public_ip_allocation: Disabled

image:

offer: CentOS

publisher: OpenLogic

sku: “7.5”

version: latest

What happens here is the PB throws the error:

“Error creating default security rule testvm00201 - (AuthorizationFailed) The client ‘xxxxxxxxxxx’ with object id ‘xxxxxxxxxxxxxxxxxxxxx’ does not have authorization to perform action ‘Microsoft.Network/networkSecurityGroups/write’ over scope ‘/subscriptions/xxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201’ or the scope is invalid. If access was recently granted, please refresh your credentials.\nCode: AuthorizationFailed\nMessage: The client ‘xxxxxxxxxxxxxxxxxxx’ with object id ‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxx’ does not have authorization to perform action ‘Microsoft.Network/networkSecurityGroups/write’ over scope ‘/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/RG-Bill/providers/Microsoft.Network/networkSecurityGroups/testvm00201’ or the scope is invalid. If access was recently granted, please refresh your credentials.”,

I think I know what the problem is; to me it looks like it is trying to create a NSG and I do not have privs for that, so the way to resolve this is tell my PB to use a network that is already setup, but the network that is already setup is in a different resource group (RG-Net) and my VM is being build in RG-Bill so my question is how to I tell it to use my existing network (VNET1) and subnet (SUBNET_VNET1) that is in the resource group RG_Net?

I looked up and thought I could set it via:

virtual_network_resource_group: RG-Net

virtual_network_name: VNET1

But as you can see it threw the error yet again, really am stuck here, what do you think?

Thanks in Advance

Bill