Error: ‘User failed validation to purchase resources’ when deploying a virtual machine

Today I’ve deployed a new virtual machine within Azure using the Windows Server 2022 Azure Edition Preview Marketplace image. After running my Powershell script, I received an error:
’User failed validation to purchase resources. Error message: ‘You have not accepted the legal terms on this subscription: …..’

image

So, let’s take a look at the legal terms, also using Powershell. I’ve used a couple of variables.

$azureVmPublisherName = "MicrosoftWindowsServer"
$azureVmOffer = "microsoftserveroperatingsystems-previews"
$azureVmSkus = "windows-server-2022-azure-edition-preview"
$Version = "latest"


Get-AzMarketplaceTerms -Publisher $azureVmPublisherName -Product $azureVmOffer -Name $azureVmSkus

image

As you can see, the legal terms are not accepted yet!! With a small Powershell command, we can accept the legal terms.

Get-AzMarketplaceTerms -Publisher $azureVmPublisherName -Product $azureVmOffer -Name $azureVmSkus | Set-AzMarketplaceTerms -Accept

image

Now you’re good to go!!

Use Azure Bastion to access your virtual machine in Azure

As most of you know, it’s possible to provide a virtual machine in Azure with a public IP address. This IP address can then be used to build a connection to, for example, RDP or SSH.

This way of connecting takes place over the Internet, which entails a great security risk. In many environments we see jumpbox or stepping stone servers, which are placed in the DMZ. These servers can be accessed from the Internet, and from these servers a connection can be made to a server or multiple servers on the internal network.

Such an arrangement is not safe, unmanageable and vulnerable. Azure Bastion is a great addition to facilitate a secure connection to a virtual machine in Azure. Azure Bastion integrates into the Azure portal, requiring multi-factor authentication. The virtual machines do not need to have a public IP address, so they are not accessible directly from the Internet.

Azure Bastion is a fully managed, autoscaling and hardened PaaS service, to provide you secure RDP and SSH connectivity. Het is eenvoudig te configureren in slechts een aantal stappen. Door gebruik te maken van virtueel netwerk peering, is het mogelijk om Azure Bastion eenvoudig toe te voegen aan een bestaande configuratie in Azure.

image

  1. Configure a new virtual network for Azure Bastion
  2. Create a new subnet named ‘AzureBastionSubnet’ required for Azure Bastion
  3. Configure virtual network peering to your other networks
  4. Create an Azure Bastion host
  5. Login in the VM through the Azure portal using Azure Bastion
  6. See the list of active sessions in the Azure Bastion Host properties

2021-05-20_16h00_34    2021-05-20_16h00_532021-05-20_16h00_59    2021-05-20_16h01_102021-05-20_16h01_45    2021-05-20_16h11_542021-05-20_16h12_54    2021-05-20_16h15_14

Now you can securely connect through Azure Bastion to a virtual machine running RDP or SSH. As you can see, the virtual machine I’m connecting to has no public IP address, only a internal IP address.

image

Free ebook ‘Azure for Architects’

Do you want to know all the ins and outs about cloud computing. What is the cloud? What is Azure? What kind of functionalities and concepts are available within this cloud?

cloud_1220

You’ll find all  the answers in this great free ebook ‘Azure for Architecs’.

Download the free ebook here.

Improvements to Azure VM backups are now available

Azure Backup now has even greater support and functionality for Azure VM backups:

  • Azure Backup is introducing restoring Unmanaged VMs/Disks as Managed VMs/Disks to provide the benefit of Managed disks for customers who are currently backing up their unmanaged disks.

For more details, please read our documentation

Restore virtual machine

  • Azure Backup now supports Replace existing disks as an option for VMs that have Managed Service Identities (MSI) Both User assigned Identities and System assigned Identities.

For more details, please read our documentation.

All the above features are generally available in all Azure regions.

Enable Azure Accelerated Networking

Azure Accelerated Networking is a new option for Azure Infrastructure as a Service (IaaS) Virtual Machine (VM) on the NIC level providing several benefits by enabling single root I/O virtualization (SR-IOV) to a VM, greatly improving its networking performance. This high-performance path bypasses the host from the datapath, reducing latency, jitter, and CPU utilization, for use with the most demanding network workloads on supported VM types. You would typically use this feature with heavy workloads that need to send or receive data at high speed with reliable streaming and lower CPU utilization. It will enable speeds of up to 25Gbps per Virtual Machine. Best of all, it’s free!

accelerated-networking

How to Enable Accelerated Networking:

You can enable this feature during initial creation of the VM, on the networking tab, you will see “Enable Accelerated Networking”. If you are unable to enable, then it is not compatible on your chosen Azure VM size. If you need to enable this feature after VM creation you will require to do so through powershell as it is not yet supported in the portal. You can do this simply with the below commands after deallocating the Virtual Machine.


Login-AzureRmAccount
$nic = Get-AzureRmNetworkInterface -ResourceGroupName “YourResourceGroupName” -Name “YourNicName”
$nic.EnableAcceleratedNetworking = $true
$nic | Set-AzureRmNetworkInterface

Then proceed to start the Virtual Machine and Accelerated Networking will be enabled.

FREE eBook – The SysAdmin Guide to Azure Infrastructure as a Service

image

Many system administrators have been working with on-premises infrastructure for their whole careers so moving to a cloud-based environment can feel like a leap of faith. However, making the leap to Azure doesn’t have to be daunting. With the right preparation it can be a smooth transition, consistent with your current on-premises configuration.

This free eBook written by veteran IT consultant and Microsoft Certified trainer Paul Schnakenberg covers all aspects of setting up and maintaining a high-performing Azure IaaS environment. It starts from the very basics, introducing key terms and features you need to get started, including migration, and goes on to explain everyday maintenance and best practices before covering more advanced features.

To get the best results from this eBook, it is recommended to follow along with the step-by-step tutorials using your own Azure subscription. If you don’t currently have access, the eBook explains how to set up a free 30-day trial alongside $200 worth of Azure resources to use and 12 months of additional free resources!

Altaro consistently delivers high-quality eBooks that are packed full of valuable guidance for system administrators and this latest eBook is no exception. If you currently use Azure IaaS or are planning to use it, this is an awesome free resource that you definitely should not miss.

Download your free eBook today