Developer Talks - Quality of Life Features with Bevan

Bevan goes over some recent and upcoming features in ASO and how they contribute to a better user experience.

With the release of ASO v2.17 coming soon, this felt like a great time to go behind the curtain and get a better idea of what us devs have been working on, both landed and upcoming, and how they contribute to a smoother user experience for ASO users.

We’ll go over two exciting features, one landing in v2.17 and one that shipped in v2.16. Alongside our other host of improvements, we hope these features make using ASO that much smoother for our users.

Improved error handling for resources that can’t be deleted

PR #4987 landing in v2.17 helps with error handling for Azure resources that can not be deleted directly. Azure hosts a number of resource types that cannot be deleted directly; instead, you have to delete their parents.

If a user does attempt to delete one of these resources directly, they’ll be met with a number of noisy errors that will populate in their logs.

A snippet of such an error would look like is below:

test_logger.go:160: [2024-04-28T22:19:01Z] SqlDatabaseThroughputSettingController 
    "msg"="Error during Delete" 
    "err"="deleting resource "/subscriptions/<sub_id>/resourceGroups/<rg_name>/providers/Microsoft.DocumentDB/databaseAccounts/sample-sqldb-account/sqlDatabases/sample-sql-db/throughputSettings/default": DELETE https://management.azure.com/subscriptions/<sub_id>/resourceGroups/<rg_name>/providers/Microsoft.DocumentDB/databaseAccounts/sample-sqldb-account/sqlDatabases/sample-sql-db/throughputSettings/default
    --------------------------------------------------------------------------------
    RESPONSE 405: 405 Method Not Allowed
    ERROR CODE: MethodNotAllowed
    --------------------------------------------------------------------------------
    {
      "code": "MethodNotAllowed",
      "message": "Message: The requested verb is not supported."
    }
    --------------------------------------------------------------------------------
    " name="sample-sql-throughput" 
    namespace="aso-test-samples-creationanddeletion-test-sqldatabase-v1a-7e1fc" 
    azureName="default" 
    action="BeginDelete"

With this new enhancement, the workflow in ASO is enhanced to detect when a resource can not be deleted directly, return a more informative error message than what you would see previously, and provides details on how to unblock the resource deletion.

Allowing specification of role assignments by using well-known names

This feature builds upon the support of well-known names added in #4922 and allows users to specify RoleAssignments using the well-known name of a built-in RoleDefinition instead of the full ARM ID.

Before this change if I wanted to assign the “Contributor” role, it would require something like this, using the published GUID:

apiVersion: authorization.azure.com/v1api20200801preview
kind: RoleAssignment
metadata:
  name: aso-sample-contributor
  namespace: default
spec:
  ...
  roleDefinitionReference:
    armId: /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c

Now, with this change, I’d be able to use the well known name contributor instead:

apiVersion: authorization.azure.com/v1api20200801preview
kind: RoleAssignment
metadata:
  name: aso-sample-contributor
  namespace: default
spec:
  ...
  roleDefinitionReference:
    armName: Contributor

v2.17 Release

v2.17 introduces these features and more, as we continually strive to make ASO work better for our users!

If you have an enhancement you would like to see in future iterations of ASO, please submit an issue or visit the contributing guide.