Add blog post about ASO v2.17 features (#5075)

jakjang · Copilot · theunrepentantgeek · web-flow · commit 162c04fa81b2 · 2025-12-11T19:35:53.000Z
* Add blog post about ASO v2.17 features

This blog post discusses the upcoming features in ASO v2.17, including improved error handling for undeletable resources and the ability to specify role assignments using well-known names.

* Update docs/hugo/content/blogs/v2.17-features-with-bevan.md

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

* Apply suggestions from code review

Co-authored-by: Bevan Arps &lt;bevan.arps@microsoft.com&gt;

* Update docs/hugo/content/blogs/v2.17-features-with-bevan.md

* Apply suggestions from code review

---------

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;
Co-authored-by: Bevan Arps &lt;bevan.arps@microsoft.com&gt;
diff --git a/docs/hugo/content/blogs/v2.17-features-with-bevan.md b/docs/hugo/content/blogs/v2.17-features-with-bevan.md
@@ -0,0 +1,77 @@
+---
+title: "Developer Talks - Quality of Life Features with Bevan"
+date: 2025-12-19
+draft: false
+description: "Bevan goes over some recent and upcoming features in ASO and how they contribute to a better user experience."
+---
+
+With the release of ASO v2.17 coming soon, this felt like a great time to go behind the curtain and get a better idea of what us devs have been working on, both landed and upcoming, and how they contribute to a smoother user experience for ASO users.
+
+We'll go over two exciting features, one landing in v2.17 and one that shipped in v2.16. Alongside our other host of improvements, we hope these features make using ASO that much smoother for our users.
+
+## Improved error handling for resources that can't be deleted
+
+PR [#4987](https://github.com/Azure/azure-service-operator/pull/4987) landing in v2.17 helps with error handling for Azure resources that can not be deleted directly. Azure hosts a number of resource types that cannot be deleted directly; instead, you have to delete their parents.
+
+If a user does attempt to delete one of these resources directly, they'll be met with a number of noisy errors that will populate in their logs.
+
+A snippet of such an error would look like is below:
+
+```go
+test_logger.go:160: [2024-04-28T22:19:01Z] SqlDatabaseThroughputSettingController 
+    "msg"="Error during Delete" 
+    "err"="deleting resource "/subscriptions/<sub_id>/resourceGroups/<rg_name>/providers/Microsoft.DocumentDB/databaseAccounts/sample-sqldb-account/sqlDatabases/sample-sql-db/throughputSettings/default": DELETE https://management.azure.com/subscriptions/<sub_id>/resourceGroups/<rg_name>/providers/Microsoft.DocumentDB/databaseAccounts/sample-sqldb-account/sqlDatabases/sample-sql-db/throughputSettings/default
+    --------------------------------------------------------------------------------
+    RESPONSE 405: 405 Method Not Allowed
+    ERROR CODE: MethodNotAllowed
+    --------------------------------------------------------------------------------
+    {
+      "code": "MethodNotAllowed",
+      "message": "Message: The requested verb is not supported."
+    }
+    --------------------------------------------------------------------------------
+    " name="sample-sql-throughput" 
+    namespace="aso-test-samples-creationanddeletion-test-sqldatabase-v1a-7e1fc" 
+    azureName="default" 
+    action="BeginDelete"
+```
+
+With this new enhancement, the workflow in ASO is enhanced to detect when a resource can not be deleted directly, return a more informative error message than what you would see previously, and provides details on how to unblock the resource deletion.
+
+## Allowing specification of role assignments by using well-known names
+
+[This feature](https://github.com/Azure/azure-service-operator/pull/4923) builds upon the support of well-known names added in [#4922](https://github.com/Azure/azure-service-operator/pull/4922) and allows users to specify RoleAssignments using the well-known name of a [built-in RoleDefinition](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles) instead of the full ARM ID.
+
+Before this change if I wanted to assign the "Contributor" role, it would require something like this, using the published GUID:
+
+```yaml
+apiVersion: authorization.azure.com/v1api20200801preview
+kind: RoleAssignment
+metadata:
+  name: aso-sample-contributor
+  namespace: default
+spec:
+  ...
+  roleDefinitionReference:
+    armId: /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c
+```
+
+Now, with this change, I'd be able to use the well known name `contributor` instead:
+
+```yaml
+apiVersion: authorization.azure.com/v1api20200801preview
+kind: RoleAssignment
+metadata:
+  name: aso-sample-contributor
+  namespace: default
+spec:
+  ...
+  roleDefinitionReference:
+    armName: Contributor
+```
+
+## v2.17 Release
+
+v2.17 introduces these features and more, as we continually strive to make ASO work better for our users! 
+
+If you have an enhancement you would like to see in future iterations of ASO, please [submit an issue](https://github.com/Azure/azure-service-operator/issues) or visit the [contributing guide](https://azure.github.io/azure-service-operator/contributing/). 
