Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mostly clean deployment fails on key vault #741

Open
jwaltireland opened this issue Feb 11, 2025 · 3 comments
Open

Mostly clean deployment fails on key vault #741

jwaltireland opened this issue Feb 11, 2025 · 3 comments

Comments

@jwaltireland
Copy link

jwaltireland commented Feb 11, 2025
edited
Loading

I am getting this error during clean deployment: meaning, i copied the deploy-baseline.bicep and customized it slightly around using custom Naming, etc. no modifications for existing modules.

ERROR: {"status":"Failed","error":{"code":"DeploymentFailed","target":"/subscriptions//providers/Microsoft.Resources/deployments/deploy-baseline-personal-host-pool-arpah","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"InvalidTemplate","message":"Unable to process template language expressions for resource '/subscriptions//resourceGroups/{redacted}/providers/Microsoft.Resources/deployments/Workload-KeyVault-20250211T154533Z' at line '19877' and column '5'. 'The language expression property array index '8' is out of bounds.'","additionalInfo":[{"type":"TemplateViolation","info":{"lineNumber":19877,"linePosition":5,"path":""}}]}]}}

No changes to this module.

No idea how to research this.

i've set the createAvdVnet to true. so maybe the issue is somewhere in this code:

privateEndpoints: deployPrivateEndpointKeyvaultStorage
? [
{
name: varWrklKvPrivateEndpointName
subnetResourceId: createAvdVnet
? '${networking.outputs.virtualNetworkResourceId}/subnets/${varVnetPrivateEndpointSubnetName}'
: existingVnetPrivateEndpointSubnetResourceId
customNetworkInterfaceName: 'nic-01-${varWrklKvPrivateEndpointName}'
service: 'vault'
privateDnsZoneGroupName: createPrivateDnsZones
? split(networking.outputs.keyVaultDnsZoneResourceId, '/')[8]
: split(avdVnetPrivateDnsZoneKeyvaultId, '/')[8]
privateDnsZoneResourceIds: [
createPrivateDnsZones ? networking.outputs.keyVaultDnsZoneResourceId : avdVnetPrivateDnsZoneKeyvaultId
]
}
]
: []
@danycontre
Copy link
Collaborator

@jwaltireland thanks for your feedback.

Some thoughts:

  • Look at the deployments of the service-objects resource group, the keyvault deployment to it failed. This deployment will provide you additional details on the error. If possible, please share the inputs for the failed deployment. Example:
Image Image
  • Based on the error, the naming you are using may be going beyond the number of characters supported.
  • Which naming parameters did you modify?

@jwaltireland
Copy link
Author

It never got the point where it was deploying keyvault. The issue seems to be around having the code create the vnet, by setting this param to true: createAvdVnet. Once i deployed the vnet separately, then updated the appropriate params for existing vnetSubnet, existing pepSubnet, it deployed successfully

@danycontre
Copy link
Collaborator

@jwaltireland thanks for the updates, we haven't been able to reproduce, if possible, please share the parameters you were using for the deployment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jwaltireland @danycontre