Skip to content

Unable to use -WhatIf on New-AzResourceGroupDeployment with PrivateDnsZoneGroup in template #26763

New issue
New issue
Open
Open
Unable to use -WhatIf on New-AzResourceGroupDeployment with PrivateDnsZoneGroup in template#26763
Labels
ARM - TemplatesService AttentionThis issue is responsible by Azure service team.bugThis issue requires a change to an existing behavior in the product in order to be resolved.
@weevil44

Description

@weevil44
weevil44
opened on Nov 26, 2024

Description

There appears to be a bug when using -WhatIf on an existing resource that does not already have a PrivateDnsZoneGroup associated with the pricate endpoint.

To reproduce this bug:
Using an ARM template, create any resource with a private endpoint but without a private DNS zone group included in the ARM template
Add the Private DNS Zone Group creation to the template
Run the command to verify what is going to change with the redeployment
New-AzResourceGroupDeployment -ResourceGroupName "my-rg" -TemplateFile key-vault-template.json -TemplateParameterFile key-vault-parameters.json -WhatIf

It fails with a missing or unexpected response on request error. If the -WhatIf is removed, the resource is successfully deployed, adding the Private DNS Zone group and I can then run the -WhatIf command successfully

Expected result: The -WhatIf would tell me it is going to add a Private DNS Zone Group in addition to any other changes that it will make

Workaroune: Make a copy of the template file. Remove the PrivateDnsZoneGroup creation from the new file. Execute the -WhatIf to verify other changes. Execute the redeployment of the resource. This workaround only works if I execute the deployment manually, not through automation.

Issue script & Debug output

New-AzResourceGroupDeployment -ResourceGroupName "my-rg" -TemplateFile key-vault-template.json -TemplateParameterFile key-vault-parameters.json -WhatIf

New-AzResourceGroupDeployment:
DeploymentWhatIfResourceInvalidResponse - Long running operation failed with status 'Failed'. Additional Info:'The request to predict template deployment changes to scope '/subscriptions/<subscription id>/resourceGroups/my-rg' has failed due to missing or unexpected response on request '/subscriptions/<subscription id>/resourceGroups/my-rg/providers/Microsoft.Network/privateEndpoints/kv-test-cus-4-pep/privateDnsZoneGroups/vaultPrivateDnsZoneGroup?api-version=2020-03-01'

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.6
PSEdition                      Core
GitCommitId                    7.4.6
OS                             Microsoft Windows 10.0.22631
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     3.0.1                 Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     7.2.0                 Az.Resources                        {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDep

Error output

Metadata
Metadata
Assignees
No one assigned
    Labels
    ARM - TemplatesService AttentionThis issue is responsible by Azure service team.bugThis issue requires a change to an existing behavior in the product in order to be resolved.
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions