Deployment fails to Azure Gov

[MSBrett]

Describe the bug Deployment fails to Azure Gov

Steps to reproduce

1. Log into the Azure Gov Portal
2. From the search bar search for and choose "Deploy a custom template".
3. Select "Azure Landing Zone" from the list of templates.
4. Select "Azure Government" from the list of supported clouds.
5. Fill out the forms and deploy the template using default values - 3 subscriptions provided.
6. Deployment fails with this error:

{ "status": "Failed", "error": { "code": "DeploymentFailed", "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.", "details": [ { "code": "BadRequest", "message": "{\r\n \"error\": {\r\n \"code\": \"PolicyDefinitionNotFound\",\r\n \"message\": \"The policy set definition 'Enforce-EncryptTransit' request is invalid. The following policy definition could not be found: '/providers/Microsoft.Authorization/policyDefinitions/0e80e269-43a4-4ae9-b5bc-178126b8a5cb'.\"\r\n }\r\n}" } ] } }

The same error occurs when deploying from Learn and Github.

[Springstone]

Hi @MSBrett thanks for raising this issue. Basically, this means one of the policies in that initiative is not available in Azure Gov cloud. Unfortunately, we currently don't have any way to validate sovereign cloud deployments (and it is a very complicated process to validate if policies are available in each of the sovereign clouds).

We are currently in the process of someone in our team getting access to Azure Gov (Fairfax) and hopefully we can improve the quality and reliability for those customers.