Azure / avdaccelerator

AVD Accelerator deployment automation to simplify the setup of AVD (Azure Virtual Desktop) based on best practices
MIT License
342 stars 214 forks source link

managedDisk.securityProfile.securityEncryptionType' is missing (null) #686

Open gusdellazure opened 1 month ago

gusdellazure commented 1 month ago

What happened? Provide a clear and concise description of the bug, including deployment details.

Issue with deploying .GOV

"code": "DeploymentFailed", "target": "/subscriptions/cf4d6247-bf51-42e6-9dd5-XXXXXXX/resourceGroups/rg-avd-avd-prod-va-service-objects/providers/Microsoft.Resources/deployments/MGMT-VM-20241015T003002Z", "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.", "details": [ { "code": "BadRequest", "message": "Required parameter for Confidential VMs 'managedDisk.securityProfile.securityEncryptionType' is missing (null)." } ] }

Please provide the correlation id associated with your error or bug.

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

What was the expected outcome?

No response

Relevant log output

No response

danycontre commented 1 month ago

@gusdellazure thank you for your feedback, we are reviewing it.

chbragg commented 1 month ago

@gusdellazure What VM SKU are you using? It's my understanding that Azure Government only has one type of Confidential Compute VM SKU available and it is the Intel SGX style of Confidential compute (DCs_v2). The SGX Confidential VMs do the Confidential Computing differently and that type doesn't leverage the "Confidential" Security Type for your VM settings. To check if that setting is available in your SKU type, you can try to create a new VM in the portal with your SKU and try to select the Confidential option under Security Type. The other way is to run this Azure CLI command to see if it's listed as an attribute on the VM SKU. If the ConfidentialComputeType shows null, then you can only use TrustedLaunch or Standard for that VM SKU.

az vm list-skus --location usgovvirginia --resource-type virtualMachines --query "[?contains(name, 'DC') || contains(name, 'EC') || contains(name, 'NCC')].{Name:name, ConfidentialComputeType:capabilities[?name=='ConfidentialComputingType'].value | [0]}" --output json

Please reference this to learn more about the Confidential Compute options. https://learn.microsoft.com/en-us/azure/confidential-computing/confidential-computing-deployment-models

chbragg commented 3 weeks ago

@gusdellazure , is your issue resolved when you deploy with the supported settings around Confidential Compute or Trusted Launch as described above?

gusdellazure commented 6 days ago

Hi all yes the fox worked!! thank you

gusdellazure commented 6 days ago

Hi all I used D8ads_v5 on azure.us. I ended up removing the High Availability configuration.