Azure / azure-powershell

Microsoft Azure PowerShell
Other
4.27k stars 3.87k forks source link

Using custom types when performing a what-if deployment sets the parameter type to null. #24286

Closed SebastianClaesson closed 8 months ago

SebastianClaesson commented 8 months ago

Description

Running a whatif deployment (new-azresourcegroupdeployment -resourcegroupname 'rg-appgw-nonprod' -TemplateParameterFile .\environments\nonprod.bicepparam -whatif) using a bicep that has custom types included, turns the parameters to null instead of the referenced type. Running the same command (az deployment group create -g 'rg-appgw-nonprod' -p .\environments\nonprod.bicepparam --what-if) with az cli works as intended.

Worth mentioning is that it is possible using the command "new-azresourcegroupdeployment -resourcegroupname 'rg-appgw-nonprod' -TemplateParameterFile .\environments\nonprod.bicepparam" to perform a successful deployment. However, adding the -whatif causes the error.

Below is the debug output / generated parameters object from the different deployment methods.

The parameters which uses the custom types:

  1. probes
  2. requestRoutingRules
  3. httpListeners
  4. backendHttpSettingsCollections
  5. backendAddressPools
  6. frontEndPorts

Az PowerShell parameter object (generated from the az powershell command)

{
        "location": {
          "type": "string",
          "defaultValue": "[resourceGroup().location]",
          "metadata": {
            "description": "Location for all resources."
          }
        },
        "tags": {
          "type": "object",
          "defaultValue": {},
          "metadata": {
            "description": "Tag of the resource."
          }
        },
        "privateIP": {
          "type": "string"
        },
        "sku": {
          "type": "string",
          "defaultValue": "WAF_v2",
          "allowedValues": [
            "WAF_v2"
          ],
          "metadata": {
            "description": "Application gateway waf sku"
          }
        },
        "privateFrontendName": {
          "type": "string"
        },
        "publicFrontendName": {
          "type": "string"
        },
        "environment": {
          "type": "string",
          "allowedValues": [
            "nonprod",
            "prod"
          ]
        },
        "probes": null,
        "requestRoutingRules": null,
        "httpListeners": null,
        "backendHttpSettingsCollections": null,
        "backendAddressPools": null,
        "frontEndPorts": null,
        "sslPolicy": {
          "type": "object"
        },
        "sslCertificates": {
          "type": "array"
        },
        "vnetName": {
          "type": "string"
        },
        "vnetRGName": {
          "type": "string"
        },
        "vnetSubnetName": {
          "type": "string"
        }
      }

Az Cli Parameters object (generated from the az cli command):

{
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": { "description": "Location for all resources." }
    },
    "tags": {
      "type": "object",
      "defaultValue": {},
      "metadata": { "description": "Tag of the resource." }
    },
    "privateIP": { "type": "string" },
    "sku": {
      "type": "string",
      "defaultValue": "WAF_v2",
      "allowedValues": [ "WAF_v2" ],
      "metadata": { "description": "Application gateway waf sku" }
    },
    "privateFrontendName": { "type": "string" },
    "publicFrontendName": { "type": "string" },
    "environment": {
      "type": "string",
      "allowedValues": [ "nonprod", "prod" ]
    },
    "probes": { "$ref": "#/definitions/probeType" },
    "requestRoutingRules": { "$ref": "#/definitions/requestRoutingRuleType" },
    "httpListeners": { "$ref": "#/definitions/httpListenerType" },
    "backendHttpSettingsCollections": { "$ref": "#/definitions/backendHttpSettingsCollectionType" },
    "backendAddressPools": { "$ref": "#/definitions/backendAddressPoolType" },
    "frontEndPorts": { "$ref": "#/definitions/frontEndPortType" },
    "sslPolicy": { "type": "object" },
    "sslCertificates": { "type": "array" },
    "vnetName": { "type": "string" },
    "vnetRGName": { "type": "string" },
    "vnetSubnetName": { "type": "string" }
  }

Issue script & Debug output

NOTE: DEBUG EXCEEDED 65536 CHARACTERS AND SOME OF THE TEMPLATE HAS BEEN REMOVED THAT INCLUDES THE RESOURCES AND LOGIC INSIDE OF BICEP.

-----

PS C:\git\ApplicationGateway> new-azresourcegroupdeployment -resourcegroupname 'RESOURCEGROUP' -TemplateParameterFile .\environments\nonprod.bicepparam -whatif -Debug
VERBOSE: Using Bicep v0.23.1
VERBOSE: Calling Bicep with arguments: build-params "C:\git\ApplicationGateway\environments\nonprod.bicepparam" --stdout
DEBUG: 09:27:05 - NewAzureResourceGroupDeploymentCmdlet begin processing with ParameterSet 'ByParameterFileWithNoTemplate'.
DEBUG: 09:27:05 - using account id 'USERID'...
DEBUG: 09:27:05 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
Getting the latest status of all resources...VERBOSE: Using Bicep v0.23.1
VERBOSE: Calling Bicep with arguments: build-params "C:\git\ApplicationGateway\environments\nonprod.bicepparam" --stdout
Confirm
Continue with this operation?
[Y] Yes  [A] Yes to All  [H] Halt Command  [S] Suspend  [?] Help (default is "Y"): 
DEBUG: [Common.Authentication]: Authenticating using Account: 'userid', environment: 'AzureCloud', tenant: 'TENANTID'
DEBUG: 09:27:09 - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 09:27:09 - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'TENANTID', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'userid'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: 
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] [Region discovery] Not using a regional authority. 
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] [Region discovery] Not using a regional authority. 
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] [Region discovery] Not using a regional authority. 
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] [Region discovery] Not using a regional authority. 
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - 9b7faceb-9145-47b1-aaad-fabfb413842f] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z] Found 3 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z] Returning 3 accounts
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] MSAL MSAL.CoreCLR with assembly version '4.56.0.0'. CorrelationId(c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e)
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] LoginHint provided: False
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] Account provided: True
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] ForceRefresh: False
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] 
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] [Region discovery] Not using a regional authority.         
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] Access token is not expired. Returning the found cache entry. [Current time (02/29/2024 08:27:09) - Expiration Time (02/29/2024 09:26:14 +00:00) - Extended Expiration Time (02/29/2024 09:26:14 +00:00)]
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] Returning access token found in cache. RefreshOn exists ? False
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] [Region discovery] Not using a regional authority.         
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e] 
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.56.0.0 MSAL.CoreCLR .NET 8.0.1 Microsoft Windows 10.0.19045 [2024-02-29 08:27:09Z - c2cb4ec4-fd0d-4070-bba4-5aa1c92d494e]  AT expiration time: 2024-02-29 09:26:14 +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: Cache
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2024-02-29T09:26:14.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'TENANTID', UserId: 'USERID'
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
POST

Absolute Uri:
https://management.azure.com/subscriptions/SUBSCRIPTIOND/resourcegroups/RESOURCEGROUP/providers/Microsoft.Resources/deployments/709b4e7d-e78c-4ffa-b2e5-26a4c3112b8a/whatIf?api-version=2022-09-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : 14164e44-0b2a-47bc-b179-e738dbd60dda

Body:
{
  "properties": {
    "whatIfSettings": {
      "resultFormat": "FullResourcePayloads"
    },
    "template": {
      "variables": {
        "appGWName": "[format('agw-{0}', parameters('environment'))]"
      },
      "languageVersion": "2.0",
      "parameters": {
        "location": {
          "type": "string",
          "defaultValue": "[resourceGroup().location]",
          "metadata": {
            "description": "Location for all resources."
          }
        },
        "tags": {
          "type": "object",
          "defaultValue": {},
          "metadata": {
            "description": "Tag of the resource."
          }
        },
        "privateIP": {
          "type": "string"
        },
        "sku": {
          "type": "string",
          "defaultValue": "WAF_v2",
          "allowedValues": [
            "WAF_v2"
          ],
          "metadata": {
            "description": "Application gateway waf sku"
          }
        },
        "privateFrontendName": {
          "type": "string"
        },
        "publicFrontendName": {
          "type": "string"
        },
        "environment": {
          "type": "string",
          "allowedValues": [
            "nonprod",
            "prod"
          ]
        },
        "probes": null,
        "requestRoutingRules": null,
        "httpListeners": null,
        "backendHttpSettingsCollections": null,
        "backendAddressPools": null,
        "frontEndPorts": null,
        "sslPolicy": {
          "type": "object"
        },
        "sslCertificates": {
          "type": "array"
        },
        "vnetName": {
          "type": "string"
        },
        "vnetRGName": {
          "type": "string"
        },
        "vnetSubnetName": {
          "type": "string"
        }
      },
      "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
      "definitions": {
        "frontEndPortType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Specify the name of the front end port."
                }
              },
              "port": {
                "type": "int",
                "metadata": {
                  "description": "Required. Specify the type of lock."
                }
              }
            }
          },
          "nullable": true
        },
        "probeType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Specify the name of the health probe."
                }
              },
              "host": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify the host name to send the probe to."
                }
              },
              "interval": {
                "type": "int",
                "metadata": {
                  "description": "Required. Specify the interval."
                }
              },
              "match": {
                "type": "object",
                "properties": {
                  "statusCodes": {
                    "type": "array",
                    "items": {
                      "type": "string"
                    },
                    "nullable": true
                  },
                  "body": {
                    "type": "string",
                    "nullable": true
                  }
                },
                "nullable": true,
                "metadata": {
                  "description": "Required. Specify the matching status code(s)."
                }
              },
              "minServers": {
                "type": "int",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify the minimum number of servers that are always marked healthy.."
                }
              },
              "path": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify the Relative path of probe. Valid path starts from '/'. Probe is sent to {Protocol}://{host}:{port}{path}."
                }
              },
              "pickHostNameFromBackendHttpSettings": {
                "type": "bool",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify whether the host header should be picked from the backend http settings. Default value is false."
                }
              },
              "pickHostNameFromBackendSettings": {
                "type": "bool",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify whether the server name indication should be picked from the backend settings for Tls protocol. Default value is false."
                }
              },
              "port": {
                "type": "int",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Specify custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Basic, Standard_v2 and WAF_v2 only."
                }
              },
              "protocol": {
                "type": "string",
                "allowedValues": [
                  "Http",
                  "Https",
                  "Tcp",
                  "Tls"
                ],
                "metadata": {
                  "description": "Required. Specify the protocol used for the probe"
                }
              },
              "timeout": {
                "type": "int",
                "nullable": true,
                "minValue": 1,
                "maxValue": 86400,
                "metadata": {
                  "description": "Optional. The probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds."
                }
              },
              "unhealthyThreshold": {
                "type": "int",
                "nullable": true,
                "minValue": 1,
                "maxValue": 20,
                "metadata": {
                  "description": "Optional. Specify the probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20."
                }
              }
            }
          },
          "nullable": true
        },
        "requestRoutingRuleType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Name of the request routing rule that is unique within an Application Gateway."
                }
              },
              "backendAddressPool": {
                "type": "string",
                "metadata": {
                  "description": "Required. Backend address pool resource of the application gateway."
                }
              },
              "backendHttpSettings": {
                "type": "string",
                "metadata": {
                  "description": "Required. Backend http settings resource of the application gateway."
                }
              },
              "httpListener": {
                "type": "string",
                "metadata": {
                  "description": "Required. Http listener resource of the application gateway."
                }
              },
              "loadDistributionPolicy": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Load Distribution Policy resource of the application gateway."
                }
              },
              "priority": {
                "type": "int",
                "metadata": {
                  "description": "Required. Priority of the request routing rule."
                }
              },
              "redirectConfiguration": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Redirect configuration resource of the application gateway."
                }
              },
              "rewriteRuleSet": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Rewrite Rule Set resource in Basic rule of the application gateway."
                }
              },
              "ruleType": {
                "type": "string",
                "allowedValues": [
                  "Basic",
                  "PathBasedRouting"
                ],
                "metadata": {
                  "description": "Required. Rule type."
                }
              },
              "urlPathMap": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. URL path map resource of the application gateway."
                }
              }
            }
          },
          "nullable": true
        },
        "ApplicationGatewayCustomErrorType": {
          "type": "object",
          "properties": {
            "customErrorPageUrl": {
              "type": "string"
            },
            "statusCode": {
              "type": "string",
              "allowedValues": [
                "HttpStatus400",
                "HttpStatus403",
                "HttpStatus404",
                "HttpStatus405",
                "HttpStatus408",
                "HttpStatus500",
                "HttpStatus502",
                "HttpStatus503",
                "HttpStatus504"
              ]
            }
          }
        },
        "httpListenerType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Name of the HTTP listener that is unique within an Application Gateway."
                }
              },
              "customErrorConfigurations": {
                "$ref": "#/definitions/ApplicationGatewayCustomErrorType",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Custom error configurations of the HTTP listener."
                }
              },
              "firewallPolicy": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Reference to the FirewallPolicy resource."
                }
              },
              "frontendIPConfiguration": {
                "type": "string",
                "metadata": {
                  "description": "Required. Frontend IP configuration resource of an application gateway."
                }
              },
              "frontendPort": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Frontend port resource of an application gateway."
                }
              },
              "hostName": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Host name of HTTP listener."
                }
              },
              "hostNames": {
                "type": "array",
                "items": {
                  "type": "string"
                },
                "nullable": true,
                "metadata": {
                  "description": "Optional. List of Host names for HTTP Listener that allows special wildcard characters as well."
                }
              },
              "protocol": {
                "type": "string",
                "allowedValues": [
                  "Http",
                  "Https",
                  "Tcp",
                  "Tls"
                ],
                "metadata": {
                  "description": "Optional. Custom error configurations of the HTTP listener."
                }
              },
              "requireServerNameIndication": {
                "type": "bool",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Applicable only if protocol is https. Enables SNI for multi-hosting."
                }
              },
              "sslCertificate": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. SSL certificate resource of an application gateway."
                }
              },
              "sslProfile": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. SSL profile resource of the application gateway."
                }
              }
            }
          },
          "nullable": true
        },
        "backendHttpSettingsCollectionType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Name of the backend settings that is unique within an Application Gateway."
                }
              },
              "hostName": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Server name indication to be sent to the backend servers for Tls protocol.."
                }
              },
              "pickHostNameFromBackendAddress": {
                "type": "bool",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Whether to pick server name indication from the host name of the backend server for Tls protocol. Default value is false."
                }
              },
              "port": {
                "type": "string",
                "metadata": {
                  "description": "Required. The destination port on the backend."
                }
              },
              "probe": {
                "type": "string",
                "metadata": {
                  "description": "Required. Probe resource of an application gateway."
                }
              },
              "protocol": {
                "type": "string",
                "allowedValues": [
                  "Http",
                  "Https",
                  "Tcp",
                  "Tls"
                ],
                "metadata": {
                  "description": "Required. The protocol used to communicate with the backend."
                }
              },
              "timeout": {
                "type": "int",
                "minValue": 1,
                "maxValue": 86400,
                "metadata": {
                  "description": "Required. Connection timeout in seconds. Application Gateway will fail the request if response is not received within ConnectionTimeout. Acceptable values are from 1 second to 86400 seconds."
                }
              },
              "trustedRootCertificates": {
                "type": "array",
                "items": {
                  "type": "string"
                },
                "nullable": true,
                "metadata": {
                  "description": "Required. Array of references to application gateway trusted root certificates."
                }
              }
            }
          },
          "nullable": true
        },
        "ApplicationGatewayBackendAddressType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "fqdn": {
                "type": "string",
                "nullable": true
              },
              "ipAddress": {
                "type": "string",
                "nullable": true
              }
            }
          }
        },
        "backendAddressPoolType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Name of the backend address pool that is unique within an Application Gateway."
                }
              },
              "backendAddresses": {
                "$ref": "#/definitions/ApplicationGatewayBackendAddressType",
                "metadata": {
                  "description": "Required. Application gateway backend address pool."
                }
              }
            }
          },
          "nullable": true
        },
        "ApplicationGatewaySslCertificateType": {
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "name": {
                "type": "string",
                "metadata": {
                  "description": "Required. Name of the SSL certificate that is unique within an Application Gateway."
                }
              },
              "data": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Base-64 encoded pfx certificate. Only applicable in PUT Request."
                }
              },
              "keyVaultSecretId": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault."
                }
              },
              "password": {
                "type": "string",
                "nullable": true,
                "metadata": {
                  "description": "Optional. Password for the pfx file specified in data. Only applicable in PUT request."
                }
              }
            }
          },
          "nullable": true
        }
      },
      "contentVersion": "1.0.0.0"
    },
    "parameters": {
      "sku": {
        "value": "WAF_v2"
      },
      "privateIP": {
        "value": "10.92.6.10"
      },
      "probes": {
        "value": [
          {
            "name": "healthprobe-default",
            "interval": 30,
            "match": {
              "statusCodes": [
                "200-399"
              ]
            },
            "minServers": 0,
            "path": "/",
            "pickHostNameFromBackendHttpSettings": true,
            "pickHostNameFromBackendSettings": false,
            "port": 80,
            "protocol": "Http",
            "timeout": 30,
            "unhealthyThreshold": 3
          }
        ]
      },
      "vnetName": {
        "value": "vnet-integration-nonprod-swc"
      },
      "frontEndPorts": {
        "value": [
          {
            "name": "http",
            "port": 80
          },
          {
            "name": "https",
            "port": 443
          }
        ]
      },
      "privateFrontendName": {
        "value": "agwPrivateFrontendIp"
      },
      "sslCertificates": {
        "value": []
      },
      "backendHttpSettingsCollections": {
        "value": [
          {
            "name": "test",
            "pickHostNameFromBackendAddress": true,
            "port": "80",
            "probe": "healthprobe-default",
            "protocol": "Http",
            "timeout": 30
          }
        ]
      },
      "vnetSubnetName": {
        "value": "snet-appgw"
      },
      "vnetRGName": {
        "value": "rg-infra-nonprod"
      },
      "requestRoutingRules": {
        "value": [
          {
            "name": "test",
            "backendHttpSettings": "test",
            "backendAddressPool": "apim-hpc-r1",
            "httpListener": "examplelistener",
            "priority": 3,
            "ruleType": "Basic"
          }
        ]
      },
      "backendAddressPools": {
        "value": [
          {
            "name": "apim-hpc-r1",
            "backendAddresses": [
              {
                "fqdn": "BACKENDADRESSFQDN"
              }
            ]
          }
        ]
      },
      "tags": {
        "value": {}
      },
      "publicFrontendName": {
        "value": "agwPublicFrontendIp"
      },
      "environment": {
        "value": "nonprod"
      },
      "httpListeners": {
        "value": [
          {
            "name": "examplelistener",
            "firewallPolicy": "waf-nonprod",
            "frontendIPConfiguration": "agwPrivateFrontendIp",
            "frontendPort": "http",
            "hostName": "EXAMPLEHOSTNAME",
            "protocol": "Http"
          }
        ]
      },
      "sslPolicy": {
        "value": {
          "cipherSuites": [
            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
          ],
          "minProtocolVersion": "TLSv1_2",
          "policyType": "CustomV2"
        }
      }
    },
    "mode": "Incremental"
  }
}

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
Accepted

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
Location                      : https://management.azure.com/subscriptions/SUBSCRIPTIOND/operationresults/eyJqb2JJZCI6IkRlcGxveW1lbnRXaGF0SWZKb2ItUkc6MkRBUFBHVzoyRE5PTlBST0QtNzA5QjRFN0Q6MkRFNzhDOjJENEZGQToyREIyRTU6MkQyNkE0QzMxMTJCOEEtQzk4MzhCOTQ6MkQwRjk4OjJENDc2NDoyREE0RDU6MkQzNUJBNjNCOTczQjYiLCJqb2JMb2NhdGlvbiI6InN3ZWRlbmNlbnRyYWwifQ?api-version=2022-09-01&t=638447920311288176&c=MIIHHjCCBgagAwIBAgITfwKVua8WD85fcpddlwAEApW5rzANBgkqhkiG9w0BAQsFADBEMRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYDQU1FMRgwFgYDVQQDEw9BTUUgSW5mcmEgQ0EgMDIwHhcNMjQwMTMwMDIwNjI3WhcNMjUwMTI0MDIwNjI3WjBAMT4wPAYDVQQDEzVhc3luY29wZXJhdGlvbnNpZ25pbmdjZXJ0aWZpY2F0ZS5tYW5hZ2VtZW50LmF6dXJlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL-aBOq-7WPUEuGWxyKwzwxwU4AnFYQ1wG3QPrQHR5_d6EfVmd_19f2l9lnqgWnTn_AoaWklL8v7IUSujh6ULLhc5XcTuYB_2w_VgDjnlHSI3q-Pck2-FTkQ4JH0lJRWC7mOd15mL-Yvt4BxfzJS7COkAT5e2qRh2KLryoAC0RatIMXGJYRaTpiiOAo-tzDyuFnHdtZgAoTzVurWcZNZl8PWSpp1CtjMHQz-RoKKco2ftpvBJJsZKTUvUVmKJCkg_N99yA0wXVPCekuP4SMSCpcBxkmYAalhw58MBjYX4M_V1zH7ERjh_qa71V5w5cAXkmWe6MsS_nfQ4XkZ_5c_b80CAwEAAaOCBAswggQHMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUHAwIwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhpDjDYTVtHiE8Ys-hZvdFs6dEoFggvX2K4Py0SACAWQCAQowggHaBggrBgEFBQcBAQSCAcwwggHIMGYGCCsGAQUFBzAChlpodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpaW5mcmEvQ2VydHMvQkwyUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwMig0KS5jcnQwVgYIKwYBBQUHMAKGSmh0dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0JMMlBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3J0MFYGCCsGAQUFBzAChkpodHRwOi8vY3JsMi5hbWUuZ2JsL2FpYS9CTDJQS0lJTlRDQTAxLkFNRS5HQkxfQU1FJTIwSW5mcmElMjBDQSUyMDAyKDQpLmNydDBWBggrBgEFBQcwAoZKaHR0cDovL2NybDMuYW1lLmdibC9haWEvQkwyUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwMig0KS5jcnQwVgYIKwYBBQUHMAKGSmh0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0JMMlBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3J0MB0GA1UdDgQWBBRG96ol681QhZp5pSqJ6oYOZNt0GzAOBgNVHQ8BAf8EBAMCBaAwggE1BgNVHR8EggEsMIIBKDCCASSgggEgoIIBHIZCaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NSTC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMS5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JsMBcGA1UdIAQQMA4wDAYKKwYBBAGCN3sBATAfBgNVHSMEGDAWgBSuecJrXSWIEwb2BwnDl3x7l48dVTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKKyAgJAkf6JZxLet4ea9iH2HJ_f1HvcVdJfcdpi8oDbTqA74VfwpfgAuboGp1Dxfz5bVflauzzjt_qdGY2Mg3AZsW1CF9KsffviftutQ_em6LBVWyYMbvf4BPcAJ1PLSwjAELsRMysZocC5gvDWrgMvFA1SfAq6khqAbIeAPqd0aTddcHAtS-LceawwUGup6SNsK_yHwLiu7_qR-0RSxvj5lJfViUuKZKrCJAoMZDMAH2C_4HnZPYptyGijrbSTn5A3Whoc6TOM1Mmw7-zZODT8RjZ62a_2hMS8at50D_uAtvTgOjZZyP6f3q5eIREJU-8uer5Rlmz97XHtmEJGoiY&s=dfHDeZlgW6XrXMHfyJwvotzBl3a4HxGpYtcuDzbBxpcFNt8W-JX1iyYgh7ezOBPbNI8wAjO7V2MzMqscAvyGaHAhyWirtmQuuqMLUfBu9gu_brodZ97apDUozM-IdrZT6JjDT3SwuVdJl_5WhXd6HsB33pQZg0tXPVNuxCuBcxhnCBn7P7wtp1454zA51THbXchbW8mrni7kQA_9QA6Yvg3eK4iwYyPCVESxzkRT-NVcZwNlpaz_ysyaN7u4VG3GQqc9WFVp6823Zq31U4Pa2rsTQ1qTq8tKoR_1vNA7O0ngUvtwoOZXzNimv_nh5kCFQfYnLqYoq1X98DA-opbhaQ&h=Ss8OwK4gB532K1VI2A_QV15occ1aFF2nz0fBqEeZWJc
Retry-After                   : 15
x-ms-ratelimit-remaining-subscription-writes: 1198
x-ms-request-id               : c9838b94-0f98-4764-a4d5-35ba63b973b6
x-ms-correlation-request-id   : c9838b94-0f98-4764-a4d5-35ba63b973b6
x-ms-routing-request-id       : FRANCESOUTH:20240229T082711Z:c9838b94-0f98-4764-a4d5-35ba63b973b6
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 29 Feb 2024 08:27:10 GMT

Body:

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions/SUBSCRIPTIOND/operationresults/eyJqb2JJZCI6IkRlcGxveW1lbnRXaGF0SWZKb2ItUkc6MkRBUFBHVzoyRE5PTlBST0QtNzA5QjRFN0Q6MkRFNzhDOjJENEZGQToyREIyRTU6MkQyNkE0QzMxMTJCOEEtQzk4MzhCOTQ6MkQwRjk4OjJENDc2NDoyREE0RDU6MkQzNUJBNjNCOTczQjYiLCJqb2JMb2NhdGlvbiI6InN3ZWRlbmNlbnRyYWwifQ?api-version=2022-09-01&t=638447920311288176&c=MIIHHjCCBgagAwIBAgITfwKVua8WD85fcpddlwAEApW5rzANBgkqhkiG9w0BAQsFADBEMRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYDQU1FMRgwFgYDVQQDEw9BTUUgSW5mcmEgQ0EgMDIwHhcNMjQwMTMwMDIwNjI3WhcNMjUwMTI0MDIwNjI3WjBAMT4wPAYDVQQDEzVhc3luY29wZXJhdGlvbnNpZ25pbmdjZXJ0aWZpY2F0ZS5tYW5hZ2VtZW50LmF6dXJlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL-aBOq-7WPUEuGWxyKwzwxwU4AnFYQ1wG3QPrQHR5_d6EfVmd_19f2l9lnqgWnTn_AoaWklL8v7IUSujh6ULLhc5XcTuYB_2w_VgDjnlHSI3q-Pck2-FTkQ4JH0lJRWC7mOd15mL-Yvt4BxfzJS7COkAT5e2qRh2KLryoAC0RatIMXGJYRaTpiiOAo-tzDyuFnHdtZgAoTzVurWcZNZl8PWSpp1CtjMHQz-RoKKco2ftpvBJJsZKTUvUVmKJCkg_N99yA0wXVPCekuP4SMSCpcBxkmYAalhw58MBjYX4M_V1zH7ERjh_qa71V5w5cAXkmWe6MsS_nfQ4XkZ_5c_b80CAwEAAaOCBAswggQHMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUHAwIwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhpDjDYTVtHiE8Ys-hZvdFs6dEoFggvX2K4Py0SACAWQCAQowggHaBggrBgEFBQcBAQSCAcwwggHIMGYGCCsGAQUFBzAChlpodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpaW5mcmEvQ2VydHMvQkwyUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwMig0KS5jcnQwVgYIKwYBBQUHMAKGSmh0dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0JMMlBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3J0MFYGCCsGAQUFBzAChkpodHRwOi8vY3JsMi5hbWUuZ2JsL2FpYS9CTDJQS0lJTlRDQTAxLkFNRS5HQkxfQU1FJTIwSW5mcmElMjBDQSUyMDAyKDQpLmNydDBWBggrBgEFBQcwAoZKaHR0cDovL2NybDMuYW1lLmdibC9haWEvQkwyUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwMig0KS5jcnQwVgYIKwYBBQUHMAKGSmh0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0JMMlBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3J0MB0GA1UdDgQWBBRG96ol681QhZp5pSqJ6oYOZNt0GzAOBgNVHQ8BAf8EBAMCBaAwggE1BgNVHR8EggEsMIIBKDCCASSgggEgoIIBHIZCaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NSTC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMS5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JshjRodHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDIoNCkuY3JsMBcGA1UdIAQQMA4wDAYKKwYBBAGCN3sBATAfBgNVHSMEGDAWgBSuecJrXSWIEwb2BwnDl3x7l48dVTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKKyAgJAkf6JZxLet4ea9iH2HJ_f1HvcVdJfcdpi8oDbTqA74VfwpfgAuboGp1Dxfz5bVflauzzjt_qdGY2Mg3AZsW1CF9KsffviftutQ_em6LBVWyYMbvf4BPcAJ1PLSwjAELsRMysZocC5gvDWrgMvFA1SfAq6khqAbIeAPqd0aTddcHAtS-LceawwUGup6SNsK_yHwLiu7_qR-0RSxvj5lJfViUuKZKrCJAoMZDMAH2C_4HnZPYptyGijrbSTn5A3Whoc6TOM1Mmw7-zZODT8RjZ62a_2hMS8at50D_uAtvTgOjZZyP6f3q5eIREJU-8uer5Rlmz97XHtmEJGoiY&s=dfHDeZlgW6XrXMHfyJwvotzBl3a4HxGpYtcuDzbBxpcFNt8W-JX1iyYgh7ezOBPbNI8wAjO7V2MzMqscAvyGaHAhyWirtmQuuqMLUfBu9gu_brodZ97apDUozM-IdrZT6JjDT3SwuVdJl_5WhXd6HsB33pQZg0tXPVNuxCuBcxhnCBn7P7wtp1454zA51THbXchbW8mrni7kQA_9QA6Yvg3eK4iwYyPCVESxzkRT-NVcZwNlpaz_ysyaN7u4VG3GQqc9WFVp6823Zq31U4Pa2rsTQ1qTq8tKoR_1vNA7O0ngUvtwoOZXzNimv_nh5kCFQfYnLqYoq1X98DA-opbhaQ&h=Ss8OwK4gB532K1VI2A_QV15occ1aFF2nz0fBqEeZWJc

Headers:
x-ms-client-request-id        : 14164e44-0b2a-47bc-b179-e738dbd60dda

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-subscription-reads: 11993
x-ms-request-id               : 741509ef-4712-41e3-89b8-43dab168800b
x-ms-correlation-request-id   : 741509ef-4712-41e3-89b8-43dab168800b
x-ms-routing-request-id       : FRANCESOUTH:20240229T082726Z:741509ef-4712-41e3-89b8-43dab168800b
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 29 Feb 2024 08:27:25 GMT

Body:
{
  "status": "Failed",
  "error": {
    "code": "InvalidTemplate",
    "message": "Deployment template validation failed: 'One of template parameters has empty or invalid content. Please see https://aka.ms/arm-syntax-parameters for usage details.'.",
    "additionalInfo": [
      {
        "type": "TemplateViolation",
        "info": {
          "lineNumber": 0,
          "linePosition": 0,
          "path": ""
        }
      }
    ]
  }
}

DEBUG: 09:27:26 - [ConfigManager] Got nothing from [DisableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 09:27:26 - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
New-AzResourceGroupDeployment:
InvalidTemplate - Long running operation failed with status 'Failed'. Additional Info:'Deployment template validation failed: 'One of template parameters has empty or invalid content. Please see https://aka.ms/arm-syntax-parameters for usage details.'.'
DEBUG: 09:27:26 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 09:27:26 - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 09:27:26 - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Resources:6.15.1; CommandName: New-AzResourceGroupDeployment; PSVersion: 7.4.1; IsSuccess: False; Duration: 00:00:21.0718431; Exception:
InvalidTemplate - Long running operation failed with status 'Failed'. Additional Info:'Deployment template validation failed: 'One of template parameters has empty or invalid content. Please see https://aka.ms/arm-syntax-parameters for usage details.'.';
DEBUG: 09:27:26 - NewAzureResourceGroupDeploymentCmdlet end processing.

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.1
PSEdition                      Core
GitCommitId                    7.4.1
OS                             Microsoft Windows 10.0.19045
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}       
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

PS C:\git\ApplicationGateway> Get-Module Az*   

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     11.3.1                az
Script     2.15.1                Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     2.0.0                 Az.Advisor                          {Disable-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, Get-AzAdvisorConfiguration, Get-AzAdvisorRecommendation…}
Script     6.0.1                 Az.Aks                              {Disable-AzAksAddOn, Enable-AzAksAddOn, Get-AzAksCluster, Get-AzAksNodePool…}
Script     1.1.4                 Az.AnalysisServices                 {Add-AzAnalysisServicesAccount, Export-AzAnalysisServicesInstanceLog, Get-AzAnalysisServicesServer, New-AzAnalysisServicesFirewall… 
Script     4.0.2                 Az.ApiManagement                    {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-AzApiManagementProductToGroup, Add-AzApiManagementRegion…}   
Script     1.0.0                 Az.App                              {Disable-AzContainerAppRevision, Enable-AzContainerAppRevision, Get-AzContainerApp, Get-AzContainerAppAuthConfig…}
Script     1.3.0                 Az.AppConfiguration                 {Clear-AzAppConfigurationDeletedStore, Get-AzAppConfigurationDeletedStore, Get-AzAppConfigurationKey, Get-AzAppConfigurationKeyVal… 
Script     2.2.3                 Az.ApplicationInsights              {Get-AzApplicationInsights, Get-AzApplicationInsightsApiKey, Get-AzApplicationInsightsContinuousExport, Get-AzApplicationInsightsL…
Script     1.0.0                 Az.ArcResourceBridge                {Get-AzArcResourceBridge, Get-AzArcResourceBridgeApplianceCredential, Get-AzArcResourceBridgeCredential, Get-AzArcResourceBridgeTe… 
Script     2.0.0                 Az.Attestation                      {Add-AzAttestationPolicySigner, Get-AzAttestationPolicy, Get-AzAttestationPolicySigners, Remove-AzAttestationPolicySigner…}
Script     1.0.0                 Az.Automanage                       {Get-AzAutomanageBestPractice, Get-AzAutomanageConfigProfile, Get-AzAutomanageConfigProfileAssignment, Get-AzAutomanageConfigProfi… 
Script     1.10.0                Az.Automation                       {Export-AzAutomationDscConfiguration, Export-AzAutomationDscNodeReportContent, Export-AzAutomationRunbook, Get-AzAutomationAccount… 
Script     3.5.0                 Az.Batch                            {Disable-AzBatchAutoScale, Disable-AzBatchComputeNodeScheduling, Disable-AzBatchJob, Disable-AzBatchJobSchedule…}
Script     2.0.3                 Az.Billing                          {Get-AzBillingAccount, Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzBillingProfile…}
Script     3.1.1                 Az.Cdn                              {Clear-AzCdnEndpointContent, Clear-AzFrontDoorCdnEndpointContent, Disable-AzCdnCustomDomainCustomHttps, Enable-AzCdnCustomDomainCu… 
Script     2.0.0                 Az.CloudService                     {Get-AzCloudService, Get-AzCloudServiceInstanceView, Get-AzCloudServiceNetworkInterface, Get-AzCloudServiceOSFamily…}
Script     1.14.1                Az.CognitiveServices                {Add-AzCognitiveServicesAccountNetworkRule, Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountCommitmentPlan, Get-AzCo… 
Script     7.1.1                 Az.Compute                          {Add-AzImageDataDisk, Add-AzVhd, Add-AzVMAdditionalUnattendContent, Add-AzVMDataDisk…}
Script     1.0.0                 Az.ConfidentialLedger               {Get-AzConfidentialLedger, New-AzConfidentialLedger, New-AzConfidentialLedgerAADBasedSecurityPrincipalObject, New-AzConfidentialLe… 
Script     4.0.0                 Az.ContainerInstance                {Add-AzContainerInstanceOutput, Get-AzContainerGroup, Get-AzContainerInstanceCachedImage, Get-AzContainerInstanceCapability…}       
Script     4.1.3                 Az.ContainerRegistry                {Connect-AzContainerRegistry, Get-AzContainerRegistryManifest, Get-AzContainerRegistryRepository, Get-AzContainerRegistryTag…}      
Script     1.14.0                Az.CosmosDB                         {Get-AzCosmosDBAccount, Get-AzCosmosDBAccountKey, Get-AzCosmosDBCassandraKeyspace, Get-AzCosmosDBCassandraKeyspaceThroughput…}      
Script     1.1.0                 Az.DataBoxEdge                      {Get-AzDataBoxEdgeBandwidthSchedule, Get-AzDataBoxEdgeDevice, Get-AzDataBoxEdgeJob, Get-AzDataBoxEdgeOrder…}
Script     1.7.1                 Az.Databricks                       {Get-AzDatabricksAccessConnector, Get-AzDatabricksOutboundNetworkDependenciesEndpoint, Get-AzDatabricksVNetPeering, Get-AzDatabric… 
Script     1.18.1                Az.DataFactory                      {Add-AzDataFactoryV2DataFlowDebugSessionPackage, Add-AzDataFactoryV2TriggerSubscription, Get-AzDataFactory, Get-AzDataFactoryActiv… 
Script     1.0.3                 Az.DataLakeAnalytics                {Add-AzDataLakeAnalyticsDataSource, Add-AzDataLakeAnalyticsFirewallRule, Get-AzDataLakeAnalyticsAccount, Get-AzDataLakeAnalyticsCa… 
Script     1.3.0                 Az.DataLakeStore                    {Add-AzDataLakeStoreFirewallRule, Add-AzDataLakeStoreItemContent, Add-AzDataLakeStoreTrustedIdProvider, Add-AzDataLakeStoreVirtual… 
Script     2.2.0                 Az.DataProtection                   {Backup-AzDataProtectionBackupInstanceAdhoc, Edit-AzDataProtectionPolicyRetentionRuleClientObject, Edit-AzDataProtectionPolicyTagC… 
Script     1.0.1                 Az.DataShare                        {Get-AzDataShare, Get-AzDataShareAccount, Get-AzDataShareDataSet, Get-AzDataShareDataSetMapping…}
Script     4.3.0                 Az.DesktopVirtualization            {Disconnect-AzWvdUserSession, Expand-AzWvdMsixImage, Get-AzWvdApplication, Get-AzWvdApplicationGroup…}
Script     1.1.0                 Az.DevCenter                        {Deploy-AzDevCenterUserEnvironment, Get-AzDevCenterAdminAttachedNetwork, Get-AzDevCenterAdminCatalog, Get-AzDevCenterAdminCatalogS…
Script     1.0.2                 Az.DevTestLabs                      {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAutoStartPolicy, Get-AzDtlVMsPerLabPolicy…}
Script     1.2.0                 Az.Dns                              {Add-AzDnsRecordConfig, Get-AzDnsRecordSet, Get-AzDnsZone, New-AzDnsRecordConfig…}
Script     1.0.0                 Az.ElasticSan                       {Add-AzElasticSanVolumeGroupNetworkRule, Get-AzElasticSan, Get-AzElasticSanSkuList, Get-AzElasticSanVolume…}
Script     1.6.0                 Az.EventGrid                        {Enable-AzEventGridPartnerTopic, Get-AzEventGridChannel, Get-AzEventGridDomain, Get-AzEventGridDomainKey…}
Script     4.2.0                 Az.EventHub                         {New-AzEventHubAuthorizationRuleSASToken, Approve-AzEventHubPrivateEndpointConnection, Deny-AzEventHubPrivateEndpointConnection, G… 
Script     1.10.0                Az.FrontDoor                        {Disable-AzFrontDoorCustomDomainHttps, Enable-AzFrontDoorCustomDomainHttps, Get-AzFrontDoor, Get-AzFrontDoorFrontendEndpoint…}      
Script     4.0.7                 Az.Functions                        {Get-AzFunctionApp, Get-AzFunctionAppAvailableLocation, Get-AzFunctionAppPlan, Get-AzFunctionAppSetting…}
Script     6.1.0                 Az.HDInsight                        {Add-AzHDInsightClusterIdentity, Add-AzHDInsightComponentVersion, Add-AzHDInsightConfigValue, Add-AzHDInsightMetastore…}
Script     2.0.0                 Az.HealthcareApis                   {Get-AzHealthcareApisService, Get-AzHealthcareApisWorkspace, Get-AzHealthcareDicomService, Get-AzHealthcareFhirDestination…}        
Script     2.7.5                 Az.IotHub                           {Add-AzIotHubCertificate, Add-AzIotHubConfiguration, Add-AzIotHubDeployment, Add-AzIotHubDevice…}
Script     5.2.0                 Az.KeyVault                         {Add-AzKeyVaultCertificate, Add-AzKeyVaultCertificateContact, Add-AzKeyVaultKey, Add-AzKeyVaultManagedStorageAccount…}
Script     2.3.0                 Az.Kusto                            {Add-AzKustoClusterLanguageExtension, Add-AzKustoDatabasePrincipal, Get-AzKustoAttachedDatabaseConfiguration, Get-AzKustoCluster…}  
Script     1.0.0                 Az.LoadTesting                      {Get-AzLoad, New-AzLoad, Remove-AzLoad, Update-AzLoad}
Script     1.5.0                 Az.LogicApp                         {Get-AzIntegrationAccount, Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountAssembly, Get-AzIntegrationAccountBatchConfi… 
Script     1.1.3                 Az.MachineLearning                  {Add-AzMlWebServiceRegionalProperty, Export-AzMlWebService, Get-AzMlCommitmentAssociation, Get-AzMlCommitmentPlan…}
Script     1.0.0                 Az.MachineLearningServices          {Get-AzMLServiceQuota, Get-AzMLServiceUsage, Get-AzMLServiceVMSize, Get-AzMLWorkspace…}
Script     1.4.1                 Az.Maintenance                      {Get-AzApplyUpdate, Get-AzConfigurationAssignment, Get-AzMaintenanceConfiguration, Get-AzMaintenancePublicConfiguration…}
Script     1.2.0                 Az.ManagedServiceIdentity           {Get-AzFederatedIdentityCredential, Get-AzSystemAssignedIdentity, Get-AzUserAssignedIdentity, Get-AzUserAssignedIdentityAssociated… 
Script     3.0.0                 Az.ManagedServices                  {Get-AzManagedServicesAssignment, Get-AzManagedServicesDefinition, Get-AzManagedServicesMarketplaceDefinition, New-AzManagedServic… 
Script     2.0.0                 Az.MarketplaceOrdering              {Get-AzMarketplaceTerms, Invoke-AzMarketplaceSignTerms, Set-AzMarketplaceTerms, Stop-AzMarketplaceTerms}
Script     1.1.2                 Az.Media                            {Get-AzMediaService, Get-AzMediaServiceKey, Get-AzMediaServiceNameAvailability, New-AzMediaService…}
Script     2.3.0                 Az.Migrate                          {Get-AzMigrateDiscoveredServer, Get-AzMigrateHCIJob, Get-AzMigrateHCIReplicationFabric, Get-AzMigrateHCIServerReplication…}
Script     5.0.1                 Az.Monitor                          {Add-AzLogProfile, Add-AzMetricAlertRule, Add-AzMetricAlertRuleV2, Add-AzWebtestAlertRule…}
Script     1.1.1                 Az.MySql                            {Get-AzMySqlConfiguration, Get-AzMySqlConnectionString, Get-AzMySqlFirewallRule, Get-AzMySqlFlexibleServer…}
Script     7.4.0                 Az.Network                          {Add-AzApplicationGatewayAuthenticationCertificate, Add-AzApplicationGatewayBackendAddressPool, Add-AzApplicationGatewayBackendHtt… 
Script     1.0.0                 Az.NetworkCloud                     {Deploy-AzNetworkCloudCluster, Disable-AzNetworkCloudStorageApplianceRemoteVendorManagement, Enable-AzNetworkCloudStorageAppliance… 
Script     1.0.0                 Az.Nginx                            {Get-AzNginxCertificate, Get-AzNginxConfiguration, Get-AzNginxDeployment, New-AzNginxCertificate…}
Script     1.1.2                 Az.NotificationHubs                 {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRule, Get-AzNotificationHubListKey, Get-AzNotificationHubPNSCredential…}  
Script     3.2.0                 Az.OperationalInsights              {Disable-AzOperationalInsightsIISLogCollection, Disable-AzOperationalInsightsLinuxCustomLogCollection, Disable-AzOperationalInsigh… 
Script     1.6.4                 Az.PolicyInsights                   {Get-AzPolicyAttestation, Get-AzPolicyEvent, Get-AzPolicyMetadata, Get-AzPolicyRemediation…}
Script     1.1.0                 Az.PostgreSql                       {Get-AzPostgreSqlConfiguration, Get-AzPostgreSqlConnectionString, Get-AzPostgreSqlFirewallRule, Get-AzPostgreSqlFlexibleServer…}    
Script     2.0.0                 Az.PowerBIEmbedded                  {Get-AzPowerBIEmbeddedCapacity, New-AzPowerBIEmbeddedCapacity, Remove-AzPowerBIEmbeddedCapacity, Resume-AzPowerBIEmbeddedCapacity…} 
Script     1.0.4                 Az.PrivateDns                       {Add-AzPrivateDnsRecordConfig, Get-AzPrivateDnsRecordSet, Get-AzPrivateDnsVirtualNetworkLink, Get-AzPrivateDnsZone…}
Script     6.7.1                 Az.RecoveryServices                 {Add-AzRecoveryServicesAsrReplicationProtectedItemDisk, Backup-AzRecoveryServicesBackupItem, Copy-AzRecoveryServicesVault, Disable… 
Script     1.8.1                 Az.RedisCache                       {Export-AzRedisCache, Get-AzRedisCache, Get-AzRedisCacheFirewallRule, Get-AzRedisCacheKey…}
Script     1.2.0                 Az.RedisEnterpriseCache             {Export-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCacheDatabase, Get-AzRedisEnterpriseCacheKey…}     
Script     2.0.0                 Az.Relay                            {Get-AzRelayAuthorizationRule, Get-AzRelayHybridConnection, Get-AzRelayKey, Get-AzRelayNamespace…}
Script     1.2.0                 Az.ResourceMover                    {Add-AzResourceMoverMoveResource, Get-AzResourceMoverMoveCollection, Get-AzResourceMoverMoveResource, Get-AzResourceMoverRequiredF… 
Script     6.15.1                Az.Resources                        {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Script     1.5.1                 Az.Security                         {Add-AzSecurityAdaptiveNetworkHardening, Add-AzSecuritySqlVulnerabilityAssessmentBaseline, Confirm-AzSecurityAutomation, Disable-A… 
Script     3.1.1                 Az.SecurityInsights                 {Get-AzSentinelAlertRule, Get-AzSentinelAlertRuleAction, Get-AzSentinelAlertRuleTemplate, Get-AzSentinelAutomationRule…}
Script     3.0.0                 Az.ServiceBus                       {New-AzServiceBusAuthorizationRuleSASToken, Test-AzServiceBusNameAvailability, Approve-AzServiceBusPrivateEndpointConnection, Comp… 
Script     3.3.2                 Az.ServiceFabric                    {Add-AzServiceFabricClientCertificate, Add-AzServiceFabricManagedClusterClientCertificate, Add-AzServiceFabricManagedClusterNetwor… 
Script     2.0.0                 Az.SignalR                          {Get-AzSignalR, Get-AzSignalRKey, Get-AzSignalRUsage, New-AzSignalR…}
Script     4.14.0                Az.Sql                              {Add-AzSqlDatabaseToFailoverGroup, Add-AzSqlElasticJobStep, Add-AzSqlElasticJobTarget, Add-AzSqlInstanceKeyVaultKey…}
Script     2.2.0                 Az.SqlVirtualMachine                {Get-AzAvailabilityGroupListener, Get-AzSqlVM, Get-AzSqlVMGroup, Invoke-AzRedeploySqlVM…}
Script     2.3.0                 Az.StackHCI                         {Add-AzStackHCIVMAttestation, Disable-AzStackHCIAttestation, Disable-AzStackHCIRemoteSupport, Enable-AzStackHCIAttestation…}        
Script     1.0.0                 Az.StackHCIVM                       {Add-AzStackHCIVMVirtualMachineDataDisk, Add-AzStackHCIVMVirtualMachineNetworkInterface, Get-AzStackHCIVMImage, Get-AzStackHCIVMLo…
Script     6.1.1                 Az.Storage                          {Add-AzRmStorageContainerLegalHold, Add-AzStorageAccountManagementPolicyAction, Add-AzStorageAccountNetworkRule, Close-AzStorageFi… 
Script     1.3.0                 Az.StorageMover                     {Get-AzStorageMover, Get-AzStorageMoverAgent, Get-AzStorageMoverEndpoint, Get-AzStorageMoverJobDefinition…}
Script     2.1.1                 Az.StorageSync                      {Get-AzStorageSyncCloudEndpoint, Get-AzStorageSyncGroup, Get-AzStorageSyncServer, Get-AzStorageSyncServerEndpoint…}
Script     2.0.0                 Az.StreamAnalytics                  {Get-AzStreamAnalyticsCluster, Get-AzStreamAnalyticsClusterStreamingJob, Get-AzStreamAnalyticsDefaultFunctionDefinition, Get-AzStr… 
Script     1.0.0                 Az.Support                          {Get-AzSupportProblemClassification, Get-AzSupportService, Get-AzSupportTicket, Get-AzSupportTicketCommunication…}
Script     3.0.5                 Az.Synapse                          {Add-AzSynapseDataFlowDebugSessionPackage, Add-AzSynapseTriggerSubscription, Clear-AzSynapseSqlPoolVulnerabilityAssessmentRuleBase… 
Script     1.2.2                 Az.TrafficManager                   {Add-AzTrafficManagerCustomHeaderToEndpoint, Add-AzTrafficManagerCustomHeaderToProfile, Add-AzTrafficManagerEndpointConfig, Add-Az… 
Script     3.2.0                 Az.Websites                         {Add-AzWebAppAccessRestrictionRule, Add-AzWebAppTrafficRouting, Edit-AzWebAppBackupConfiguration, Get-AzAppServiceEnvironment…}

Error output

HistoryId: 12

RequestId      : 
Message        : 
                 InvalidTemplate - Long running operation failed with status 'Failed'. Additional Info:'Deployment template validation failed: 'One of template parameters has empty or invalid content. 
                  Please see https://aka.ms/arm-syntax-parameters for usage details.'.'
ServerMessage  : 
ServerResponse : 
RequestMessage : 
InvocationInfo : {New-AzResourceGroupDeployment}
Line           : new-azresourcegroupdeployment -resourcegroupname 'rg-appgw-nonprod' -TemplateParameterFile .\environments\nonprod.bicepparam -whatif
Position       : At line:1 char:1
                 + new-azresourcegroupdeployment -resourcegroupname 'rg-appgw-nonprod' - …
                 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
StackTrace     :    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.HandleException(ExceptionDispatchInfo capturedException)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.ExecuteCmdlet()
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
HistoryId      : 12
microsoft-github-policy-service[bot] commented 8 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @Azure/deployments-owners.

SebastianClaesson commented 8 months ago

Thanks @anthony-c-martin , It's confirmed working with the 11.4.0 release.

image