Microsoft.Cache/redis/linkedServers: Redis cache with geo-replication enabled is not idempotent.

[Meertman]

Resource Type

Microsoft.Cache/redis/linkedServers

Api Version

2022-06-01

Issue Type

Resource fails to deploy

Other Notes

When deploying a linked server to a Redis cache it successfully sets up geo-replication.

When re-running the bicep template without changing the template however, the response returns with an error message instead of a successful deploy: BadRequest: Cannot create geo-replication link, since this cache is already linked to another cache.

Bicep Repro

`@description('Optional: The location for the Azure resource.') param location string = resourceGroup().location

@description('Optional: A value indicating whether case geo-replication needs to be setup.') param EnableGeoReplication bool = false

@description('Optional: The primary location for the Redis cache (in case geo-replication needs to be setup).') param PrimaryLocation string = 'westeurope'

var _location = toLower(replace(location, ' ', '')) var _primaryLocation = !empty(PrimaryLocation) ? toLower(PrimaryLocation) : 'westeurope' var _isPrimaryRedisCache = _location == _primaryLocation

var _primaryCacheName = toLower('redis-test')

var _locationSuffixes = { westeurope: 'weu' northeurope: 'neu' }

var _deployToSecondaryLocation = _location != _primaryLocation var _cacheName = _deployToSecondaryLocation ? '${_primaryCacheName}-${_locationSuffixes[_location]}' : _primaryCacheName

resource RedisCache 'Microsoft.Cache/redis@2022-06-01' = { name: _cacheName location: _location properties: { enableNonSslPort: false minimumTlsVersion: '1.2' redisVersion: '6' sku: { capacity: 1 family: 'P' name: 'Premium' } } }

resource PrimaryRedisCache 'Microsoft.Cache/redis@2022-06-01' existing = if (_enableGeoReplication && !_isPrimaryRedisCache) { name: _primaryCacheName }

resource LinkedServer 'Microsoft.Cache/redis/linkedServers@2022-06-01' = if (_enableGeoReplication && !_isPrimaryRedisCache) { name: _primaryCacheName parent: RedisCache properties: { linkedRedisCacheId: PrimaryRedisCache.id linkedRedisCacheLocation: _primaryLocation serverRole: 'Primary' } }

output redisName string = RedisCache.name`

Confirm

• [X] I have read the troubleshooting guide and looked for duplicates.

[Meertman]

Linking this issue to https://github.com/Azure/bicep-types-az/issues/1760, https://github.com/Azure/bicep-types-az/issues/1710 and https://github.com/Azure/bicep-types-az/issues/1458 as these issues seem similar.

[Meertman]

Additionally I've noticed that if you add other deployments, e.g. a role assignment for an existing managed identity or a private endpoint or diagnostic settings that you need to make sure that the linkedServer deployment is dependent upon these so it comes in last, as otherwise you get the error message described in https://github.com/Azure/bicep-types-az/issues/1760

[Meertman]

Additionaly when deploying with a private endpoint and running the template twice, you'll get an error message stating: BadRequest: This cache is geo replicated and cannot be the target of a private endpoint.

Also shortly discussed here: https://github.com/hashicorp/terraform-provider-azurerm/issues/20909

[Meertman]

Also mentioned this on the ResourceModules repository in order to see if the community can find a solution for this: https://github.com/Azure/bicep-registry-modules/issues/2411

[microsoft-github-policy-service[bot]]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @yegu-ms. Please see https://aka.ms/biceptypesinfo for troubleshooting help.