search

Azure / bicep-types-az

Bicep type definitions for ARM resources
MIT License
83 stars 26 forks source link

Microsoft.Network/privateEndpoints not idempotent with Microsoft.ApiManagement/service #2220

Open cmptscpeacock opened 2 months ago

cmptscpeacock commented 2 months ago

Bicep version 0.27.1

Describe the bug I have deployed an Azure API Management Service (APIMS) using the Developer SKU, User Managed Identity and only the required properties of publisherEmail and publisherName. I can deploy the bicep repeatedly without an issue. APIMS api version 2023-05-01

I then add a Private Endpoint to the APIMS and this deploys fine.

The next time I run the bicep, not changing anything, the following error is seen:

• Call to Microsoft.ApiManagement/service failed. Error message: Private endpoint with name PRIVATE-ENDPOINT-NAME already exists for Api Management service /subscriptions/ID/resourceGroups/RG-NAME/providers/Microsoft.ApiManagement/service/APIM-NAME (Code: PrivateEndpointBadRequest)

Therefore, appears not to be idempotent.

To Reproduce

This is the privateEndpoints.bicep file:

param name string
param location string
param tags object
param properties object

resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-11-01' = {
  name: name
  location: location
  tags: tags
  properties: properties
}

output privateEndpointName string = privateEndpoint.name
output privateEndpointId string = privateEndpoint.id

This is the private endpoint resource being deployed:

module apiManagementServicePE 'modules/privateEndpoints.bicep' = {
  scope: resourceGroup()
  name: 'pe-${apiManagementServiceName}'
  params: {
    name: 'pe-${apiManagementServiceName}'
    location: location
    tags: tagging
    properties: {
      subnet: {
        id: subnetId
      }
      privateLinkServiceConnections: [
        {
          name: 'pe-${apiManagementServiceName}'
          properties: {
            privateLinkServiceId: apiManagementService.outputs.apiManagementServiceId
            groupIds: [
              'Gateway'
            ]
          }
        }
      ]
    }
  }
}

The PE has been used on many other resources without any issue. Some APIMS seems to have an issue.

Additional context

The APIMS redeploys fine with no issues. It's the PE that fails.

stephaniezyen commented 2 months ago

This is a Micosoft.Network resource provider issue unfortunately, please open a support ticket with the Network RP team and we will try to route it on our end.

erwinkramer commented 1 month ago

Same issue here, raised ticket with id 2407240050004816

janinternet commented 1 month ago

Same issue.

Call to Microsoft.ApiManagement/service failed. Error message: Private endpoint with name already exists for Api Management service /subscriptions//resourceGroups//providers/Microsoft.ApiManagement/service/(Code: PrivateEndpointBadRequest)

Using Microsoft.ApiManagement/service@2023-09-01-preview and Microsoft.Network/privateEndpoints@2024-01-01. SKU Developer and virtualNetworkType none.

janinternet commented 1 month ago

Same issue here, raised ticket with id 2407240050004816

Any updates?

erwinkramer commented 1 month ago

Same issue here, raised ticket with id 2407240050004816

Any updates?

It got routed to the APIM team, but it's best to also raise a ticket as well so it gets more attention.

erwinkramer commented 1 month ago

Seems fixed for me. Tested on Europe West.