Azure
New-AzSubscriptionDeploymentStack doesn't report validation errors unless you supply -Debug
Description
I'm using New-AzSubscriptionDeploymentStack like this:
$aksDeployment = New-AzSubscriptionDeploymentStack `
-Name $stackName `
-Location $environment.location `
-TemplateFile $templateFile `
-TemplateParameterFile $parametersFile `
-DenySettingsMode none `
-ActionOnUnmanage DeleteAll `
-Force `
-Verbose
...and if there's a bicep validation error or error being able to run the stack I get this:
Line |
64 | $aksDeployment = New-AzSubscriptionDeploymentStack `
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 12:52:54 - Error: Code=; Message=Long running operation failed with status 'BadRequest'.
There's nothing to tell me actually what happened.
However, if I run the stack with the -Debug, I see this:
Body:
{
"error": {
"code": "InvalidTemplateDeployment",
"message": "The template deployment 'dev-aks-001' is not valid according to the validation procedure. The tracking id is 'f8c83520-b82c-4685-9249-bd57198ac452'. See inner errors for details.",
"details": [
{
"code": "QuotaExceeded",
"message": "Preflight validation check for resource(s) for container service dev-aks-001 in resource group rg-dev-aks-001 failed. Message: Preflight validation check for resource(s) for container service dev-aks-001 in resource group MC_aks-dev-001_uksouth failed. Message: Operation could not be completed as it results in exceeding approved LowPriorityCores quota. Additional details - Deployment Model: Resource Manager, Location: uksouth, Current Limit: 3, Current Usage: 0, Additional Required: 4, (Minimum) New Limit Required: 4. Setup Alerts when Quota reaches threshold. Learn more at https://aka.ms/quotamonitoringalerting . Submit a request for Quota increase at https://aka.ms/ProdportalCRP/#blade/Microsoft_Azure_Capacity/ by specifying parameters listed in the ‘Details’ section for deployment to succeed. Please read more about quota limits at https://docs.microsoft.com/en-us/azure/azure-portal/supportability/low-priority-quota. Details: . Details: "
}
]
},
"properties": {}
}
I would expect a more suitable exception to be thrown given that the precise error is in the stack api response body?
The behaviour also occurs if I mangle the parameters on a bicep module within the stack. The precise error is lost.
Issue script & Debug output
I'm using New-AzSubscriptionDeploymentStack like this:
$aksDeployment = New-AzSubscriptionDeploymentStack `
-Name $stackName `
-Location $environment.location `
-TemplateFile $templateFile `
-TemplateParameterFile $parametersFile `
-DenySettingsMode none `
-ActionOnUnmanage DeleteAll `
-Force `
-Verbose
...and if there's a bicep validation error or error being able to run the stack I get this:
Line |
64 | $aksDeployment = New-AzSubscriptionDeploymentStack `
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 12:52:54 - Error: Code=; Message=Long running operation failed with status 'BadRequest'.
There's nothing to tell me actually what happened.
However, if I run the stack with the -Debug, I see this:
Body:
{
"error": {
"code": "InvalidTemplateDeployment",
"message": "The template deployment 'dev-aks-001' is not valid according to the validation procedure. The tracking id is 'f8c83520-b82c-4685-9249-bd57198ac452'. See inner errors for details.",
"details": [
{
"code": "QuotaExceeded",
"message": "Preflight validation check for resource(s) for container service dev-aks-001 in resource group rg-dev-aks-001 failed. Message: Preflight validation check for resource(s) for container service dev-aks-001 in resource group MC_aks-dev-001_uksouth failed. Message: Operation could not be completed as it results in exceeding approved LowPriorityCores quota. Additional details - Deployment Model: Resource Manager, Location: uksouth, Current Limit: 3, Current Usage: 0, Additional Required: 4, (Minimum) New Limit Required: 4. Setup Alerts when Quota reaches threshold. Learn more at https://aka.ms/quotamonitoringalerting . Submit a request for Quota increase at https://aka.ms/ProdportalCRP/#blade/Microsoft_Azure_Capacity/ by specifying parameters listed in the ‘Details’ section for deployment to succeed. Please read more about quota limits at https://docs.microsoft.com/en-us/azure/azure-portal/supportability/low-priority-quota. Details: . Details: "
}
]
},
"properties": {}
}
### Environment data
```PowerShell
Name Value
---- -----
PSVersion 7.4.2
PSEdition Core
GitCommitId 7.4.2
OS Microsoft Windows 10.0.19045
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Module versions
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 3.0.0 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script 6.0.0 Az.KeyVault {Add-AzKeyVaultCertificate, Add-AzKeyVaultCertificateContact, Add-AzKeyVaultKey, Add-AzKeyVaultManagedStorageAccount…}
Script 7.1.0 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Error output
Message : 12:52:54 - Error: Code=; Message=Long running operation failed with status 'BadRequest'.
StackTrace :
Exception : System.Exception
InvocationInfo : {New-AzSubscriptionDeploymentStack}
Line : $aksDeployment = New-AzSubscriptionDeploymentStack `
Position : At C:\git\enterprise\5-Deploy-AKS.ps1:64 char:18
+ $aksDeployment = New-AzSubscriptionDeploymentStack `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 8
@dantedallag / @snarkywolverine - can you take a look at this one? I don't have the ability to transfer this to the deployment stacks repo
Hey @finluke, a change was made to fix an issue with validation error surfacing in the next release. I believe the public release is tomorrow. Could you try it out tomorrow and let us know if it fixes your issue?
I've been running this for a few days now and I'm seeing validation errors on the cli again. Thanks for the fix.