Search code examples
azure-pipelinesazure-resource-managerazure-data-factory

Data Factory Deploy Managed Private Endpoint. Error: Invalid payload

I have been using the new ADF CI/CD process as described here: ms doc. This worked well until I secured the linked services through managed private endpoints.

A build pipeline generates an ARM template and parameters file based what what is deployed to the data factory in my "Dev" environment. The template and parameters file are then published from the build and made available to the release pipeline. At this point, the generated parameters just contains placeholder values.

The release pipeline executes the ARM template, taking template values from the "Override template parameters" text box:

enter image description here

My problem is, when this runs I get the following error from the resource group deployment:

"Invalid resource request. Resource type: 'ManagedPrivateEndpoint', Resource name: 'pe-ccsurvey-blob-001' 'Error: Invalid payload'."

From the Azure Portal, I navigated to the resource group deployment, where I was able to view the template and parameters file used.

Definition of the required private endpoint from the template file is shown below:

{
            "type": "Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints",
            "apiVersion": "2018-06-01",
            "name": "[concat(parameters('factoryName'), '/default/pe-ccsurvey-blob-001')]",
            "dependsOn": [
                "[concat(variables('factoryId'), '/managedVirtualNetworks/default')]"
            ],
            "properties": {
                "privateLinkResourceId": "[parameters('pe-ccsurvey-blob-001_properties_privateLinkResourceId')]",
                "groupId": "[parameters('pe-ccsurvey-blob-001_properties_groupId')]"
            }
        }

The relevant parameters from the parameters file are:

"pe-ccsurvey-blob-001_properties_privateLinkResourceId": {
    "value": "/subscriptions/correctSubscriptionIdHere/resourceGroups/rg-contactcentre-dev-001/providers/Microsoft.Storage/storageAccounts/storccsurveydev001"
},
"pe-ccsurvey-blob-001_properties_groupId": {
    "value": "blob"
}

The values in the parameters file look ok to me. The storage account it's pointing to does exist. Unfortunately, the error message isn't very specific - it just states "Invalid Payload".

Any ideas?

Solution

  • Going through the official Best practices for CI/CD,

    If a private endpoint already exists in a factory and you try to deploy an ARM template that contains a private endpoint with the same name but with modified properties, the deployment will fail.