Bicep adding DNS Records saying already exists when it doesn't
I am using Bicep to deploy our applications infrastructure and we're trying to add our SendGrid Domain Authentication DNS Records into the Bicep so we can deploy across our different environments, or a new environment if we choose, replace the values in the parameters.{environment}.json file and run it.
We're deploying our environment through GitHub's Actions and so far, up until this point, no problem has occurred that has left me feeling stuck until now - our domain registrar is another party but our NS have been changed to Azure so we're managing the whole platform through Azure.
resource dnsZonesNameResouce 'Microsoft.Network/dnsZones@2023-07-01-preview' existing = {
name: dnsZonesName
}
The DNS Zone name is passed in as a parameter into the module.
Here's an example of creating a DNS Record further down utilising this resource as it's parent
resource dnsZoneSendGridS1 'Microsoft.Network/dnsZones/CNAME@2023-07-01-preview' = {
parent: dnsZonesNameResouce
name: sendGridS1Name
properties: {
TTL: 3600
TXTRecords: [
{
value: [
sendGridS1Value
]
}
]
targetResource: {}
}
}
All of these parameters are passed in, the important thing is none of these records exist on the domain I am attempting to assign them to, when it comes to running this Bicep in the relevant GitHub Action, I always receive multiple errors, all of them following the same format
"/subscriptions/{subscriptionId}/resourceGroups/rg-common/providers/Microsoft.Network/dnsZones/some.domain.com/CNAME/em3203.some.domain.com","message":"***\r\n \"code\": \"BadRequest\",\r\n \"message\": \"Resource records can contain only one type of record specified.
This error is repeated multiple times for each different DNS Record I am trying to insert from this module I have given a snippet of above, these records do NOT exist in the domain on Azure which I am absolutely certain of, yet, the Bicep insists that it does.
Running what-if shows a result that looks like exactly what I need it to run against our environment, however, when we actually run it this error appears
Any help is appreciated!
I have tried changing the resource@... version to see if there is a mismatch, which hasn't yielded any results
Running what-if shows what I would expect to be correct from the Bicep I have written
Bicep adding DNS Records saying already exists when it doesn't
The blocker you mentioned in the comments Resource type "Microsoft.Network/dnsZones/CNAMERecord@2023-07-01-preview" does not have types available because of inability of bicep not to validate the properties before deployment & the second error is due missing permission of role DNS Zone Contributor which need to assigned to your SP or user.
I also agreed with Thomas on the point he mentioned related to how we use TXTRecords in the bicep configuration.
main.bicep:
param dnsZonesName string
param sendGridS1Name string
param sendGridS1Value string
resource dnsZonesNameResouce 'Microsoft.Network/dnsZones@2023-07-01-preview' existing = {
name: dnsZonesName
}
resource dnsZoneSendGridS1 'Microsoft.Network/dnsZones/CNAME@2023-07-01-preview' = {
parent: dnsZonesNameResouce
name: sendGridS1Name
properties: {
TTL: 3600
CNAMERecord: {
cname: sendGridS1Value
}
}
}
parameters.json:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"dnsZonesName": {
"value": "vkdomain.com"
},
"sendGridS1Name": {
"value": "em3203.vkdomain.com"
},
"sendGridS1Value": {
"value": "sendgrid.net"
}
}
}
I have a preexisting DNS record created vkdomain.com
Deployment succedded:
Reference:
Microsoft.Network/dnsZones - Bicep, ARM template & Terraform AzAPI reference | Microsoft Learn