This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello.
I need help clarifying if below issue is an actual bug or a misconfiguration that I can't detect. After days of debugging and research I was not able to locate any issue with the configuration so I would really appreciate guidance or pinpoints for what to look for in order to resolve the issue.
We have created a managed application for Azure Marketplace that includes a bunch of different Azure resources, including private endpoints to services like Azure Cognitive Search and Azure OpenAI. Resources are defined in Bicep and we have a workflow that generates ARM definition from it and packages it in a ZIP-file that will be used by managed application deployment.
When we attempt to create a managed application with incremental deployment mode, all resources are created successfully, but deployment hangs indefinitely and in activity log we can see following error message related to "Delete Network Interface" operation:
Network interface /subscriptions/<subscription_id>/resourceGroups/managed-app-deploy/providers/Microsoft.Network/networkInterfaces/pe-<id>.nic.<id> cannot be deleted because it is currently in use with an private endpoint (/subscriptions/<subscription_id>/resourceGroups/managed-app-deploy/providers/Microsoft.Network/privateEndpoints/pe-<id>).
In incremental mode no resource deletion should be happening though, right? We define incremental deployment mode and have verified it being set explicitly (see screenshot above) so what could be the issue here? Do we need to define NICs for private endpoints explicitly in Bicep code to work around this issue? Is it the by approach by design or is it an actual issue?
The same works with manual deployment, outside of managed application deployment.
Example debugging workflow of managed application deploy where it was reproducible:
createUiDefinition.json and mainTemplate.jsonaz managedapp definition create --resource-group rg-managed-app --name TestManagedApp --location westeurope --display-name "TestManagedApp" --description "My Managed App Def description" --authorizations "<principal_id>:<subscription_contributor_role_definition_id>" --lock-level ReadOnly --package-file-uri <marketplacezip_blog_sas_url> --deployment-mode Incrementalapp_params.json file with deployment parameters and store locallyaz managedapp create --name TestManagedApp --location westeurope --resource-group rg-managed-app --managedapp-definition-id "/subscriptions/<subscription_id>/resourceGroups/rg-managed-app/providers/Microsoft.Solutions/applicationDefinitions/TestManagedApp" --managed-rg-id "/subscriptions/<subscription_id>/resourceGroups/rg-managed-app-deploy" --kind MarketPlace --plan-name Standard --plan-product test_managed_app-preview --plan-publisher <publisher_id> --plan-version "1.0.1" --parameters .\app_params.jsonAny suggestions are highly appreciated.
Thanks in advance!
If we explicitly define NIC resources in mainTemplate.json deployment does complete successfully, but then it looks like behaviour of the complete mode and not the incremental one. Please let me know if I'm misunderstanding something here. Ref. https://learn.microsoft.com/en-us/partner-center/marketplace/plan-azure-app-managed-app#deployment-mode
@Kristina Devochko please email at AzCommunity[at]microsoft[dot]com ATTN: Ryan so we can work more closely with you. Please include your subscription id and a link to this post in your email.