Share via

Deployment Managed Private Endpoints for PrivateLink Service via Azure DevOps failing

MartinKralovic-2666 0 Reputation points
2024-08-02T00:30:52.6733333+00:00

We have an issue with deploying Managed Private Endpoints (MPEs) for PrivateLink Service from Azure DevOps via Synapse Workspace deployment extension, the deployment task returns following error (shortened/redacted):

##[error]Encountered with exception:Error: ManagedPrivateEndpoint deployment status "Failed" Invalid Request: Message=Invalid payload received. FQDN needs to be specified for the private endpoint targeting Private Link Service: /subscriptions/....

I've seen some similar reports in forums, but most of them were related to GitHub action or Terraform.

The issue occurs only when deploying Managed Private Endpoint for PrivateLink Service; MPEs for other services such as Key Vaults, Storage Accounts, etc. do not seem to be affected.

I tried to disable parameterization, and compare ARM template to the JSON view of that MPE (whole properties object is basically identical), nothing helps.

{
	"...": "...",
	"properties": {
		"privateLinkResourceId": "/subscriptions/id/of/proper/privatelink/services/resource)",
		"groupId": "",
		"fqdns": [
			"my.domain.name"
		]
	},
	"dependsOn": [
		"..."
	]
}

Normally, I could live without deploying MPEs in a release pipeline, as these do not change too often in my use case. However, when Delete Artifacts Not In Template is enabled, and I'm not deploying MPEs, the task just deletes them (which doesn't make too much sense).

Any ideas how to resolve (or at least where to report) this? Thanks!

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,903 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amira Bedhiafi 24,181 Reputation points
    2024-08-05T16:29:01.62+00:00

    Based on this old thread :

    Going through the official Best practices for CI/CD, If a private endpoint already exists in a factory and you try to deploy an ARM template that contains a private endpoint with the same name but with modified properties, the deployment will fail.

    Otherwise I updated your code :

    {
	"properties": {
		"privateLinkResourceId": "/subscriptions/id/of/proper/privatelink/services/resource",
		"groupId": "",
		"fqdns": [
			"my.domain.name"
		]
	},
	"dependsOn": [
		"resourceDependency"
	]
}

    Make sure the FQDN is valid and correctly specified. It should be the actual domain name that your PrivateLink Service is using. Any typo or incorrect domain name can cause this issue.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.