How to deploy managed private endpoint in different environment

Question

I have 2 data factories, one for dev and other for testing.

I have created a managed private endpoint in dev data factory that points to azure sql (pointing to dev sql server and db) eg: az_mpe_dev

I have created a managed private endpoint in test data factory that points to azure sql (pointing to testsql server and db) eg: az_mpe_test

Now when I use azure pipeline to deploy dev adf to test, I get the following error:
ManagedPrivateEndpointInvalidPayload: Managed private endpoint 'az_mpe_dev' is invalid.

In the templateparameter.json
its:

         "az_mpe_dev_properties_privateLinkResourceId": {
     "value": "/subscriptions/abc/resourceGroups/rg-dev/providers/Microsoft.Sql/servers/sqlserver-dev
 },
 "az_mpe_dev_properties_groupId": {
     "value": "sqlServer"
 },
 "az_mpe_dev_properties_ipAddress": {
     "value": null
 },
 az_mpe_dev_properties_resourceId": {
     "value": "/subscriptions/abc/resourceGroups/vnet-b4549a5weqwee-UKSouth-243-rg/providers/Microsoft.Network/privateEndpoints/az-df-dev.az_mpe_de"
 }

Now when I override the template parameters with test values I get the above error.

How should I resolve this ?

Answer 1

Hello @Sharma, Rahul ,
Thanks for the question and using MS Q&A platform.

As we understand the ask here is how to get rid of the error when trying to move the updated ADF from Dev to Test , please do let us know if its not accurate.
As per the best [ractices of CI/CD called out here .

If a private endpoint already exists in a factory and you try to deploy an ARM template that contains a private endpoint with the same name but with modified properties, the deployment will fail. In other words, you can successfully deploy a private endpoint as long as it has the same properties as the one that already exists in the factory. If any property is different between environments, you can override it by parameterizing that property and providing the respective value during deployment.

Please do let me if you have any queries.
Thanks
Himanshu

---

• Please don't forget to click on or upvote button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
• Want a reminder to come back and check responses? Here is how to subscribe to a notification
  • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators

Answer 2

I recently was assigned to a project that needed to migrate RMA for Datafactory from 1 RG to another , the problem was that the manage identity property name was different on both enviroments and I was getting the same error.

The steps I folllowed to fix this are below:

1- Created a new folder in the repository folder ( I've added this step to the release pipeline before the RMA deploy step)
2- Added a powershell code to copy the JSON files to the new folder
3-Added a powershelll code to replace the variable names with the desired ones ( just changed the JSON files in the new folder and did not change the original ones) to match the final RG-resource
4-Changed the source of the JSON files to point to the new folder where the JSON files match the manage private endpoint of the resource where is being deployed ( this step is on the RMA deploy step )

Changes are happpening on the fly inside an agent so if you try to look for the copy files in the repository, they will not exist there, they only exists at the time the release pipeline gets executed inside the agent ( hard drive D on my case). Let me know if you need more help , hollowsama@Karima ben .com