Skip to content

Exported ARM template that includes StorageAccount can't be re-deployed #19684

Open
Open
Exported ARM template that includes StorageAccount can't be re-deployed#19684
Labels
ARMaz resource/group/lock/tag/deployment/policy/managementapp/account management-groupService AttentionThis issue is responsible by Azure service team.act-identity-squadbugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-team-attentionThis issue needs attention from Azure service team or SDK team
@jepio

Description

@jepio
jepio
opened on Sep 24, 2021

Describe the bug

An ARM template generated from any resource group that includes a StorageAccount fails when redeploying with an InvalidXmlDocument error.

Command Name
az deployment group create

Errors:

{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n  \"error\": {\r\n    \"code\": \"InvalidXmlDocument\",\r\n    \"message\": \"XML specified is not syntactically valid.\\nRequestId:e878d855-f01a-005d-286e-b197b2000000\\nTime:2021-09-24T18:00:42.5358098Z\"\r\n  }\r\n}"}]}}

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

#!/bin/bash

rand=$RANDOM

az group create -g group${rand} -l westeurope
az storage account create -g group${rand} -n stor${rand}
az group export -g group${rand} --skip-all-params >group-arm.json
az group delete -y -g group${rand}

rand=$RANDOM

az group create -g group${rand} -l westeurope
az deployment group create -g group${rand} -f group-arm.json

This fails at the:

  • az deployment group create -g {} -f {}

Expected Behavior

Should not fail. According to internet searches this is related to "type": "Microsoft.Storage/storageAccounts/xxxServices" entries in the generated ARM template, but then either:
a) they should not be generated if they are not needed
b) az should be able to handle the resulting template correctly

Environment Summary

Linux-5.10.43.3-microsoft-standard-WSL2-x86_64-with-debian-10.10, Debian GNU/Linux 10 (buster)
Python 3.7.3
Installer: PIP

azure-cli 2.28.1

Additional Context

A template saved through the Azure portal has the exact same issue

Metadata

Metadata

Assignees

No one assigned

    Labels

    ARMaz resource/group/lock/tag/deployment/policy/managementapp/account management-groupService AttentionThis issue is responsible by Azure service team.act-identity-squadbugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-team-attentionThis issue needs attention from Azure service team or SDK team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions