[Guidance required] - ALZ-Bicep-3-SubPlacement failed
Closed this issue · 7 comments
Let us know the feedback or general question
Question
Testing it out with GitHub Actions, using a single subscription:
ALZ-Bicep-1-Core and ALZ-Bicep-2-PolicyAssignments worked.
ALZ-Bicep-3-SubPlacement failed
New-AzManagementGroupDeployment: /home/runner/work/march05/march05/pipeline-scripts/Deploy-ALZSubscriptionPlacement.ps1:29
Line |
29 | New-AzManagementGroupDeployment @InputObject
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 09:58:41 - The deployment
| 'alz-SubscriptionPlacementDeployment-20240305T0903326953Z' failed with
| error(s). Showing 3 out of 3 error(s). Status Message: Failed to add
| subscription to management group (Code:Conflict) Status Message: Failed
| to add subscription to management group (Code:Conflict) Status Message:
| At least one resource deployment operation failed. Please list
| deployment operations for details. Please see
| https://aka.ms/arm-deployment-operations for usage details. (Code:
| DeploymentFailed) - Failed to add subscription to management group
| (Code:Conflict) CorrelationId: c1c64b1b-14dd-43b3-a909-69f493468d35
Error: Error: The process '/usr/bin/pwsh' failed with exit code 1
Does it mean that it will always fail with only one subscription?
Code of Conduct
- I agree to follow this project's Code of Conduct
No I have used on single and multiple substitutions
Hi @jamesyoung007, as @jzryk8 mentioned, you should be able to place a single subscription. However, make sure that in your parameter file, you don't have the same subscription specified under multiple management groups params (I assume the issue is in regard to the platform management groups where if you have a single subscription, you'll want to the subscription ID within the parPlatformMgSubs parameter) or you'll run into a race condition where multiple deployments are going to try and be moving the same subscription under different management group ids.
Below is an example of how NOT to reference the single subscription:
Let me know if that is the issue you're running into. Thanks!
Got it, so you'll want to take a look at this reference architecture for a single platform subscription management group and single platform subscription.
I assume you also have the platform management groups (connectivity, identity, and management) deployed as well, so you'll want to delete those and then take a look at the modules that support the parPlatformMgAlzDefaultsEnable parameter and set that to false.
Please re-open if you are still running into issues, happy to help!
Can you confirm if for your subPlacementAll.parameters.all.json file, that parPlatformManagementMgSubs, parPlatformConnectivityMgSubs, and parPlatformIdentityMgSubs are empty and that you only have that platform subscription included within parPlatformMgSubs as shown below:
