CODEWITHSUNDEEP
azureazure-devopsazure-resource-managerazure-rm-template
Supernatix
Supernatix

Reputation: 503

Get resolved ARM template after failed deployment

Is it possible to get the ARM template as it was during runtime in the Azure Portal with the variables and parameters resolved?

Example below:

AzureDeploy.json

{
 "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
 "contentVersion": "1.0.0.0",
 "parameters": {
   "environment": {
     "type": "string",
     "defaultValue": "dev",
   },
   "storageSKU": {
     "type": "string",
     "defaultValue": "Standard_LRS",
     "allowedValues": [
       "Standard_LRS",
       "Standard_GRS",
       "Standard_RAGRS",
       "Standard_ZRS",
       "Premium_LRS",
       "Premium_ZRS",
       "Standard_GZRS",
       "Standard_RAGZRS"
     ]
   },
   "location": {
     "type": "string",
     "defaultValue": "[resourceGroup().location]"
   }
 },
  "variables": {
    "storageAccountName": "[concat('companyname',parameters('environment'),'sa01'))]"
  },
 "resources": [
   {
     "type": "Microsoft.Storage/storageAccounts",
     "apiVersion": "2019-04-01",
     "name": "[variables('storageName')]",
     "location": "[parameters('location')]",
     "sku": {
       "name": "[parameters('storageSKU')]"
     },
     "kind": "StorageV2",
     "properties": {
       "supportsHttpsTrafficOnly": true
     }
   }
 ]
}

AzureDeploy.parameters.json

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "environment": {
      "value": "dev"
    }
  }
}

If this deployment was to fail on something such as the name or the SKU, would I be able to access the portal or somehow see how these values were resolved when the script was ran?

The deployment happens in a CD pipeline in AzureDevops and I have control of the variable groups etc. so I know what is being passed in but not how it resolves. In a more complex template, I have an error claiming an Id is not set on a Logic App API connection but I cannot tell if the error is due to the variable I am using in the concat function or if the value is genuinely incorrect (resolving okay according to data passed in).

If anyone is familiar with troubleshooting these through the deployments blade in Azure then you may have some tips on how to see a more detailed view.

Thanks,

Edit:

The code below triggers Intellisense in Visual Studio 2019 but has been confirmed working during deployment. No warnings in VS Code as per comments. Majority of code omitted for brevity.

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "environment": {
          "type": "string",
          "defaultValue": "dev"
        },
        "increment": {
          "type": "string",
          "defaultValue": "01"
        },
        "keyvaultName": {
          "type": "string",
          "defaultValue": "randomKeyVaultName",
          "metadata": {
            "description": "Keyvault Name for deployment"
          }
        }
    },
    "variables": {
        "uniqueKeyVaultName": "[parameters('keyvaultName')]"
    },
    "resources": [
        {
          "type": "Microsoft.KeyVault/vaults/secrets",
          "apiVersion": "2016-10-01",
          "name": "[concat(variables('uniqueKeyVaultName'), '/407045A0-1B78-47B5-9090-59C0AE9A96F6')]",
          "location": "northeurope",
          "dependsOn": [
            "[resourceId('Microsoft.Resources/deployments', 'cosmosdb_linkedtemplate')]"
          ],
          "properties": {
            "contentType": "Graph",
            "value": "[concat('{''D'': ''DatabaseName'', ''U'': ''https://randomcosmosdb-',parameters('environment'),'-cdb-',parameters('increment'),'.documents.azure.com'', ''C'': ''CollectionName'', ''K'': ''',reference('cosmosdb_linkedtemplate').outputs.accountKey.value,'''}')]",
            "attributes": {
              "enabled": true
            }
          }
        }
    ],
    "outputs": {}
}

Visual Studio Version

Upvotes: 2

Views: 901

Answers (1)

bmoore-msft
bmoore-msft

Reputation: 8717

If you want to see the evaluated template there are a few things you can do to get it without deploying:

1) call the /validate api: https://learn.microsoft.com/en-us/rest/api/resources/deployments/validate -- but you need to use an older apiVersion at the moment (e.g. 2017-05-01)... the response will contain the fully evaluated template. If you have an older version of PowerShell or the CLI, you can see the response from the rest API by using the -debug switch. But keep in mind, the more recent versions of PS/CLI will use a newer apiVersion and those don't return the full template (at this time).

2) The /whatif api will also return evaluated JSON but there's a bit more to wade through if all you're after is the evaluated template: https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-deploy-what-if

Tha help?

Upvotes: 3

Related Questions