Issue with Invoke-AzResourceAction cmdlet with a function wrapper

Question

I want to set certificate for Azure HDInsight for Azure DataLake access. I am following the article to and using the Invoke-AzResourceAction cmdlet.

I would like to know, why the code works without a function wrapper and fails with a function wrapper. I am not changing the azure subscription. No changes at all, the code just fails.

The below code works fine:

### Example Preparation​
# see $HDInsightDefinition.ResourceGroupName​
$resourceGroupName = "PL-Pilot"
​
# see $HDInsightDefinition.ClusterName​
$clusterName = "plhd01-hdi"
​
# see $HDInsightDefinition.ServicePrincipalObject.ApplicationId.Guid​
$appId = "280f3a19-ed77-45c"
​
### get cert details from common keyvault​
# common key vault is available using $HDInsightDefinition.CommonKeyVaultId​
$certStringSecret = Get-AzKeyVaultSecret -Name ("spuucert-{0}" -f $appId) -ResourceId /subscriptions/49e1-a2a6-58ee4a3dd124/resourceGroups/coe-eu-commons/providers/Microsoft.KeyVault/vaults/eu-commons
$certPasswordSecret = Get-AzKeyVaultSecret -Name ("sppwd-{0}" -f $appId) -ResourceId /subscriptions/49e1-a2a6-58ee4a3dd124/resourceGroups/coe-eu-commons/providers/Microsoft.KeyVault/vaults/eu-commons
​
​
### update hdi cluster, if cluster already exists and wasn't created immediately before (as in this case, it has the correct identity certificate)​
# => $HDInsightDefinition.ClusterAlreadyExists​
# see https://learn.microsoft.com/en-us/azure/hdinsight/hdinsight-hadoop-use-data-lake-store#refresh-the-hdinsight-certificate-for-data-lake-storage-gen1-access​
Invoke-AzResourceAction `
    -ResourceGroupName $resourceGroupName `
    -ResourceType 'Microsoft.HDInsight/clusters' `
    -ResourceName $clusterName `
    -ApiVersion '2015-03-01-preview' `
    -Action 'updateclusteridentitycertificate' `
    -Parameters @{ ApplicationId = $appId; Certificate = $certStringSecret.SecretValueText; CertificatePassword = $certPasswordSecret.secretvaluetext } `
    -Force

However, when I wrap the above code inside a function in our framework, the code fails. I can confirm that there is no issue with the parameters. The '$HDInsightDefinition' object will contain the same parameter values that were passed to the above code (without function wrapper)

function Update-XtoHDInsightCertificate {
    param 
    (
        [Parameter (ValueFromPipeline = $true, Mandatory = $true)]
        $HDInsightDefinition
    )

    $appid = $HDInsightDefinition.ServicePrincipalObject.ApplicationId.Guid
    $certStringSecret = Get-AzKeyVaultSecret -Name ("spuucert-{0}" -f $appid) -ResourceID $HDInsightDefinition.CommonKeyVaultId
    $certPasswordSecret = Get-AzKeyVaultSecret -Name ("sppwd-{0}" -f $appid) -ResourceID $HDInsightDefinition.CommonKeyVaultId
    $resourceGroupName = $HDInsightDefinition.ResourceGroupName.tostring()
    $ClusterName = $HDInsightDefinition.ClusterName.tostring()

    # Update the certificate identity of HDInsight Cluster for DataLake Access
    Invoke-AzResourceAction `
    -ResourceGroupName $resourceGroupName `
    -ResourceType 'Microsoft.HDInsight/clusters' `
    -ResourceName $ClusterName `
    -ApiVersion '2015-03-01-preview' `
    -Action 'updateclusteridentitycertificate' `
    -Parameters @{ ApplicationId = $appid; Certificate = $certStringSecret.SecretValueText; CertificatePassword = $certPasswordSecret.SecretValueText } `
    -Force

    write-CoeLog ("Successfully updated certificate for the HDINsight Cluster: {0}" -f $ClusterName)
}

I am getting the below error. I got the details using the 'Resolve-AzError' cmdlet.

 Resolve-AzError
Breaking changes in the cmdlet 'Resolve-AzError' :
 - The `Resolve-Error` alias will be removed in a future release.  Please change any scripts that use this alias to use `Resolve-AzError` instead.


NOTE : Go to https://aka.ms/azps-changewarnings for steps to suppress this breaking change warning, and other information on breaking changes in Azure PowerShell.


   HistoryId: 4


Message        : {"Message":"An error has occurred."}
StackTrace     :    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.HandleException(ExceptionDispatchInfo capturedException)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.ExecuteCmdlet()
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception      : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Entities.ErrorResponses.ErrorResponseMessageException
InvocationInfo : {Invoke-AzResourceAction}
Line           :     Invoke-AzResourceAction `

Position       : At C:\Users\manjug\source\repos\eXtollo_April_23_2\coe-df\Continuous Deployment\Deployment\eXtolloInstance\HDInsight_1\HDInsightTools.psm1:17 char:5
                 +     Invoke-AzResourceAction `
                 +     ~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId      : 4



   HistoryId: 1


RequestId      : d6579b01-bb55-4249-b555-1e0d462a7c6e
Message        : Resource group 'non-existent-rg-12345' could not be found.
ServerMessage  : ResourceGroupNotFound: Resource group 'non-existent-rg-12345' could not be found. (System.Collections.Generic.List`1[Microsoft.Rest.Azure.CloudError])
ServerResponse : {NotFound}
RequestMessage : {GET https://management.azure.com/subscriptions/3e959272-bef3-49e1-a2a6-58ee4a3dd124/resourceGroups/non-existent-rg-12345/resources?api-version=2019-07-01}
InvocationInfo : {Get-AzResource}
Line           :             $null = Get-AzResource -ResourceGroupName non-existent-rg-12345 -Name non-existent-resource-32541 -ErrorAction:SilentlyContinue

Position       : At C:\Users\manjug\source\repos\eXtollo_April_23_2\coe-df\Continuous Deployment\Framework\CoreDeployment.psm1:6957 char:21
                 + ...     $null = Get-AzResource -ResourceGroupName non-existent-rg-12345 - ...
                 +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
StackTrace     :    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.HandleException(ExceptionDispatchInfo capturedException)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.ExecuteCmdlet()
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
HistoryId      : 1


The Azure PowerShell team is listening, please let us know how we are doing: https://aka.ms/azpssurvey?Q_CHL=ERROR.

Answer 1

I am able to solve it. I did a typecast for the variables. [String]$appid = $HDInsightDefinition.ServicePrincipalObject.ApplicationId.Guid [String]$resourceGroupName = $HDInsightDefinition.ResourceGroupName [String]$ClusterName = $HDInsightDefinition.ClusterName