Redman
Reputation: 47
ARM template - Bad JSON content found in the request. (Code:BadRequest)
I am trying to deploy a KeyVault in Azure via PowerShell's Az Library and ARM template. (I found this: ARM template error Bad JSON content found in the request but it did not help me)
My Code looks like this:
$kvDeployResult = New-AzResourceGroupDeployment -Name "addKeyVault" -ResourceGroupName $resourceGroupeName -TemplateFile ".\deploy_kv.json" -TemplateParameterFile ".\deploy_kv_param.json" -Verbose
Using the command like this:
$kvDeployResult = New-AzResourceGroupDeployment -Name "addKeyVault" -ResourceGroupName $resourceGroupeName -TemplateObject $deploy_kv_hashtable -TemplateParameterObject $deploy_kv_param_hashtable -Verbose
results in even lesser progress and more errors.
I get this output:
My deploy_kv.jsonlooks like this
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"name": {
"type": "string"
},
"location": {
"type": "string"
},
"sku": {
"type": "string"
},
"accessPolicies": {
"type": "Array"
},
"tenant": {
"type": "string"
},
"enabledForDeployment": {
"type": "bool"
},
"enabledForTemplateDeployment": {
"type": "bool"
},
"enabledForDiskEncryption": {
"type": "bool"
},
"enableRbacAuthorization": {
"type": "bool"
},
"enableSoftDelete": {
"type": "bool"
},
"softDeleteRetentionInDays": {
"type": "int"
},
"networkAcls": {
"type": "Object"
}
},
"variables": {
},
"resources": [
{
"apiVersion": "2018-02-14",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"type": "Microsoft.KeyVault/vaults",
"properties": {
"enabledForDeployment": "[parameters('enabledForDeployment')]",
"enabledForTemplateDeployment": "[parameters('enabledForTemplateDeployment')]",
"enabledForDiskEncryption": "[parameters('enabledForDiskEncryption')]",
"enableRbacAuthorization": "[parameters('enableRbacAuthorization')]",
"accessPolicies": "[parameters('accessPolicies')]",
"tenantId": "[parameters('tenant')]",
"sku": {
"name": "[parameters('sku')]",
"family": "A"
},
"enableSoftDelete": "[parameters('enableSoftDelete')]",
"softDeleteRetentionInDays": "[parameters('softDeleteRetentionInDays')]",
"networkAcls": "[parameters('networkAcls')]"
},
"tags": {
},
"dependsOn": [
]
}
],
"outputs": {
}
}
My deploy_kv_param.json looks like this
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"name": {
"value": "vaultName"
},
"location": {
"value": "westeurope"
},
"sku": {
"value": "Standard"
},
"accessPolicies": {
"value": [
{
"objectId": "objectID",
"tenantId": "tenantId",
"permissions": {
"keys": "",
"secrets": "Get List Set Delete Recover Backup Restore",
"certificates": ""
},
"applicationId": null
}
]
},
"tenant": {
"value": "tenantId"
},
"enabledForDeployment": {
"value": false
},
"enabledForTemplateDeployment": {
"value": false
},
"enabledForDiskEncryption": {
"value": false
},
"enableRbacAuthorization": {
"value": false
},
"enableSoftDelete": {
"value": true
},
"softDeleteRetentionInDays": {
"value": 90
},
"networkAcls": {
"value": {
"defaultAction": "allow",
"bypass": "AzureServices",
"ipRules": [
],
"virtualNetworkRules": [
]
}
}
}
}
Followup:
I tried to minimize the files to only the $deploy_kv.json by using defaultValues for all the properties.
It looks like this now:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"name": {
"type": "string",
"defaultValue": "keyVaultName"
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]"
},
"sku": {
"type": "string",
"defaultValue": "Standard"
},
"accessPolicies": {
"type": "array",
"defaultvalue": [
{
"objectId": "objId",
"tenantId": "[subscription().tenantId]",
"permissions": {
"keys": "",
"secrets": "Get List Set Delete Recover Backup Restore",
"certificates": ""
},
"applicationId": null
}
]
},
"tenantId": {
"type": "string",
"defaultValue": "[subscription().tenantId]",
"metadata": {
"description": "Specifies the Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Get it by using Get-AzSubscription cmdlet."
}
}
},
"variables": {
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"apiVersion": "2019-04-01",
"tags": {
"displayName": "KeyVault"
},
"properties": {
"enabledForDeployment": false,
"enabledForTemplateDeployment": false,
"enabledForDiskEncryption": false,
"enableSoftDelete": true,
"softDeleteRetentionInDays": 90,
"tenantId": "[parameters('tenantId')]",
"accessPolicies": "[parameters('accessPolicies')]",
"sku": {
"name": "[parameters('sku')]",
"family": "A"
},
"networkAcls": {
"defaultAction": "Allow",
"bypass": "AzureServices"
}
}
}
],
"outputs": {
}
The error I get is the same. I assume the template(as the command itself states: is valid).
Upvotes: 0
Views: 548
Answers (1)
Stringfellow
Reputation: 2908
Change the permissions property to look like:
"permissions": {
"keys": [],
"secrets": ["Get", "List", "Set", "Delete", "Recover", "Backup", "Restore"],
"certificates": []
},
Each permission property needs to be an array of strings or just an empty array.
I also had to change the apiVersion to:
"apiVersion": "2018-02-14",
Upvotes: 2
Related Questions
- What is the error within the ARM template? Please advise
- ARM template error Bad JSON content found in the request
- Parameter NO_PARAM in request is invalid Please provide correct value for parameter NO_PARAM while deploying azure arm template using Powershell
- ARM Template - 'Template parameter JToken type is not valid. Expected 'String, Uri'. Actual 'Object'
- Azure ARM Unexpected character encountered while parsing value [
- Azure ARM: Remove invalid characters
- Json dependsOn ignored
- JSON objects as ARM template function argument
- Cannot deserialize JSON array into type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Templates.Schema.TemplateResourceCopy'
- Error creating JSON Unexpected Character Sequence