Error assigning a policy using Azure powershell and Azure Cli
I'm trying to assign an initiative using Azure Cli or Azure powershell and I'm getting the following error
New-AzManagementGroupDeployment -ManagementGroupId $managemenGroupId -Location $location -TemplateFile ./deployment/Policies/Assignments/VDQ-Location.bicep -TemplateParameterFile ./deployment/Resources/VDQ-Location.bicepparam -Verbose -Debug -WhatIf
VERBOSE: Using Bicep v0.30.3
VERBOSE: Calling Bicep with arguments: build-params "/home/ahmed/VDQ Repos/vdq-sandbox/deployment/Resources/VDQ-Location.bicepparam" --stdout
VERBOSE: Using Bicep v0.30.3
VERBOSE: Calling Bicep with arguments: build "/home/ahmed/VDQ Repos/vdq-sandbox/deployment/Policies/Assignments/VDQ-Location.bicep" --stdout
DEBUG: 22:01:46 - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 22:01:46 - NewAzureManagementGroupDeploymentCmdlet begin processing with ParameterSet 'ByTemplateFileAndParameterFile'.
DEBUG: 22:01:46 - using account id 'ahmed.elghilani2@gmail.com'...
DEBUG: 22:01:46 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
VERBOSE: Using Bicep v0.30.3
VERBOSE: Calling Bicep with arguments: build-params "/home/ahmed/VDQ Repos/vdq-sandbox/deployment/Resources/VDQ-Location.bicepparam" --stdout
Getting the latest status of all resources...DEBUG: [Common.Authentication]: Authenticating using Account: 'ahmed.elghilani2@gmail.com', environment: 'AzureCloud', tenant: 'd3a7ce51-a240-4342-9748-4b13122431b6'
DEBUG: 22:01:49 - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 22:01:49 - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 22:01:49 - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'d3a7ce51-a240-4342-9748-4b13122431b6', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'ahmed.elghilani2@gmail.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 709b9cf8-713b-4893-bb71-b60affec4c44] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 709b9cf8-713b-4893-bb71-b60affec4c44] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 709b9cf8-713b-4893-bb71-b60affec4c44] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 709b9cf8-713b-4893-bb71-b60affec4c44] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 709b9cf8-713b-4893-bb71-b60affec4c44] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z] Returning 1 accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] MSAL MSAL.CoreCLR with assembly version '4.61.3.0'. CorrelationId(509d809f-c763-4f70-bd0a-15fee77f0b4d)
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] LoginHint provided: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] Account provided: True
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] ForceRefresh: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 509d809f-c763-4f70-bd0a-15fee77f0b4d
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] === Token Acquisition (SilentRequest) started:
Scopes: https://management.core.windows.net//.default
Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] Access token is not expired. Returning the found cache entry. [Current time (09/24/2024 02:01:49) - Expiration Time (09/24/2024 03:04:31 +00:00) - Extended Expiration Time (09/24/2024 03:04:31 +00:00)]
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] Returning access token found in cache. RefreshOn exists ? False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d]
=== Token Acquisition finished successfully:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.8 Linux [2024-09-24 02:01:49Z - 509d809f-c763-4f70-bd0a-15fee77f0b4d] AT expiration time: 09/24/2024 03:04:31 +00:00, scopes: https://management.core.windows.net//.default https://management.core.windows.net//user_impersonation. source: Cache
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2024-09-24T03:04:31.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'd3a7ce51-a240-4342-9748-4b13122431b6', UserId: 'ahmed.elghilani2@gmail.com'
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
POST
Absolute Uri:
Headers:
Accept-Language : en-US
x-ms-client-request-id : 396d75d4-cf33-41e9-9b12-8cfd3006ac81
Code
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Cache-Control : no-cache
Pragma : no-cache
x-ms-ratelimit-remaining-tenant-reads: 249
x-ms-request-id : 1fddc786-b3b5-4100-9e43-b6131430312a
x-ms-correlation-request-id : 1fddc786-b3b5-4100-9e43-b6131430312a
x-ms-routing-request-id : CANADAEAST:20240924T020204Z:1fddc786-b3b5-4100-9e43-b6131430312a
Strict-Transport-Security : max-age=31536000; includeSubDomains
X-Content-Type-Options : nosniff
X-Cache : CONFIG_NOCACHE
X-MSEdge-Ref : Ref A: E4F3F147DC2741E3B046B3FE1B241285 Ref B: YTO221090812033 Ref C: 2024-09-24T02:02:04Z
Date : Tue, 24 Sep 2024 02:02:04 GMT
Body:
{
"status": "Failed",
"error": {
"code": "InternalServerError",
"message": "Encountered internal server error while processing the deployment what-if request. Diagnostic information: timestamp '20240924T020152Z', scope '/providers/Microsoft.Management/managementGroups/mg_ti', tracking id '9aec1b30-e538-46ed-a5b9-c73550647256', request correlation id '22521429-789e-4499-9d7e-f26204f771a6'."
}
}
DEBUG: 22:02:05 - [ResourceManagerCmdletBase.ExecuteCmdlet] Caught unhandled exception: Microsoft.Rest.Azure.CloudException:
InternalServerError - Long running operation failed with status 'Failed'. Additional Info:'Encountered internal server error while processing the deployment what-if request. Diagnostic information: timestamp '20240924T020152Z', scope '/providers/Microsoft.Management/managementGroups/mg_ti', tracking id '9aec1b30-e538-46ed-a5b9-c73550647256', request correlation id '22521429-789e-4499-9d7e-f26204f771a6'.'
at Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkClient.NewResourceManagerSdkClient.ExecuteDeploymentWhatIf(PSDeploymentWhatIfCmdletParameters parameters)
at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.CmdletBase.DeploymentWhatIfCmdlet.ExecuteWhatIf()
at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.CmdletBase.DeploymentCreateCmdlet.OnProcessRecord()
at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.ResourceManagerCmdletBase.ExecuteCmdlet()
DEBUG: 22:02:05 - [ConfigManager] Got nothing from [EnableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
New-AzManagementGroupDeployment:
InternalServerError - Long running operation failed with status 'Failed'. Additional Info:'Encountered internal server error while processing the deployment what-if request. Diagnostic information: timestamp '20240924T020152Z', scope '/providers/Microsoft.Management/managementGroups/mg_ti', tracking id '9aec1b30-e538-46ed-a5b9-c73550647256', request correlation id '22521429-789e-4499-9d7e-f26204f771a6'.'
DEBUG: 22:02:05 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 22:02:05 - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 22:02:05 - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.Resources:7.4.0; CommandName: New-AzManagementGroupDeployment; PSVersion: 7.4.5; IsSuccess: False; Duration: 00:00:19.1081496; SanitizeDuration: 00:00:00; Exception:
InternalServerError - Long running operation failed with status 'Failed'. Additional Info:'Encountered internal server error while processing the deployment what-if request. Diagnostic information: timestamp '20240924T020152Z', scope '/providers/Microsoft.Management/managementGroups/mg_ti', tracking id '9aec1b30-e538-46ed-a5b9-c73550647256', request correlation id '22521429-789e-4499-9d7e-f26204f771a6'.';
DEBUG: 22:02:05 - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 22:02:06 - NewAzureManagementGroupDeploymentCmdlet end processing.