Azure Monitor Baseline Alerts
Download AlertsGlossaryGitHubGitHub IssuesToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Known Issues

VM Log Alert policies fail to remediate

Error includes

The error can be presented with one of the following messages:

failed to resolve table or column expression named

{
   "code": "BadRequest",
   "message": {
       "error": {
           "code": "DraftClientException",
           "message": "The request had some invalid properties Activity D: 3332f9c0-b4d4-464b-8ec4-44a670ba745b."
       }
   }
}

Cause

The underlying data is not present in the Log Analytics table or there’s no virtual machine associated to any VM Insights data collection rule.

Resolution

For VM Alerts, enable VM Insights. After VM Insights is enabled, run the remediation again.

Failed to deploy because of role assignment issue

Deployment of AMBA-ALZ fails when there are orphaned role assignments.

Error includes 

{
   "code": "RoleAssignmentUpdateNotPermitted",
   "message": "Tenant ID, application ID, principal ID, and scope are not allowed to be updated."
}

Cause

When a role or a role assignment is removed, some orphaned objects can still appear, preventing a successful deployment.

Resolution

  1. Navigate to Management Groups
  2. Select the management group (corresponding to the value entered for the enterpriseScaleCompanyPrefix during the deployment) where the AMBA-ALZ deployment was targeted
  3. Select Access control (IAM)
  4. Under the Contributor role, select all records named Identity not found entry and click Remove
  5. Run the deployment

Failed to deploy to a different location

Error includes 

Error: Code=InvalidDeploymentLocation; Message=Invalid deployment location 'westeurope'. The deployment 'ALZARM' already exists in location 'uksouth'.

Cause

When attempting to deploy to a different region, such as “uksouth”, after a previous deployment in another region, an error may occur. This issue persists even after performing a cleanup (refer to Clean-up AMBA-ALZ Deployment for more details). The error arises because deployment entries from the previous operation still exist, causing a region conflict that prevents the new deployment.

Resolution

Situation 1: You are attempting to deploy to a different region than the one used in a previous deployment. It is not necessary to deploy to the same scope in a different region, as the definitions and assignments are scoped to a management group and are not region-specific. No further action is required.

Situation 2: You have cleaned up a previous deployment and now wish to deploy to a different region. Follow these steps to resolve the issue:

  1. Navigate to Management Groups
  2. Select the management group (corresponding to the value entered for the enterpriseScaleCompanyPrefix during the deployment) where the AMBA deployment was targeted
  3. Click Deployment
  4. Select all the deployment instances related to AMBA and click Delete.

To recognize the deployment names belonging to AMBA, select those whose names start with:

  1. amba-
  2. pid-
  3. alzArm
  4. ambaPreparingToLaunch

If you have only deployed AMBA-ALZ once, you have 14 deployment instances.

Failed to deploy because of the limit of 800 deployments per management group has been reached

Error includes 

Error: Code=MultipleErrorsOccurred; Message=Multiple errors occurred: Conflict,Conflict,Conflict,Conflict,Conflict,Conflict.

Cause

The limit of 800 deployment for the given management group scope has been reached. More information can be found at Management group limits

Resolution

To resolve this issue, follow these steps:

  1. Navigate to Management Groups
  2. Select the management group (corresponding to the value entered for the enterpriseScaleCompanyPrefix during the deployment) where AMBA-ALZ deployment was targeted
  3. Click Deployment
  4. Select all the deployments that could be deleted (example: instances of previous deployments related to AMBA) and click Delete
  5. Run the deployment

To recognize the deployment names belonging to AMBA-ALZ, select those whose names start with:

  1. amba-
  2. pid-
  3. alzArm
  4. ambaPreparingToLaunch

If you have only deployed AMBA-ALZ once, you have 14 deployment instances.

Failed to deploy because of ’location’ property not specified

Error includes

The error can be presented with one of the following messages:

{
   "code": "InvalidDeployment",
   "message": "The 'location' property must be specified for 'amba-id-amba-prod-001'. Please see https://aka.ms/arm-deployment-subscription for usage details."
}

InvalidDeployment - Long running operation failed with status 'Failed'. Additional Info:'The 'location' property must be specified for 'amba-id-amba-prod-001'. Please see https://aka.ms/arm-deployment-subscription for usage details.'

Cause

The new Bring Your Own User Assigned Managed Identity (BYO UAMI) feature allows you to either use an existing User Assigned Managed Identity (UAMI) or create a new one within the management subscription. This process automatically assigns the Monitoring Reader role to the UAMI at the parent pseudo root Management Group. If a new UAMI is created, ensure the management subscription ID is correctly specified.

Resolution

Ensure that the management subscription ID is accurately specified in the parameter file:

New UAMI deployed by the template

Failed to deploy action group(s) and/or alert processing rule(s)

The following remediation tasks fail when the subscription name, used as part of the resource name, contains invalid characters:

  • Deployment of AMBA Notification Assets
  • Deployment of AMBA Notification Suppression Assets

Error includes 

At least one resource name segment is invalid according to the Resource Provider specification. (Code: InvalidResourceNameFormat)

Cause

When action groups and alert processing rules are deployed, the subscription name is included in their display names. If the subscription name contains invalid characters, the deployment will fail, resulting in the misleading error mentioned above.

Resolution

Rename the subscription to exclude invalid characters. Refer to the Naming rules and restrictions for Azure resources for a list of supported characters. For instance, alert suppression rules only permit alphanumeric characters, underscores, and hyphens. Specifically, alphanumeric characters include:

  • a through z (lowercase letters)
  • A through Z (uppercase letters)
  • 0 through 9 (numbers)

After renaming the subscription correctly, rerun the remediation.

Failed to edit action group(s)

Editing a previously deployed action group is returning a misleading error in the Azure portal.

Api-version required error

Error includes

The error includes the following message:

The api-version query parameter (?api-version=) is required for all requests. (Code: MissingApiVersionParameter)

Cause

Action groups are deployed with names that include the subscription name. If the subscription name contains invalid characters, editing the action group will fail.

Resolution

Rename the subscription to exclude invalid characters. Refer to the Naming rules and restrictions for Azure resources for a list of supported characters. For instance, alert suppression rules only permit alphanumeric characters, underscores, and hyphens. Specifically, alphanumeric characters include:

  • a through z (lowercase letters)
  • A through Z (uppercase letters)
  • 0 through 9 (numbers)

Once the subscription has been renamed to exclude invalid characters, delete the existing action groups (those with names starting with ag-AMBA- or ag-AMBA-SH-) and rerun the remediation process.