Alias issue: Microsoft.EventGrid/systemTopics/eventSubscriptions/destination.WebHook.endpointUrl & Microsoft.EventGrid/eventSubscriptions/destination.WebHook.endpointUrl #1417
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Scenario:
We are facing an issue when trying to use the endpointUrl alias on systemTopic eventSubscriptions. For some reason, when the policy target is an event subscription of a system topic, the endpointUrl alias is not able to pull back a value. It's always null. We attempt to pull the value so we can redeploy the eventSubscription with an appropriate value for minimumTlsVersionAllowed. We cannot deploy the DINE deployment because endpointUrl is not pulling in the configured endpoint value.
We do not face this issue with eventSubscriptions of domains or topics. It is only when it's an eventSubscription of a systemTopic, that the alias will not work.
Can you please fix the alias so that it will return the configured endpointUrl for systemTopics too!
Example of how the alias is not returning a value in the form of an existenceCondition compliance check:
Definition:
{ "properties": { "displayName": "test - Event Grid Event Subscriptions TLS", "policyType": "Custom", "mode": "All", "version": "1.0.0", "parameters": { "minimumTlsVersionAllowed": { "type": "String", "metadata": { "displayName": "minimumTlsVersionAllowed", "description": "The minimumTlsVersionAllowed that should be used for Event Grid Event Subscriptions" }, "defaultValue": "1.2" } }, "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.EventGrid/eventSubscriptions" }, { "field": "Microsoft.EventGrid/eventSubscriptions/destination.endpointType", "equals": "WebHook" }, { "field": "Microsoft.EventGrid/eventSubscriptions/destination.WebHook.azureActiveDirectoryApplicationIdOrUri", "exists": "false" } ] }, "then": { "effect": "DeployIfNotExists", "details": { "roleDefinitionIds": [ "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" ], "evaluationDelay": "AfterProvisioning", "type": "Microsoft.EventGrid/eventSubscriptions", "name": "[field('name')]", "existenceCondition": { "allOf": [ { "field": "Microsoft.EventGrid/eventSubscriptions/destination.WebHook.minimumTlsVersionAllowed", "exists": "true" }, { "field": "Microsoft.EventGrid/eventSubscriptions/destination.WebHook.minimumTlsVersionAllowed", "greaterOrEquals": "[parameters('minimumTlsVersionAllowed')]" } ] }, "deployment": { "properties": { "parameters": { "name": { "value": "[field('fullName')]" }, "location": { "value": "[field('location')]" }, "minimumTlsVersionAllowed": { "value": "[parameters('minimumTlsVersionAllowed')]" }, "endpointUrl": { "value": "[field('Microsoft.EventGrid/eventSubscriptions/destination.WebHook.endpointUrl')]" }, "id": { "value": "[field('id')]" } }, "mode": "incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "name": { "type": "string" }, "location": { "type": "string" }, "minimumTlsVersionAllowed": { "type": "string" }, "endpointUrl": { "type": "string" }, "id": { "type": "string" } }, "variables": { "resourceScopeRight": "[substring(parameters('id'), add(indexOf(parameters('id'), '/providers/'), 11))]", "resourceScope": "[substring(variables('resourceScopeRight'), 0, if(equals(indexOf(variables('resourceScopeRight'), '/providers/'), -1), length(variables('resourceScopeRight')), indexOf(variables('resourceScopeRight'), '/providers/')))]", "isChildResource": "[not(equals(variables('resourceScopeRight'), variables('resourceScope')))]" }, "resources": [ { "condition": "[variables('isChildResource')]", "type": "Microsoft.EventGrid/eventSubscriptions", "apiVersion": "2024-12-15-preview", "scope": "[variables('resourceScope')]", "name": "[parameters('name')]", "location": "[parameters('location')]", "properties": { "destination": { "endpointType": "Webhook", "properties": { "minimumTlsVersionAllowed": "[parameters('minimumTlsVersionAllowed')]", "endpointUrl": "[parameters('endpointUrl')]" } } } }, { "condition": "[not(variables('isChildResource'))]", "type": "Microsoft.EventGrid/eventSubscriptions", "apiVersion": "2024-12-15-preview", "name": "[parameters('name')]", "location": "[parameters('location')]", "properties": { "destination": { "endpointType": "Webhook", "properties": { "minimumTlsVersionAllowed": "[parameters('minimumTlsVersionAllowed')]", "endpointUrl": "[parameters('endpointUrl')]" } } } } ], "outputs": { "scope": { "type": "string", "value": "[variables('resourceScope')]" } } } } } } } }, "versions": [ "1.0.0" ] }, "id": "/subscriptions/055d32f8-89bc-4584-ba35-3aed7d618726/providers/Microsoft.Authorization/policyDefinitions/220289f3-879b-46cf-b45d-693f0aeba636", "type": "Microsoft.Authorization/policyDefinitions", "name": "220289f3-879b-46cf-b45d-693f0aeba636" }The text was updated successfully, but these errors were encountered: