Last reviewed: April 9, 2025

🛠️ Troubleshooting Deployment Issues

Even with a well-defined deployment model, Managed Application provisioning can occasionally fail due to Azure platform behavior or transient conditions.

This page outlines common causes, how to interpret failures, and how to retry provisioning using a script-based approach.

📘 In this article:

• ⚠️ Common Deployment Issues
• 🔁 Retrying a Failed Deployment
  • Step 1: Retrieve Managed Application Metadata
    • 🔎 Using the Azure Portal
  • Step 2: Resubmit Application for Provisioning
    • 🔁 Option 1 – PowerShell
    • 🔁 Option 2 – Azure CLI (az rest)
    • 🔁 Option 3 – cURL

---

⚠️ Common Deployment Issues

Managed Application deployments can fail for a variety of reasons, including:

• 💥 Regional Capacity Limits
  Some services (e.g., Cosmos DB, App Service) may be unavailable in certain regions due to quota constraints.

• ⚠️ Transient Platform Errors
  Occasional cold starts, DNS resolution issues, or service timeouts may interrupt deployment unexpectedly.

• ⛓️ Dependency Propagation Delays
  Entra ID App Registrations, Private DNS Zones, or User-Assigned Managed Identities may not be fully available immediately.

• 🪝 Third-Party Integration Timing
  Pipelines, webhooks, and Microsoft Graph calls may occasionally hit retry or timeout scenarios.

💡 If your deployment fails with a ProvisioningState = Failed, check the Managed Application resource in the Azure Portal to review the error(s).

---

🔁 Retrying a Failed Deployment

The Managed Application must reach ProvisioningState = Succeeded to complete an ArchTechLytics deployment. If provisioning fails due to regional capacity or transient platform issues, you can retry provisioning by issuing a PUT request to the Azure Resource Manager (ARM) API.

---

Step 1: Retrieve Managed Application Metadata

You’ll need to collect key values from your existing (failed) Managed Application instance before issuing a retry request. These values will be used in the HTTP request body.

🔎 Using the Azure Portal

1. Go to the Resource Group that contains the Managed Application (not the managed resource group).
2. Click on the Managed Application (Type: Microsoft.Solutions/applications).
3. In the Overview tab, note the following:
   • Resource ID
   • Region
   • Managed Resource Group ID
4. Open the JSON View (top-right of the Overview tab).
5. Extract the following properties for use in the retry script:
   • location
   • plan (name, product, publisher, version)
   • properties.managedResourceGroupId
   • properties.parameters
   • properties.publisherTenantId
   • properties.authorizations

---

Step 2: Resubmit Application for Provisioning

There are multiple ways to resubmit the provisioning request. Choose the method that matches your tooling preference.

---

🔁 Option 1 – PowerShell

Use the following PowerShell script to re-initiate provisioning. Replace the placeholder values with the ones you retrieved via the Azure Portal in Step 1.

$token = Get-AzAccessToken

$url = "https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Solutions/applications/<managedAppName>?api-version=2021-07-01"

$body = @{
    location = "<location>"
    kind = "MarketPlace"
    plan = @{
        name = "<planName>"
        product = "<productName>"
        publisher = "<publisherId>"
        version = "<version>"
    }
    properties = @{
        managedResourceGroupId = "<full-managed-rg-id>"
        parameters = @{
            location = @{ value = "<region>" }
            notificationEmail = @{ value = "<your-email>" }
            tenantDefaultDomainName = @{ value = "<your-tenant>.onmicrosoft.com" }
            virtualNetworkAddressSpace = @{ value = "10.0.0.0/16" }
            webSubnetPrefix = @{ value = "10.0.1.0/24" }
            privateEndpointsSubnetPrefix = @{ value = "10.0.2.0/27" }
            dataSubnetPrefix = @{ value = "10.0.3.0/24" }
            mgmtSubnetPrefix = @{ value = "10.0.4.0/26" }
            integrationSubnetPrefix = @{ value = "10.0.5.0/27" }
        }
        publisherTenantId = "<publisher-tenant-id>"
        authorizations = @(
            @{
                principalId = "<principal-1-guid>"
                roleDefinitionId = "<role-def-id-1>"
            },
            @{
                principalId = "<principal-2-guid>"
                roleDefinitionId = "<role-def-id-2>"
            }
        )
        managementMode = "Managed"
        customerSupport = @{
            contactName = "<placeholder>"
            email = "<placeholder>"
            phone = "<placeholder>"
        }
        supportUrls = @{
            publicAzure = "<placeholder>"
        }
    }
}

$jsonBody = $body | ConvertTo-Json -Depth 10

Invoke-RestMethod -Uri $url -Method Put -Headers @{
    "Authorization" = "Bearer $($token.Token)"
    "Content-Type"  = "application/json"
} -Body $jsonBody

🔁 Option 2 – Azure CLI (az rest)

Save the JSON body from above to a file called body.json, then run:

az rest --method put \
  --uri "https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Solutions/applications/<managedAppName>?api-version=2021-07-01" \
  --body "@body.json"

You can retrieve your access token using:

az account get-access-token --resource https://management.azure.com

🔁 Option 3 – cURL

If you prefer curl, use this format (requires the same JSON body file and access token):

curl -X PUT "https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Solutions/applications/<managedAppName>?api-version=2021-07-01" \
  -H "Authorization: Bearer <your-access-token>" \
  -H "Content-Type: application/json" \
  -d @body.json

---

⬆️ Back to top