Azure Arc Kubernetes deployment failed due to policy deny on resource group 'DefaultResourceGroup-EUS'

Question

I am deploying an Azure Arc AKS cluster on ACP "HCI" cluster. All my resource groups and resources are created in South Central US, but during the deployment, it fails with the error message "Resource 'DefaultResourceGroup-EUS' was disallowed by policy." I'm not sure why the resources are pointing to EUS. The error also references a policy with some identifiers. Can someone help me understand this error and how to resolve it?

Error Message : Resource 'DefaultResourceGroup-EUS' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"XXX-XXX-locations","id":"/providers/Microsoft.Management/managementGroups/XXXX-XXX-XXXX-XXXXX/providers/Microsoft.Authorization/policyAssignments/XXX-XXXC-locations"},"policyDefinition":{"name":"Allowed locations for resource groups","id":"/providers/Microsoft.Authorization/policyDefinitions/XXXX-XXX-XXX-XXXX-XXXXX"},"policySetDefinition":{"name":"XXXX-allowed-loc","id":"/providers/Microsoft.Management/managementGroups/XXXXX-XXXX-XXX-XXX-XXXXXX/providers/Microsoft.Authorization/policySetDefinitions/XXXX-XXX-XXX-XX-XXXXXX"}}]'.

Answer 1

Try the steps below:

Ensure you're explicitly specifying South Central US as the location for all resources in your code, including any automatically created resource groups or instead of letting the deployment create a new resource group, create one manually in South Central US and specify it in your deployment configuration.

You can also explicitly set the location:

az arcdata control create --name myarcdata --resource-group myresourcegroup --location "South Central US" --connectivity-mode indirect --custom-location mycustomlocation

https://learn.microsoft.com/en-us/troubleshoot/azure/azure-kubernetes/create-upgrade-delete/error-code-requestdisallowedbypolicy-delete?source=recommendations

You can mark it 'Accept Answer' and 'Upvote' if this helped you

Regards,

Abiola