@@ -300,12 +300,28 @@ jobs:
300300 RG_NAME="${{ inputs.projectName }}-${{ inputs.environment }}-rg"
301301 KEY_VAULT_NAME="${{ inputs.projectName }}-${{ inputs.environment }}-kv"
302302 POSTGRES_SERVER_NAME="${{ inputs.projectName }}-${{ inputs.environment }}-postgres"
303+ DESIRED_LOCATION="$(echo "${{ inputs.location }}" | tr '[:upper:]' '[:lower:]')"
303304
304305 echo "Running non-prod preflight drift remediation for environment '${{ inputs.environment }}'."
305306
306307 # Remediate soft-deleted Key Vault name conflicts that can block azd provision.
307308 if az keyvault show --name "$KEY_VAULT_NAME" --resource-group "$RG_NAME" >/dev/null 2>&1; then
308- echo "Key Vault $KEY_VAULT_NAME already exists in $RG_NAME. No purge needed."
309+ CURRENT_KV_LOCATION=$(az keyvault show \
310+ --name "$KEY_VAULT_NAME" \
311+ --resource-group "$RG_NAME" \
312+ --query location -o tsv | tr '[:upper:]' '[:lower:]')
313+
314+ if [ "$CURRENT_KV_LOCATION" != "$DESIRED_LOCATION" ]; then
315+ LOCATION_SUFFIX=$(echo "$DESIRED_LOCATION" | tr -cd '[:alnum:]' | cut -c1-4)
316+ KEY_VAULT_OVERRIDE=$(echo "${{ inputs.projectName }}-${{ inputs.environment }}-kv-${LOCATION_SUFFIX}" | tr '[:upper:]' '[:lower:]' | cut -c1-24)
317+ KEY_VAULT_OVERRIDE="${KEY_VAULT_OVERRIDE%-}"
318+
319+ echo "Key Vault location mismatch detected for $KEY_VAULT_NAME ($CURRENT_KV_LOCATION vs $DESIRED_LOCATION)."
320+ echo "Setting keyVaultNameOverride to $KEY_VAULT_OVERRIDE for this deployment."
321+ azd env set keyVaultNameOverride "$KEY_VAULT_OVERRIDE" -e "${{ inputs.environment }}"
322+ else
323+ echo "Key Vault $KEY_VAULT_NAME already exists in $RG_NAME with matching location $CURRENT_KV_LOCATION."
324+ fi
309325 else
310326 DELETED_KV_LOCATION=$(az keyvault list-deleted \
311327 --query "[?name=='$KEY_VAULT_NAME'] | [0].properties.location" \
0 commit comments