I have a basic BICEP module that deploys a virtual network with subnets and NSGs. 1 of the subnets is for an azure firewall. The azure firewall subnet cannot be attached to an NSG so I have put a condition to not deploy an nsg to the azure firewall subnet, but I cannot get this to work. When it runs its returns an error:
{
"code": "MissingJsonReferenceId",
"message": "Value for reference id is missing. Path properties.subnets[6].properties.networkSecurityGroup."
},
The condition is
id: VNetSettings.subnets[j].unique == false ? json('{"id": "[resourceId(\'Microsoft.Network/networkSecurityGroups\', concat(\'nsg-snet-${vNetName}-${VNetSettings.subnets[j].name}\'))]"') : json('null')
The condition evaluates the VnetSettings.subnets.unique == false and if false then the nsg will be deployed, but if the VNetSettings.subnets.unique == true then it should be json('null') and not deploy the NSG.
the false subnets deploy and attach the NSG, but the true throw this the error:
"code": "MissingJsonReferenceId",
"message": "Value for reference id is missing. Path properties.subnets[6].properties.networkSecurityGroup."
},
Please someone help :(
Thanks
I've got this working now. The trick is to put the condition on the properties rather than within the networkSecurityGroup property