Search code examples
azureazure-powershellsubnetvnet

Fix for the Subnet Missing Required Delegation

I have a Azure Resource Group and it has a vnet. The vnet has a subnet which has two service endpoints configured namely Microsoft.keyVault and Microsoft.Storage and the subnet also has a subnet delegation to Microsoft.Web/serverFarms.

Now I want to add another service endpoint Microsoft.ServiceBus to the same vnet using Azure Powershell. I executed the below code for that.

$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $ResourceGroupName 
Set-AzVirtualNetworkSubnetConfig -Name $virtualNetwork.Subnets.Name -VirtualNetwork $virtualNetwork -AddressPrefix  $virtualNetwork.Subnets.AddressPrefix -ServiceEndpoint "Microsoft.ServiceBus"
$virtualNetwork | Set-AzVirtualNetwork

But the above code is throwing error at the last line of code saying that the Subnet is missing Required Delegation

Subnet requires any of the following delegation(s) [Microsoft.Web/serverFarms] to reference service association link 
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: SubnetMissingRequiredDelegation

But in portal I see it has the required delegation. How to fix this error?

Solution

  • Even though i have already added these service endpoint in my specific subnet and subnet also has a subnet delegation to Microsoft.Web/serverFarms able to add another service endpoint Microsoft.ServiceBus.

    I would suggest you to use the following PowerShell script:

    enter image description here

    enter image description here

    PowerShell Script:

    $subscription = "b83c1edXXXXXXX-XXX"
$subnets = @('TestSubnet')
$vnetName = "Vnet1"
$vnetRgName = "X-rasXXXX-XX"
$newEndpoint = "Microsoft.ServiceBus"
    
Set-AzContext -Subscription $subscription
foreach($snet in $subnets){
    Write-Host "Modifying Service Endpoints for subnet: $snet" -fore red -back white
    $virtualNetwork = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Get-AzVirtualNetworkSubnetConfig -Name $snet
    $addrPrefix = $virtualNetwork.AddressPrefix

    #Get existing service endpoints
    $ServiceEndPoint = New-Object 'System.Collections.Generic.List[String]'
    $virtualNetwork.ServiceEndpoints | ForEach-Object { $ServiceEndPoint.Add($_.service) }
    if ($ServiceEndPoint -notcontains $newEndPoint){
        $ServiceEndPoint.Add($newEndpoint)
    }

    $delegation=$virtualNetwork.Delegations

    #Add new service endpoint
    Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Set-AzVirtualNetworkSubnetConfig -Name $snet -AddressPrefix $addrPrefix -ServiceEndpoint $ServiceEndPoint -Delegation $delegation | Set-AzVirtualNetwork
}

    enter image description here enter image description here

    Reference : Azure Powershell - Applying multiple service endpoints to a subnet