Azure - Function App - VNet Integration - Adding Virtual Network to Web App - UpdateOnResourceNotAllowedWithApiVersion
I have followed this guide to Enable virtual network integration in my Azure Function.
At first it looks good and my Virtual network with a Virtual network gateway configured with Point to Site VPN shows up as expected:
However on add it fails with the following message:
If I then look at Activity log it does say Succeeded.
Looking at VNet Integration for the Azure Function it has been set up and I get GATEWAY STATUS Online but CERTIFICATE STATUS Certificates not in sync.
Looking at the Networking tab it also says VNet integration Off.
Now looking at the subscription that has the virtual network I did receive the following error the first time I tried to set up the VLAN:
Operation name Creates or updates a VirtualNetworkGateway
Error code UpdateOnResourceNotAllowedWithApiVersion
Message Resource /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/my-resource-group/providers/Microsoft.Network/virtualNetworkGateways/my-virtual-network-gateway cannot be updated using API version 2016-09-01 since it uses the property VpnClientConfiguration AAD authentication parameters which has been set using a higher API version 2019-04-01. Please use api version greater than or equal to 2019-04-01 to update the resource.
Does this mean that Azure GUI uses API version 2016-09-01? Can I set the GUI to use API version 2019-04-01 or how can I manually add the configuration needed to make this work?
I have tried to use Sync Network from App Service Plan Network GUI but it fails as well.
There I get the following errors:
Operation name Creates or updates a VirtualNetworkGateway
Error code UpdateOnResourceNotAllowedWithApiVersion
Message Resource /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/my-resource-group/providers/Microsoft.Network/virtualNetworkGateways/my-virtual-network-gateway cannot be updated using API version 2016-09-01 since it uses the property VpnClientConfiguration AAD authentication parameters which has been set using a higher API version 2019-04-01. Please use api version greater than or equal to 2019-04-01 to update the resource.
And:
Operation name Generate VpnClient package for virtualNetworkGateway
Error code VpnClientCMakGenerationNotSupportedForVpnClientProtocol
Message Legacy Cmak generation is not supported for gateway id /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/my-resource-group/providers/Microsoft.Network/virtualNetworkGateways/my-virtual-network-gateway when vpn client protocol OpenVPN is configured. Please use vpn profile package option instead.
Update:
I could create a new Function App from another subscription but located in the same region as the Virtual network that I wanted to use. This meant that the Virtual network gateway not had to be used. I had to create a new Subnet for it. I used the same App Service Plan as a current Web App used, Standard S1 (100 total ACU, 1.75 GB memory, 1 vCPU).
Original:
Created a new Function App located in the same subscription and region as the Virtual network that I wanted to use.
From here I could use Add VNet Integration and select which subnet I wanted to use. When doing this everything worked.
