I'm trying to create a VNet, subnets and an Application Gateway in a bicep file.
When I run the file I get an error:
New-AzResourceGroupDeployment: 11:23:37 - The deployment 'AppGateway' failed with error(s). Showing 1 out of 1 error(s).
Status Message: Subnet 'NLWifiPrint-AppGateway-Subnet' is not valid in virtual network 'NetloanCloudPrint-vnet'. (Code: NetcfgInvalidSubnet)
The deployment will have created my subnets and the public IP address. I can then use the web Portal to create my App Gateway using the public IP and the subnet. So the subnet I've created does appear to be fine and meet the requirements for use by the gateway.
What am I getting wrong?
This is the bicep file that I can recreate the issue with:
param location string = resourceGroup().location
@description('VNet Name')
param vnetName string
@description('VNet default subnet name')
param vnetSubnetDefaultName string
@description('VNet admin subnet name')
param vnetSubnetAdminName string
@description('VNet API subnet name')
param vnetSubnetApiName string
@description('VNet Functions subnet name')
param vnetSubnetFunctionsName string
@description('VNet App Gateway subnet name')
param vnetSubnetAppGatewayName string
@description('App Gateway Name')
param appGatewayName string
// ********************************************************************************************************************
// Virtual Network with 5 Subnets
// 1) Default
// 2) Admin
// 3) API
// 4) Functions
// 5) App Gateway
// There is an odd thing where each sub net depend on the previous one, without this the deployment seems to want to
// try and make changes to the vnet while the other subnets are still being added.
// ********************************************************************************************************************
resource vnet 'Microsoft.Network/virtualNetworks@2020-11-01' = {
name: vnetName
location: location
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
]
}
subnets: [
{
name: vnetSubnetAppGatewayName
properties: {
addressPrefix: '10.0.4.0/24'
}
}
]
}
}
resource subnetDefault 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: vnetSubnetDefaultName
properties: {
addressPrefix: '10.0.0.0/24'
serviceEndpoints: [
{
service: 'Microsoft.Storage'
locations: [ location ]
}
]
}
}
resource subnetAdmin 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: vnetSubnetAdminName
dependsOn: [ subnetDefault ]
properties: {
addressPrefix: '10.0.1.0/24'
serviceEndpoints: [
{
service: 'Microsoft.Storage'
locations: [ location ]
}
]
delegations: [
{
name: 'Microsoft.Web/serverFarms'
properties: {
serviceName: 'Microsoft.Web/serverFarms'
}
}
]
}
}
resource subnetApi 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: vnetSubnetApiName
dependsOn: [ subnetAdmin ]
properties: {
addressPrefix: '10.0.2.0/24'
serviceEndpoints: [
{
service: 'Microsoft.Storage'
locations: [ location ]
}
]
delegations: [
{
name: 'Microsoft.Web/serverFarms'
properties: {
serviceName: 'Microsoft.Web/serverFarms'
}
}
]
}
}
resource subnetFunctions 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: vnetSubnetFunctionsName
dependsOn: [ subnetApi ]
properties: {
addressPrefix: '10.0.3.0/24'
serviceEndpoints: [
{
service: 'Microsoft.Storage'
locations: [ location ]
}
]
delegations: [
{
name: 'Microsoft.Web/serverFarms'
properties: {
serviceName: 'Microsoft.Web/serverFarms'
}
}
]
}
}
// This is an empty Subnet for use by the App Gateway
resource subnetAppGateway 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: 'NLWifiPrint-AppGateway-Subnet'
dependsOn: [ subnetFunctions ]
properties: {
addressPrefix: '10.0.4.0/24'
serviceEndpoints: []
delegations: []
privateEndpointNetworkPolicies: 'Disabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}
// ********************************************************************************************************************
// WAF Gateway
// ********************************************************************************************************************
resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2021-08-01' = {
name: '${appGatewayName}-ip'
location: location
sku: {
name: 'Standard'
}
properties: {
publicIPAddressVersion: 'IPv4'
publicIPAllocationMethod: 'Static'
}
}
resource myAppGateway 'Microsoft.Network/applicationGateways@2022-09-01' = {
name: appGatewayName
location: location
properties: {
sku: {
name: 'WAF_v2'
tier: 'WAF_v2'
capacity: 2
}
gatewayIPConfigurations: [
{
name: 'appGatewayIpConfig'
properties: {
subnet: {
id: subnetAppGateway.id
}
}
}
]
frontendIPConfigurations: [
{
name: 'appGwPublicFrontendIp'
properties: {
privateIPAllocationMethod: 'Dynamic'
publicIPAddress: {
id: publicIPAddress.id
}
}
}
]
frontendPorts: [
{
name: 'port_80'
properties: {
port: 80
}
}
]
backendAddressPools: [
{
name: 'MyBackendPool'
properties: {
backendAddresses: []
}
}
]
//backendHttpSettingsCollection: [
// {
// name: 'BackendSettings'
// properties: {
// port: 80
// protocol: 'Http'
// cookieBasedAffinity: 'Disabled'
// requestTimeout: 20
// }
// }
//]
//backendSettingsCollection: []
// httpListeners: [
// {
// name: 'MyListener'
// properties: {
// frontendIPConfiguration: {
// id: publicIPAddress.id
// }
// //frontendPort: {
// // id: '${applicationGatewayId}/frontendPorts/port_80'
// //}
// protocol: 'Http'
// sslCertificate: null
// }
// }
//]
}
dependsOn: [ vnet ]
}
You're defining two subnets that share the same IP address space.
resource vnet 'Microsoft.Network/virtualNetworks@2020-11-01' = {
name: vnetName
location: location
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
]
}
subnets: [
{
name: vnetSubnetAppGatewayName
properties: {
addressPrefix: '10.0.4.0/24'
}
}
]
}
}
and
resource subnetAppGateway 'Microsoft.Network/virtualNetworks/subnets@2022-09-01' = {
parent: vnet
name: 'NLWifiPrint-AppGateway-Subnet'
dependsOn: [ subnetFunctions ]
properties: {
addressPrefix: '10.0.4.0/24'
serviceEndpoints: []
delegations: []
privateEndpointNetworkPolicies: 'Disabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}