Can't create Private Link for Azure Application Gateway because I need to delete external resources before deploying into this subnet
I'm following this tutorial to protect an Azure Container Application with an Azure Application Gateway.
When I get to the part to"Add private link to your Application Gateway", I get an error that says:
You need to delete external resources before deploying into this subnet.
When I created my Azure Container Application, I need to create an Azure Container Application Environment. The Azure Container Application Environment requires a subnet to be created. I named it "container-app-subnet". There is nothing else tied to this subnet. I also made sure that my Container App is private.
During the step to create a new Azure Application Gateway, I'm supposed to select the Virtual network that my Container App is associated to. I did. So both my Application Gateway and Container Environment on the same VNET.
But I get an error trying to save the private link.
Why does it think there are external resources associated with this subnet? This is only used for the Azure Container Environment that my Azure Container Application is in.
You need to delete external resources before deploying into this subnet.
The above error occurred because you selected an internal load balancer when creating the container app. The subnet is already associated with the load balancer, so it's not an empty subnet, as it requires an empty subnet for Private Link.
When I try to create a Private Link in Application Gateway with an existing subnet, I encounter the same error."
To resolve the issue, you can create another subnet in the same VNet and use that subnet for the private link configuration, as it requires a dedicated subnet, for more details you can refer Configure Azure Application Gateway Private Link
