3

I have a Azure Resource Group and it has a vnet. The vnet has a subnet which has two service endpoints configured namely Microsoft.keyVault and Microsoft.Storage and the subnet also has a subnet delegation to Microsoft.Web/serverFarms.

Now I want to add another service endpoint Microsoft.ServiceBus to the same vnet using Azure Powershell. I executed the below code for that.

$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $ResourceGroupName 
Set-AzVirtualNetworkSubnetConfig -Name $virtualNetwork.Subnets.Name -VirtualNetwork $virtualNetwork -AddressPrefix  $virtualNetwork.Subnets.AddressPrefix -ServiceEndpoint "Microsoft.ServiceBus"
$virtualNetwork | Set-AzVirtualNetwork

But the above code is throwing error at the last line of code saying that the Subnet is missing Required Delegation

Subnet requires any of the following delegation(s) [Microsoft.Web/serverFarms] to reference service association link 
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: SubnetMissingRequiredDelegation

But in portal I see it has the required delegation. How to fix this error?

MathGeek
  • 511
  • 6
  • 17

1 Answers1

2

Even though i have already added these service endpoint in my specific subnet and subnet also has a subnet delegation to Microsoft.Web/serverFarms able to add another service endpoint Microsoft.ServiceBus.

I would suggest you to use the following PowerShell script:

enter image description here

enter image description here

PowerShell Script:

$subscription = "b83c1edXXXXXXX-XXX"
$subnets = @('TestSubnet')
$vnetName = "Vnet1"
$vnetRgName = "X-rasXXXX-XX"
$newEndpoint = "Microsoft.ServiceBus"
    
Set-AzContext -Subscription $subscription
foreach($snet in $subnets){
    Write-Host "Modifying Service Endpoints for subnet: $snet" -fore red -back white
    $virtualNetwork = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Get-AzVirtualNetworkSubnetConfig -Name $snet
    $addrPrefix = $virtualNetwork.AddressPrefix

    #Get existing service endpoints
    $ServiceEndPoint = New-Object 'System.Collections.Generic.List[String]'
    $virtualNetwork.ServiceEndpoints | ForEach-Object { $ServiceEndPoint.Add($_.service) }
    if ($ServiceEndPoint -notcontains $newEndPoint){
        $ServiceEndPoint.Add($newEndpoint)
    }

    $delegation=$virtualNetwork.Delegations

    #Add new service endpoint
    Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Set-AzVirtualNetworkSubnetConfig -Name $snet -AddressPrefix $addrPrefix -ServiceEndpoint $ServiceEndPoint -Delegation $delegation | Set-AzVirtualNetwork
}

enter image description here enter image description here

Reference : Azure Powershell - Applying multiple service endpoints to a subnet

Nick is tired
  • 6,860
  • 20
  • 39
  • 51
RahulKumarShaw
  • 4,192
  • 2
  • 5
  • 11
  • Thanks Rahul, Any idea why it is throwing error saying subnet missing required delegation even though it has the delegation? – MathGeek Mar 16 '22 at 07:06
  • 1
    Not exactly sure but the cmdlet you are using that overwrite the existing service endpoint and will delete the existing subnet delegation as well. In process this might be cause for the error. – RahulKumarShaw Mar 16 '22 at 07:40
  • 1
    Understood, Thanks! – MathGeek Mar 16 '22 at 08:36
  • 1
    Hi Rahul, Can you please look into this question? https://stackoverflow.com/questions/71880180/associating-a-nat-to-a-subnet-is-giving-subnetmissingrequireddelegation-error – MathGeek Apr 15 '22 at 05:30