修复子网缺少必需的委派
Fix for the Subnet Missing Required Delegation
我有一个 Azure 资源组,它有一个 vnet。 vnet 有一个子网,其中配置了两个服务端点,即 Microsoft.keyVault 和 Microsoft.Storage 并且该子网还有一个子网委派给 Microsoft.Web/serverFarms.
现在我想使用 Azure Powershell 将另一个服务端点 Microsoft.ServiceBus 添加到同一个 vnet。我为此执行了以下代码。
$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $ResourceGroupName
Set-AzVirtualNetworkSubnetConfig -Name $virtualNetwork.Subnets.Name -VirtualNetwork $virtualNetwork -AddressPrefix $virtualNetwork.Subnets.AddressPrefix -ServiceEndpoint "Microsoft.ServiceBus"
$virtualNetwork | Set-AzVirtualNetwork
但是上面的代码在代码的最后一行抛出错误,指出 Subnet is missing Required Delegation
Subnet requires any of the following delegation(s) [Microsoft.Web/serverFarms] to reference service association link
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: SubnetMissingRequiredDelegation
但在门户中我看到它具有所需的授权。如何修复此错误?
即使我已经在我的特定子网中添加了这些服务端点,并且子网也有一个子网委托 Microsoft.Web/serverFarms 能够添加另一个服务端点 Microsoft.ServiceBus。
我建议您使用以下 PowerShell 脚本:
PowerShell 脚本:
$subscription = "b83c1edXXXXXXX-XXX"
$subnets = @('TestSubnet')
$vnetName = "Vnet1"
$vnetRgName = "X-rasXXXX-XX"
$newEndpoint = "Microsoft.ServiceBus"
Set-AzContext -Subscription $subscription
foreach($snet in $subnets){
Write-Host "Modifying Service Endpoints for subnet: $snet" -fore red -back white
$virtualNetwork = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Get-AzVirtualNetworkSubnetConfig -Name $snet
$addrPrefix = $virtualNetwork.AddressPrefix
#Get existing service endpoints
$ServiceEndPoint = New-Object 'System.Collections.Generic.List[String]'
$virtualNetwork.ServiceEndpoints | ForEach-Object { $ServiceEndPoint.Add($_.service) }
if ($ServiceEndPoint -notcontains $newEndPoint){
$ServiceEndPoint.Add($newEndpoint)
}
$delegation=$virtualNetwork.Delegations
#Add new service endpoint
Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Set-AzVirtualNetworkSubnetConfig -Name $snet -AddressPrefix $addrPrefix -ServiceEndpoint $ServiceEndPoint -Delegation $delegation | Set-AzVirtualNetwork
}
参考:
我有一个 Azure 资源组,它有一个 vnet。 vnet 有一个子网,其中配置了两个服务端点,即 Microsoft.keyVault 和 Microsoft.Storage 并且该子网还有一个子网委派给 Microsoft.Web/serverFarms.
现在我想使用 Azure Powershell 将另一个服务端点 Microsoft.ServiceBus 添加到同一个 vnet。我为此执行了以下代码。
$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $ResourceGroupName
Set-AzVirtualNetworkSubnetConfig -Name $virtualNetwork.Subnets.Name -VirtualNetwork $virtualNetwork -AddressPrefix $virtualNetwork.Subnets.AddressPrefix -ServiceEndpoint "Microsoft.ServiceBus"
$virtualNetwork | Set-AzVirtualNetwork
但是上面的代码在代码的最后一行抛出错误,指出 Subnet is missing Required Delegation
Subnet requires any of the following delegation(s) [Microsoft.Web/serverFarms] to reference service association link
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: SubnetMissingRequiredDelegation
但在门户中我看到它具有所需的授权。如何修复此错误?
即使我已经在我的特定子网中添加了这些服务端点,并且子网也有一个子网委托 Microsoft.Web/serverFarms 能够添加另一个服务端点 Microsoft.ServiceBus。
我建议您使用以下 PowerShell 脚本:
PowerShell 脚本:
$subscription = "b83c1edXXXXXXX-XXX"
$subnets = @('TestSubnet')
$vnetName = "Vnet1"
$vnetRgName = "X-rasXXXX-XX"
$newEndpoint = "Microsoft.ServiceBus"
Set-AzContext -Subscription $subscription
foreach($snet in $subnets){
Write-Host "Modifying Service Endpoints for subnet: $snet" -fore red -back white
$virtualNetwork = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Get-AzVirtualNetworkSubnetConfig -Name $snet
$addrPrefix = $virtualNetwork.AddressPrefix
#Get existing service endpoints
$ServiceEndPoint = New-Object 'System.Collections.Generic.List[String]'
$virtualNetwork.ServiceEndpoints | ForEach-Object { $ServiceEndPoint.Add($_.service) }
if ($ServiceEndPoint -notcontains $newEndPoint){
$ServiceEndPoint.Add($newEndpoint)
}
$delegation=$virtualNetwork.Delegations
#Add new service endpoint
Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRgName | Set-AzVirtualNetworkSubnetConfig -Name $snet -AddressPrefix $addrPrefix -ServiceEndpoint $ServiceEndPoint -Delegation $delegation | Set-AzVirtualNetwork
}
参考: