0

I have a situation where I need to define my subnets in the properties.subnets field of the parent virtual network otherwise I get the 'InUseSubnetCannotBeDeleted' problem

Option 1 - Defined inline

However if I define my subnets directly in the properties.subnet array (see below) then they are not created as children and I cannot seem to create a reference them as a resource for when I want to create a dependsOn reference for another resource.

resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-08-01' = {
  // ... other fields
  properties: {
    subnets: [
      // How can I get a reference to these that I can 'dependOn'?
      {
        name: 'subnet-1'
        // ... other fields
      }
      {
        name: 'subnet-2'
        // ... other fields
      }
    ]
  }
}

Option 2 - Defined separately

resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-08-01' = {
  // ... other fields
  properties: {
    subnets: [
      subnet1 // Gives a circular reference error
    ]
  }
}

resource subnet1 'Microsoft.Network/virtualNetworks/subnets@2021-08-01' = {
  parent: virtualNetwork
  name: 'subnet-1'
  // ... other fields
}

I have tried defining the subnets as separate resources and then reference the resources in the properties.subnet array but, since subnets need a reference to the parent virtual network proeprty, Bicep complains about a circular reference.

It seems that ARM templates can use textual references using the name of the subnet in properties.subnets whcih could get around the circular reference, however Bicep does not allow this.

So how do I defined my subnets so that I can simulteneously satisfy the virtual network's required to have a reference to the subnets in properties.subnets as well as be able to have a resource reference that I can use in dependsOn clauses?

Brendan
  • 18,771
  • 17
  • 83
  • 114
  • are you defining your vnet inside a module ? Also which resource need the dependson ? – Thomas Jul 07 '22 at 20:16
  • 1
    Also you could just create a `dependsOn` on the `virtualNetwork` resource. – Thomas Jul 07 '22 at 20:23
  • @Thomas As far as I can tell though there is no guarantee the child resource will actually be created when the parent is created - so depending on the parent wouldn't be watertight – Brendan Jul 10 '22 at 08:57
  • 1
    If you define your subnets within the vnet resource it will work for sure. – Thomas Jul 10 '22 at 09:22
  • 1
    https://stackoverflow.com/a/72622826/4167200 – Thomas Jul 10 '22 at 09:23
  • OK thanks Thomas, there is definitely some 'magic' to how subnets are created using the `properties.subnets` approach then. I'm going to assume this holds-off resolving the parent virtual network until the subnets are also created. – Brendan Jul 10 '22 at 09:58
  • 1
    There is some [discussion on the Bicep Github as well on this](https://github.com/Azure/bicep/discussions/7513) – Brendan Jul 10 '22 at 10:01

1 Answers1

0

Maybe this will work. Bicep builds it without errors, but I have not tried to deploy it.

resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-08-01' = {
  name: 'myvnet'
  location: 'swedencentral'
  properties: {
    addressSpace: {
      addressPrefixes: [
        '10.0.0.0/20'
      ]
    }
    subnets: [
      {
        name: 'subnet-1'
        properties: {
          addressPrefix: '10.0.0.0/24'
        }
      }
    ]
  }
}

resource subnet 'Microsoft.Network/virtualNetworks/subnets@2022-01-01' existing = {
  name: 'myvnet/subnet-1'
  scope: resourceGroup()
}

resource storage 'Microsoft.Storage/storageAccounts@2021-09-01' =  {
  name: 'mystorage'
  location: 'swedencentral'
  dependsOn: [
    subnet
  ]
  sku: {
    name: 'Standard_LRS'
  }
  kind: 'StorageV2'
}
Peter L - MSFT
  • 167
  • 4
  • 1
    Hmm nice idea but I don't think there is any guarantee that the subnet is existing when the symbolic name is created and [looking at this](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/existing-resource#troubleshooting) it seems that this could be a cause of problems - I tried it out and it gave an error although it was not an explicit `NotFound` error ... – Brendan Jul 07 '22 at 16:09
  • 1
    `dependsOn` is only for resources that are provisioned in the same template/file. Not for existing resources. – bmoore-msft Jul 08 '22 at 16:05
  • 1
    They are actually created in the same template. – Peter L - MSFT Jul 08 '22 at 17:04
  • @PeterL-MSFT if you update the above to the `parent`, `name` reference which has an implicit dependency on the virtual network I will happily mark this as the answer - at the moment it doesn't wait for the virtual network to deploy – Brendan Jul 13 '22 at 14:51