Open
Description
Description
More information in MS Support case-id #2307110050000659
When you are trying to run these command “Set-AzApiManagement -InputObject $apim” in the PowerShell, you are getting this error like subnet resource ID does not match the expected pattern because the PowerShell command that you are using "Set-AzApiManagement -InputObject $apim" updates the complete APIM service, and for STV2 what I noticed is that subnet id is all in lowercase letters, and PowerShell is complaining about the subnet id not matching the Regex pattern if you have a look it states : "resourceGroups" the G capital letter and "Microsoft.Network" M/N capital letter.
You can compare the pattern by checking on Resource JSON of the APIM service > Azure Portal > APIM > JSON view at the very right.
To fix it you can do a little adjustment to the Powershell script, just prior sending the command "Set-AzApiManagement -InputObject $apim".
you can use ->
$apim.VirtualNetwork.SubnetResourceId = $apim.VirtualNetwork.SubnetResourceId -replace "microsoft.network", "Microsoft.Network" -replace "resourcegroups", "resourceGroups" -replace "virtualnetworks", "virtualNetworks"
Then with next command you can confirm that SubnetResourceId looks like the expected Regex pattern.
$apim.VirtualNetwork
Then use the Set-AzApiManagement -InputObject $apim.
Issue script & Debug output
PS C:\> $apim = Get-AzApiManagement -Name apim-dmz-tst -ResourceGroupName apim-dmz-tst
DEBUG: 1:07:28 PM - GetAzureApiManagement begin processing with ParameterSet 'GetByResource'.
DEBUG: 1:07:28 PM - using account id 'MSI@50342'...
DEBUG: 1:07:28 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: [Common.Authentication]: Authenticating using Account: 'MSI@50342', environment: 'AzureCloud', tenant: 'e6f53d0a-0004-4a2a-84f7-3c394c783b99'
DEBUG: 1:07:28 PM - [ManagedServiceIdentityAuthenticator] Calling ManagedIdentityCredential.GetTokenAsync - TenantId:'e6f53d0a-0004-4a2a-84f7-3c394c783b99', Scopes:'https://management.core.windows.net/', UserId:''
DEBUG: ManagedIdentityCredential.GetToken invoked. Scopes: [ https://management.core.windows.net/ ] ParentRequestId:
DEBUG: Request [60bd222b-025a-40f7-9efa-b5f68f2da6a1] POST http://localhost:50342/oauth2/token
Content-Type:application/x-www-form-urlencoded
Metadata:REDACTED
x-ms-client-request-id:60bd222b-025a-40f7-9efa-b5f68f2da6a1
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.6.1 (.NET 7.0.9; Linux 5.4.0-1109-azure #115~18.04.1-Ubuntu SMP Mon May 22 20:06:37 UTC 2023)
client assembly: Azure.Identity
DEBUG: Response [60bd222b-025a-40f7-9efa-b5f68f2da6a1] 200 OK (00.0s)
X-Powered-By:REDACTED
ETag:W/"8aa-w6J8ZWKIu/SCrDRuxM9LHS5m9xg"
Date:Mon, 14 Aug 2023 13:07:28 GMT
Connection:keep-alive
Keep-Alive:REDACTED
Content-Type:application/json; charset=utf-8
Content-Length:2218
DEBUG: ManagedIdentityCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net/ ] ParentRequestId: ExpiresOn: 2023-08-14T14:19:14.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'e6f53d0a-0004-4a2a-84f7-3c394c783b99', UserId: 'MSI@50342'
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/subscriptions/ec6d270b-3a72-48e8-9a18-b8194af4ceaa/resourceGroups/apim-dmz-tst/providers/Microsoft.ApiManagement/service/apim-dmz-tst?api-version=2021-08-01
Headers:
Accept-Language : en-US
x-ms-client-request-id : bb28e3c8-295d-4fdf-b497-663a14439c88
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Cache-Control : no-cache
Pragma : no-cache
ETag : "AAAAAAEnCrk="
Strict-Transport-Security : max-age=31536000; includeSubDomains
x-ms-request-id : c86c3db9-5257-429c-a14b-ac24af82a070
Server : Microsoft-HTTPAPI/2.0
x-ms-ratelimit-remaining-subscription-reads: 11998
x-ms-correlation-request-id : c86c3db9-5257-429c-a14b-ac24af82a070
x-ms-routing-request-id : WESTEUROPE:20230814T130728Z:c86c3db9-5257-429c-a14b-ac24af82a070
X-Content-Type-Options : nosniff
Date : Mon, 14 Aug 2023 13:07:28 GMT
Body:
{
"id": "/subscriptions/ec6d270b-3a72-48e8-9a18-b8194af4ceaa/resourceGroups/apim-dmz-tst/providers/Microsoft.ApiManagement/service/apim-dmz-tst",
"name": "apim-dmz-tst",
"type": "Microsoft.ApiManagement/service",
"tags": {
"kostenplaats": "71212"
},
"location": "West Europe",
"etag": "AAAAAAEnCrk=",
"properties": {
"publisherEmail": "sdmimiddleware@***",
"publisherName": "***",
"notificationSenderEmail": "apimgmt-noreply@mail.windowsazure.com",
"provisioningState": "Succeeded",
"targetProvisioningState": "",
"createdAtUtc": "2023-05-30T08:06:00.8539042Z",
"gatewayUrl": "https://apim-dmz-tst.azure-api.net",
"gatewayRegionalUrl": "https://apim-dmz-tst-westeurope-01.regional.azure-api.net",
"portalUrl": "https://apim-dmz-tst.portal.azure-api.net",
"developerPortalUrl": "https://apim-dmz-tst.developer.azure-api.net",
"managementApiUrl": "https://apim-dmz-tst.management.azure-api.net",
"scmUrl": "https://apim-dmz-tst.scm.azure-api.net",
"hostnameConfigurations": [
{
"type": "Proxy",
"hostName": "apim-dmz-tst.azure-api.net",
"encodedCertificate": null,
"keyVaultId": null,
"certificatePassword": null,
"negotiateClientCertificate": false,
"certificate": null,
"defaultSslBinding": false,
"identityClientId": null,
"certificateSource": "BuiltIn",
"certificateStatus": null
},
{
"type": "Proxy",
"hostName": "apim-dmz-tst.webportaal-tst.local",
"encodedCertificate": null,
"keyVaultId": null,
"certificatePassword": null,
"negotiateClientCertificate": false,
"certificate": {
"expiry": "2024-05-30T11:35:02+00:00",
"thumbprint": "94A19974446B0C4A86E938A20728536A9982580E",
"subject": "***"
},
"defaultSslBinding": true,
"identityClientId": null,
"certificateSource": "Custom",
"certificateStatus": null
},
{
"type": "Management",
"hostName": "apim-dmz-tst-management.***",
"encodedCertificate": null,
"keyVaultId": null,
"certificatePassword": null,
"negotiateClientCertificate": false,
"certificate": {
"expiry": "2024-05-30T11:35:02+00:00",
"thumbprint": "94A19974446B0C4A86E938A20728536A9982580E",
"subject": "CN=apim-dmz-tst***"
},
"defaultSslBinding": false,
"identityClientId": null,
"certificateSource": "Custom",
"certificateStatus": null
},
{
"type": "Scm",
"hostName": "apim-dmz-tst***",
"encodedCertificate": null,
"keyVaultId": null,
"certificatePassword": null,
"negotiateClientCertificate": false,
"certificate": {
"expiry": "2024-05-30T11:35:02+00:00",
"thumbprint": "94A19974446B0C4A86E938A20728536A9982580E",
"subject": "CN=apim-dmz-tst***"
},
"defaultSslBinding": false,
"identityClientId": null,
"certificateSource": "Custom",
"certificateStatus": null
}
],
"publicIPAddresses": [
"***"
],
"privateIPAddresses": [
"***"
],
"additionalLocations": null,
"virtualNetworkConfiguration": {
"subnetResourceId": "/subscriptions/ec6d270b-3a72-48e8-9a18-b8194af4ceaa/resourcegroups/core-netwerk-non-prd/providers/microsoft.network/virtualnetworks/non-prd-dmz-01/subnets/sn-int-apim-dmz-tst-01",
"vnetid": "00000000-0000-0000-0000-000000000000",
"subnetname": null
},
"customProperties": {
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Protocols.Server.Http2": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168": "false",
"Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30": "false"
},
"virtualNetworkType": "Internal",
"certificates": [
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "Root",
"certificate": {
"expiry": "2026-11-24T15:18:26+00:00",
"thumbprint": "8DEBB973758587198153E3D6E56E4ACD3CC09D30",
"subject": "CN=Verzekeraar Interne PKI Root"
}
},
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "CertificateAuthority",
"certificate": {
"expiry": "2026-11-24T15:18:26+00:00",
"thumbprint": "C21800C5A2738D70BC7187950B101821A0CD5F4D",
"subject": "CN=Verzekeraar Interne PKI - Intermediate CA 1, DC=ins, DC=local"
}
},
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "Root",
"certificate": {
"expiry": "2037-03-17T09:29:20+00:00",
"thumbprint": "D5859F129B7738C6D38D67B23C6309F7565952EB",
"subject": "CN=***"
}
},
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "Root",
"certificate": {
"expiry": "2038-06-26T14:02:31+00:00",
"thumbprint": "5E1E41260E3564E19299D9D05390E1630EBD845A",
"subject": "CN=***"
}
},
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "CertificateAuthority",
"certificate": {
"expiry": "2037-03-17T09:29:20+00:00",
"thumbprint": "B71B11DE67189295BA8C29B76E0C338EE566982B",
"subject": "CN=***"
}
},
{
"encodedCertificate": null,
"certificatePassword": null,
"storeName": "CertificateAuthority",
"certificate": {
"expiry": "2038-06-26T14:02:31+00:00",
"thumbprint": "1F0922EC6B2B67363451F30AA174B5C247699D49",
"subject": "CN=***"
}
}
],
"apiVersionConstraint": {
"minApiVersion": "2019-12-01"
},
"publicIpAddressId": "/subscriptions/ec6d270b-3a72-48e8-9a18-b8194af4ceaa/resourceGroups/apim-dmz-tst/providers/Microsoft.Network/publicIPAddresses/pip-apim-dmz-tst-01",
"publicNetworkAccess": "Enabled",
"privateEndpointConnections": null,
"platformVersion": "stv2"
},
"sku": {
"name": "Developer",
"capacity": 1
},
"identity": {
"type": "SystemAssigned",
"principalId": "9fd2ec5b-0f43-4a18-8352-46063aa61dca",
"tenantId": "e6f53d0a-0004-4a2a-84f7-3c394c783b99"
},
"zones": null,
"systemData": {
"createdBy": "***",
"createdByType": "User",
"createdAt": "2023-05-30T08:06:00.3720995Z",
"lastModifiedBy": "***",
"lastModifiedByType": "User",
"lastModifiedAt": "2023-07-31T08:31:10.3876265Z"
}
}
DEBUG: 1:07:28 PM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.ApiManagement:4.0.2; CommandName: Get-AzApiManagement; PSVersion: 7.3.6; IsSuccess: True; Duration: 00:00:00.1633225
DEBUG: 1:07:28 PM - [ConfigManager] Got [True] from [EnableDataCollection], Module = [], Cmdlet = [].
DEBUG: 1:07:28 PM - GetAzureApiManagement end processing.
PS C:\> $apim.MinimalControlPlaneApiVersion = '2019-12-01'
PS C:\> Set-AzApiManagement -InputObject $apim
Set-AzApiManagement : 'SubnetResourceId' does not match expected pattern '^/subscriptions/[^/]*/resourceGroups/[^/]*/pr
oviders/Microsoft.(ClassicNetwork|Network)/virtualNetworks/[^/]*/subnets/[^/]*$'.Environment data
Name Value
---- -----
PSVersion 7.3.6
PSEdition Core
GitCommitId 7.3.6
OS Linux 5.4.0-1109-azure #115~18.04.1-Ubuntu SMP Mon May 22 20:06:37 UTC 2023
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0Module versions
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 2.12.5 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script 6.2.0 Az.Compute {Add-AzImageDataDisk, Add-AzVhd, Add-AzVMAdditionalUnattendContent, Add-AzVMDataDisk…}
Script 6.1.1 Az.Network {Add-AzApplicationGatewayAuthenticationCertificate, Add-AzApplicationGatewayBackendAddressPool, Add-AzApplicationGatewayBackendHttpSetting, …
Script 6.9.0 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Script 5.9.0 Az.Storage {Add-AzRmStorageContainerLegalHold, Add-AzStorageAccountManagementPolicyAction, Add-AzStorageAccountNetworkRule, Close-AzStorageFileHandle…}
Script 1.1.2 Az.Tools.Predictor {Disable-AzPredictor, Enable-AzPredictor, Open-AzPredictorSurvey, Send-AzPredictorRating}
Script 0.0.0.10 AzureAD.Standard.Preview {Add-AzureADApplicationOwner, Add-AzureADDeviceRegisteredOwner, Add-AzureADDeviceRegisteredUser, Add-AzureADDirectoryRoleMember…}
Script 0.9.3 AzurePSDrive
PS /home/sander>Error output
Message : 'SubnetResourceId' does not match expected pattern '^/subscriptions/[^/]*/resourceGroups/[^/]*/providers/Microsoft.(ClassicNetwork|Network)/virtualNetworks/[^/]*/subnets/[^/]*$'.
StackTrace : at Microsoft.Azure.Management.ApiManagement.Models.VirtualNetworkConfiguration.Validate()
at Microsoft.Azure.Management.ApiManagement.Models.ApiManagementServiceResource.Validate()
at Microsoft.Azure.Management.ApiManagement.ApiManagementServiceOperations.BeginCreateOrUpdateWithHttpMessagesAsync(String resourceGroupName, String serviceName,
ApiManagementServiceResource parameters, Dictionary`2 customHeaders, CancellationToken cancellationToken)
at Microsoft.Azure.Management.ApiManagement.ApiManagementServiceOperations.CreateOrUpdateWithHttpMessagesAsync(String resourceGroupName, String serviceName, ApiManagementServiceResource
parameters, Dictionary`2 customHeaders, CancellationToken cancellationToken)
at Microsoft.Azure.Management.ApiManagement.ApiManagementServiceOperationsExtensions.CreateOrUpdateAsync(IApiManagementServiceOperations operations, String resourceGroupName, String
serviceName, ApiManagementServiceResource parameters, CancellationToken cancellationToken)
at Microsoft.Azure.Management.ApiManagement.ApiManagementServiceOperationsExtensions.CreateOrUpdate(IApiManagementServiceOperations operations, String resourceGroupName, String serviceName,
ApiManagementServiceResource parameters)
at Microsoft.Azure.Commands.ApiManagement.ApiManagementClient.SetApiManagementService(PsApiManagement apiManagement, Boolean createSystemResourceIdentity, String[] userAssignedIdentity)
at Microsoft.Azure.Commands.ApiManagement.Commands.SetAzureApiManagement.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception : Microsoft.Rest.ValidationException
InvocationInfo : {Set-AzApiManagement}
Line : Set-AzApiManagement -InputObject $apim
Position : At line:1 char:1
+ Set-AzApiManagement -InputObject $apim
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 10