Home

Add Storage Account Endpoint to Managed Instance Subnet

%3CLINGO-SUB%20id%3D%22lingo-sub-1287612%22%20slang%3D%22en-US%22%3EAdd%20Storage%20Account%20Endpoint%20to%20Managed%20Instance%20Subnet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1287612%22%20slang%3D%22en-US%22%3E%3CP%3ESteps%3A%3C%2FP%3E%0A%3CP%3EOpen%20Storage%20Account%20--%26gt%3B%20Firewalls%20and%20virtual%20networks%20--%26gt%3B%20Selected%26nbsp%3B%20networks%20--%26gt%3B%26nbsp%3B%20Add%20existing%20virtual%20network%20--%26gt%3B%20(select%20managed%20instance%20subnet%20)%20then%20Add%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eif%20Managed%20Instance%20Subnet%20does%20not%20have%20delegate%20to%26nbsp%3BMicrosoft.Sql%2FmanagedInstances%20%2C%20deployment%20will%20fail%20with%20error%20%3D%26nbsp%3B%3CSTRONG%3EFound%20conflicts%20with%20NetworkIntentPolicy.%20Details%3A%20Subnet%20or%20Virtual%20Network%20cannot%20have%20resources%20or%20properties%20which%20conflict%20with%20network%20intent%20policy%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Edelegate%20can%20be%20added%20using%20Azure%20CLI%20command%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3Eaz%20network%20vnet%20subnet%20update%20%5C%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E--resource-group%20myResourceGroup%20%5C%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E--name%20mySubnet%20%5C%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E--vnet-name%20myVnet%20%5C%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E--delegations%20Microsoft.Sql%2FmanagedInstances%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20more%20information%20about%20%E2%80%9CEnabling%20subnet-delegation%20for%20existing%20deployments%22%20please%20visit%20%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fdocs.microsoft.com%252Fen-us%252Fazure%252Fsql-database%252Fsql-database-managed-instance-enabling-service-aided-subnet-configuration%2523enabling-subnet-delegation-for-existing-deployments%26amp%3Bdata%3D02%257C01%257Cv-ahmaa%2540microsoft.com%257Cea7444f524204af1559b08d7d70dadef%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C637214326120037044%26amp%3Bsdata%3D2CDmNyXwrjteAR45JCTbrxix%252B35ARYYyUqcRMveUVws%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsql-database%2Fsql-database-managed-instance-enabling-service-aided-subnet-configuration%23enabling-subnet-delegation-for-existing-deployments%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1287612%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1381267%22%20slang%3D%22en-US%22%3ERe%3A%20Add%20Storage%20Account%20Endpoint%20to%20Managed%20Instance%20Subnet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1381267%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F610893%22%20target%3D%22_blank%22%3E%40Ahmad_Al_Halabi%3C%2FA%3E%26nbsp%3BIs%20the%20same%20functionality%20available%20in%20Government%20Cloud%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Microsoft

Steps:

Open Storage Account --> Firewalls and virtual networks --> Selected  networks -->  Add existing virtual network --> (select managed instance subnet ) then Add

 

if Managed Instance Subnet does not have delegate to Microsoft.Sql/managedInstances , deployment will fail with error = Found conflicts with NetworkIntentPolicy. Details: Subnet or Virtual Network cannot have resources or properties which conflict with network intent policy

 

delegate can be added using Azure CLI command below:

 

az network vnet subnet update \ 

--resource-group myResourceGroup \ 

--name mySubnet \ 

--vnet-name myVnet \ 

--delegations Microsoft.Sql/managedInstances

 

For more information about “Enabling subnet-delegation for existing deployments" please visit https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance-enabling-service-a...

 

1 Reply
Highlighted

@Ahmad_Al_Halabi Is the same functionality available in Government Cloud?