Bicep App Service Slot fails to create with virtualNetworkSubnetId specified

[StormRider01]

Bicep version run bicep --version via the Bicep CLI, az bicep version via the AZ CLI or via VS code by navigating to the extensions tab and searching for Bicep Bicep CLI version 0.19.5

Describe the bug A clear and concise description of what the bug is vs what you expected to happen Setting virtualNetworkSubnetId = ID for an App Service Slot should create the slot, and set the VNet to the supplied SubNet. Instead, I get this deployment error: There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 807a6047-72a2-48fb-ae2c-XXXXXXXXXXXX (Code: InternalServerError)

If I comment out virtualNetworkSubnetId, the slot will successfully create, and then re-running the same bicep file will then set the VNet.

To Reproduce Steps to reproduce the behavior: Deploy sample bicep file from below.

@description('The location in which all resources should be deployed.')
param location string = resourceGroup().location

@description('The name of the app to create.')
param appName string = 'VNetDemo0003'

var appServicePlanName = '${appName}${uniqueString(subscription().subscriptionId)}'
var vnetName = '${appName}vnet'
var vnetAddressPrefix = '10.0.0.0/16'
var subnetName = '${appName}sn'
var subnetAddressPrefix = '10.0.0.0/24'
var appServicePlanSku = 'S1'

resource appServicePlan 'Microsoft.Web/serverfarms@2020-06-01' = {
  name: appServicePlanName
  location: location
  sku: {
    name: appServicePlanSku
  }
  kind: 'app'
}

resource vnet 'Microsoft.Network/virtualNetworks@2020-06-01' = {
  name: vnetName
  location: location
  properties: {
    addressSpace: {
      addressPrefixes: [
        vnetAddressPrefix
      ]
    }
    subnets: [
      {
        name: subnetName
        properties: {
          addressPrefix: subnetAddressPrefix
          delegations: [
            {
              name: 'delegation'
              properties: {
                serviceName: 'Microsoft.Web/serverFarms'
              }
            }
          ]
        }
      }
    ]
  }
}

resource webApp 'Microsoft.Web/sites@2021-01-01' = {
  name: appName
  location: location
  kind: 'app'
  properties: {
    serverFarmId: appServicePlan.id
    virtualNetworkSubnetId: vnet.properties.subnets[0].id
    httpsOnly: true
    siteConfig: {
      vnetRouteAllEnabled: true
      http20Enabled: true
    }
  }
}

resource appService_Slot 'Microsoft.Web/sites/slots@2022-03-01' = {
  name: 'staging'
  location: location
  parent: webApp
  properties: {
   //errors if enabled during creation
    virtualNetworkSubnetId: vnet.properties.subnets[0].id
  }
}

[alex-frankel]

Any Internal Server Error is a bug in the Resource Providers error handling logic. Are you able to open a support ticket so the Microsoft.Web team can get this resolved?

[StormRider01]

Any Internal Server Error is a bug in the Resource Providers error handling logic. Are you able to open a support ticket so the Microsoft.Web team can get this resolved?

I have a ticket open, so far I'm being told to set the VNet in a separate run. I've pushed back on why I'm getting a InternalServerError, and supposed to get a call tomorrow.

[StormRider01]

Azure support found setting the ServerFarmId on the slot avoided the error. Is the Bicep validation engine capable of conditionally requiring the ServerFarmId property if virtualNetworkSubnetId is also specified? Should Bicep warn if the ServerFarmId property is missing for a slot?

resource appService_Slot 'Microsoft.Web/sites/slots@2022-03-01' = {
  name: 'staging'
  location: location
  parent: webApp
  properties: {
    serverFarmId: appServicePlan.id
    virtualNetworkSubnetId: vnet.properties.subnets[0].id
  }
}

[microsoft-github-policy-service[bot]]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @antcp, @AzureAppServiceCLI. Please see https://aka.ms/biceptypesinfo for troubleshooting help.