How do I create a Private EndPoint that has a Delegated Subnet in Azure?

Question

I have created a Private Azure Kubernetes Service. Now, I need to create a Private EndPoint that connect my existing VNET to the AZ Kubernetes.

az network private-endpoint create 
--name PrivateKubeApiEndpoint2 
--resource-group hat-eastus2-nprd-rg 
--vnet-name eastus-28828-nprd-vnet 
--subnet eastus2-28828-nprd-snet 
--private-connection-resource-id /subscriptions/***/resourcegroups/aks-demo2-rg/providers/Microsoft.ContainerService/managedClusters/aks-demo2-cluster 
--group-ids management 
--connection-name myKubeConnection

It gives me an error saying:

(PrivateEndpointCreationNotAllowedAsSubnetIsDelegated) Private endpoint /subscriptions//resourceGroups/hat-eastus2-nprd-rg/providers/Microsoft.Network/privateEndpoints/PrivateKubeApiEndpoint2 cannot be created as subnet /subscriptions//resourceGroups/hat-eastus2-nprd-rg/providers/Microsoft.Network/virtualNetworks/eastus-28828-nprd-vnet/subnets/eastus2-28828-nprd-snet is delegated.

Question is: How do I assign a subnet that was set as delegated?

Charles Xu Charles Xu · Accepted Answer · 2021-03-10T03:02:00

Of course, it's impossible to create a private endpoint in the delegated subnet. See the limitation here for the delegated subnet, it shows you:

cannot be used with a private endpoint if the subnet is delegated

How do I create a Private EndPoint that has a Delegated Subnet in Azure?

1 Answers