I want to set up an Application Gateway Standard_v2 for use as an Application Gateway Ingress Controller (AGIC) with an AKS cluster in the same region, resource group and subscription.
The application gateway will be created in a dedicated empty /24 subnet.
The documentation clearly states that this is a feature in preview and has to be enabled:
I have confirmed the EnableApplicationGatewayNetworkIsolation feature to be in "Registered" state in the correct subscription.
I noted that in the Portal UI for creating a new Application Gateway, it no longer displays an error message when selecting "Frontend IP address type" as "Private", as it did previously with the feature disabled. At this point, I assume that the feature has been enabled correctly.
The problem is that when I try to create the Application Gateway, the deployment fails with error message:
Application Gateway <id> does not support Application Gateway without Public IP for the selected SKU tier Standard_v2. Supported SKU tiers are Standard,WAF.
Error code: "ApplicationGatewayFeatureCannotBeEnabledForSelectedSku"
This is unexpected. It would mean that the feature had no effect on the API, but the Portal UI has changed.
What can I do about this?
This subnet has previously had other Standard_v2 Application Gateways deployed before the feature was enabled (they have been removed). Is it possible that the subnet has to be re-created to support the new gateway feature?