Azure ARM "code": "InUseSubnetCannotBeDeleted" when trying to update vnet

Question

I have a fairly simple ARM template which I use to create vnet, subnets and service endpoints. When I try to change the service endpoints I get error "code": "InUseSubnetCannotBeDeleted". Stating that one of my VMs is using one of the subnets. However, I do not want to delete that subnet. I just want to update it, operation which I can do via portal or powershell just fine. Is there some switch I need to change to make the ARM template update resources and not create them from scratch?

Template. I stripped it down to bare minimum. First I use this to create vnet and two subnets, deploy one VM and then run the deployment again and I get the subnet cannot be deleted:

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vnetName": {
      "type": "string",
      "defaultValue": "VNet1",
      "metadata": {
        "description": "VNet name"
      }
    },
    "vnetAddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/16",
      "metadata": {
        "description": "Address prefix"
      }
    },
    "subnets": {
      "type": "object"
    }
  },
  "variables": {
    "location": "[resourceGroup().location]",
    "subnetcount": "[length(parameters('subnets').settings)]"
  },
  "resources": [
    {
      "apiVersion": "2018-06-01",
      "type": "Microsoft.Network/virtualNetworks",
      "name": "[parameters('vnetName')]",
      "location": "[variables('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": ["[parameters('vnetAddressPrefix')]"]
        }
      },
      "resources": [
      ]
    },
    {
      "apiVersion": "2018-06-01",
      "type": "Microsoft.Network/virtualNetworks/subnets",
      "name": "[concat(parameters('vnetName') , '/' , parameters('subnets').settings[copyIndex()].name)]",
      "location": "[variables('location')]",
      "copy": {
        "name": "subnetLoop",
        "count": "[variables('subnetcount')]"
      },
      "dependsOn": ["[parameters('vnetName')]"],
      "properties": {
        "addressPrefix": "[parameters('subnets').settings[copyIndex()].addressPrefix]"
      }
    }
  ]
}

Answer 1

I ran into the same issue. Here is what I have found, and it is basically the same answer as the other user above.

Three ways to create a vnet with subnets in an ARM Template. (very crude example)

1. Works the first time it runs. After that, the vnet resource tries to delete the subnet.

{
  "vnet"
},
{
  "subnet",
  "dependsOnVnet"
}

---

2. Even though they are nested resources, the vnet doesn't have contextual awareness. Similar to option #1.

{
  "vnet"
  resources : [
    {
      "subnet",
      "dependsOnVnet"
    }
  ]
}

---

3. The vnet resource is subnet aware because it is a property of the vnet. It will not delete the subnet.

{
  "vnet"
  "properties":{
    "subnets" : ["subnet"]
  }
}

---

*These examples are with an Incremental ARM Deployment.*