How to change VNet and Subnet of an existing Azure Application Gateway?

Question

Is it possible to move an already setup app gateway from one subnet to another?

As of now haven't seen any way from the portal to do so.

Answer 1

The accepted answer by andresm53 is excellent.
However, as the PowerShell AzureRm module is being phased out in favor of the newer Az module, here is an Az version (with a slight improvement to save from having to look up the subnet id in order to paste it into the code).
This is based, in addition to andresm53's code, also on an example in the MS docs.

### Fill in your values ###
$GatewayResourceGroupName = "MyRG1"
$GatewayName = "MyGw"
$VnetResourceGroupName = "MyRG2"  #may or may not be the same as $GatewayResourceGroupName
$VNetName = "MyVNet"
$SubnetName = "Subnet1"
###########################

$AppGw = Get-AzApplicationGateway -Name $GatewayName -ResourceGroupName $GatewayResourceGroupName
Stop-AzApplicationGateway -ApplicationGateway $AppGw
$VNet = Get-AzVirtualNetwork -Name $VNetName -ResourceGroupName $VnetResourceGroupName
$Subnet = Get-AzVirtualNetworkSubnetConfig -Name $SubnetName -VirtualNetwork $VNet
$AppGw = Set-AzApplicationGatewayIPConfiguration -ApplicationGateway $AppGw -Name  $AppGw.GatewayIPConfigurations[0].Name -Subnet $Subnet
Set-AzApplicationGateway -ApplicationGateway $AppGw
Start-AzApplicationGateway -ApplicationGateway $AppGw

Answer 2

I did it using azure cli, it's necessary to perform some steps:

1. Stop the application gateway
2. Change the subnet
3. Start the application gateway (this will take some minutes)

Using azure cli:

1. stopping application gateway

az network application-gateway stop --subscription YOUR_SUBSCRIPTION_NAME --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP --name YOUR_APP_GATEWAY_NAME

2. Change the subnet.

2.1 At this point, you need to know your current vnet data, given by next command

az network application-gateway show \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME

The output we need is at JSON section gatewayIpConfigurations

[
    {
      "etag": "REDACTED",
      "id": "REDACTED",
      "name": "REDACTED",
      "provisioningState": "REDACTED",
      "resourceGroup": "REDACTED",
      "subnet": {
        "id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_CURRENT_SUBNET",
        "resourceGroup": "REDACTED"
      },
      "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
    }
  ]

2.2 To change the subnet, you need to modify YOUR_CURRENT_SUBNET by your new subnet

[
    {
      "etag": "REDACTED",
      "id": "REDACTED",
      "name": "REDACTED",
      "provisioningState": "REDACTED",
      "resourceGroup": "REDACTED",
      "subnet": {
        "id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET",
        "resourceGroup": "REDACTED"
      },
      "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
    }
  ]

2.3 Copy the previous subnet id, put the proper subnet name you want now, and update it

az network application-gateway update \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME \
  --set gatewayIpConfigurations[0].subnet.id='/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET'

3. Start the application gateway

az network application-gateway start \
  --subscription YOUR_SUBSCRIPTION_NAME \
  --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
  --name YOUR_APP_GATEWAY_NAME