Cannot associate VNet with Network Manager IPAM Pool if subnet uses addressPrefix property (not addressPrefixes)

[ComputerScienceSean]

Description

Problem:
When associating an existing VNet with an IPAM pool using Azure Virtual Network Manager, I receive the following error for all subnets:

Invalid configuration on subnet /subscriptions/xxxxx-xxxxxx-xxxxxx-xxxxx/resourceGroups/xxxxxxx/providers/Microsoft.Network/virtualNetworks/xxxxxxxxx/subnets/xxxxxxx; cannot populate both address prefix and address prefixes.

Root cause:
My subnets (created using PowerShell, Az module, or ARM) have a single address range, and therefore only populate the addressPrefix property (singular), not the required addressPrefixes array property. However, Network Manager IPAM requires only the addressPrefixes property to be present.

Expected behavior:

• I should be able to update an existing subnet so that only the addressPrefixes property is present (with one or more ranges), removing addressPrefix entirely, to be compatible with Network Manager/IPAM.
• Or, the backend should automatically accept or convert single-range addressPrefix subnets for IPAM/network manager association.

Repro steps:

1. Create a VNet and subnet with a single address range (e.g. using PowerShell or ARM/Bicep).
2. Attempt to associate the VNet with a Virtual Network Manager IPAM Pool.
3. Observe the error above.
4. Attempt to update the subnet to use addressPrefixes via PowerShell/CLI/Bicep; observe that the property is not updated, or addressPrefix remains.

What I tried:

• PowerShell: Set-AzVirtualNetworkSubnetConfig with -AddressPrefixes
• Az CLI: az network vnet subnet update --address-prefixes
• ARM/Bicep: Deploying subnet with only addressPrefixes
• All of these either keep or re-add addressPrefix for single-range subnets.

Blocking impact:

• Cannot migrate/associate existing VNets to Network Manager IPAM pools if subnets use addressPrefix
• Manual workaround (e.g. via REST PATCH or resource deletion/recreation) is risky and not supported

Ask:

• Please provide a supported way to update subnets so that only addressPrefixes is present (even for single-range subnets)
• Or, update the backend to allow both addressPrefix and addressPrefixes during transition, or auto-convert as needed

Thanks!

Issue script & Debug output

No error is thrown. the error is logical.

Environment data

Name                           Value
----                           -----
PSVersion                      7.5.2
PSEdition                      Core
GitCommitId                    7.5.2
OS                             Microsoft Windows 10.0.26100
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     5.1.1                 Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     7.18.0                Az.Network                          {Add-AzApplicationGatewayAuthenticationCertificate, Add-AzApplicationGatewayBackendAddressPool, Add-AzApplicationGatewayBackendHttpSetting, Add-AzApplicationGatewa…

Error output

No error is thrown. the error is logical.

[microsoft-github-policy-service]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @vnetsuppgithub.

[microsoft-github-policy-service]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @vnetsuppgithub.

[Flodu31]

Hello,

Same error here. I can't associate a subnet in IPAM.

Any update?
Florent