Why when running MigrateToIdentity script in Azure is retrieving an error at Set-AzureWebApp stage ?

Running MigrateToIdentity script in Azure is retrieving an error at Set-AzureWebApp stage. The full error would be Set-AzureWebApp: Operation returned an invalid status code 'Bad Request'. For example:



Now to properly identity and understand the problem locate the script having this problem, in this case is OrchestratorSettingsUtils along with the line where the exception is retrieved, in this case line 40. In there add the "-debug" parameter and run it once more. Finally, a more detailed error should be given:



This specific error is retrieved when they are any rules at "Access restrictions" level for the App Service. This is a known-issue from Azure side when using AzRm module, and can be checked in here .

To overcome this problem, all rules must be removed from "Access Restrictions" temporarily, perform the Orchestrator upgrade and configure the rules back.