Module network

@pulumi/azure > network

Index ▾

network/applicationGateway.ts network/applicationSecurityGroup.ts network/connectionMonitor.ts network/ddosProtectionPlan.ts network/expressRouteCircuit.ts network/expressRouteCircuitAuthorization.ts network/expressRouteCircuitPeering.ts network/firewall.ts network/firewallApplicationRuleCollection.ts network/firewallNatRuleCollection.ts network/firewallNetworkRuleCollection.ts network/getApplicationSecurityGroup.ts network/getExpressRouteCircuit.ts network/getFirewall.ts network/getNetworkInterface.ts network/getNetworkSecurityGroup.ts network/getNetworkWatcher.ts network/getPublicIP.ts network/getPublicIPs.ts network/getRouteTable.ts network/getSubnet.ts network/getVirtualNetwork.ts network/getVirtualNetworkGateway.ts network/localNetworkGateway.ts network/networkConnectionMonitor.ts network/networkInterface.ts network/networkInterfaceApplicationGatewayBackendAddressPoolAssociation.ts network/networkInterfaceApplicationSecurityGroupAssociation.ts network/networkInterfaceBackendAddressPoolAssociation.ts network/networkInterfaceNatRuleAssociation.ts network/networkPacketCapture.ts network/networkSecurityGroup.ts network/networkSecurityRule.ts network/networkWatcher.ts network/packetCapture.ts network/profile.ts network/publicIp.ts network/publicIpPrefix.ts network/route.ts network/routeTable.ts network/subnet.ts network/subnetNetworkSecurityGroupAssociation.ts network/subnetRouteTableAssociation.ts network/virtualNetwork.ts network/virtualNetworkGateway.ts network/virtualNetworkGatewayConnection.ts network/virtualNetworkPeering.ts

class ApplicationGateway

extends CustomResource

Manages an Application Gateway.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "example-resources",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.254.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const backendAddressPoolName = pulumi.interpolate`${testVirtualNetwork.name}-beap`;
const frontendIpConfigurationName = pulumi.interpolate`${testVirtualNetwork.name}-feip`;
const frontendPortName = pulumi.interpolate`${testVirtualNetwork.name}-feport`;
const httpSettingName = pulumi.interpolate`${testVirtualNetwork.name}-be-htst`;
const listenerName = pulumi.interpolate`${testVirtualNetwork.name}-httplstn`;
const redirectConfigurationName = pulumi.interpolate`${testVirtualNetwork.name}-rdrcfg`;
const requestRoutingRuleName = pulumi.interpolate`${testVirtualNetwork.name}-rqrt`;
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Dynamic",
    location: testResourceGroup.location,
    name: "example-pip",
    resourceGroupName: testResourceGroup.name,
});
const frontend = new azure.network.Subnet("frontend", {
    addressPrefix: "10.254.0.0/24",
    name: "frontend",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const network = new azure.network.ApplicationGateway("network", {
    backendAddressPools: [{
        name: backendAddressPoolName,
    }],
    backendHttpSettings: [{
        cookieBasedAffinity: "Disabled",
        name: httpSettingName,
        path: "/path1/",
        port: 80,
        protocol: "Http",
        requestTimeout: 1,
    }],
    frontendIpConfigurations: [{
        name: frontendIpConfigurationName,
        publicIpAddressId: testPublicIp.id,
    }],
    frontendPorts: [{
        name: frontendPortName,
        port: 80,
    }],
    gatewayIpConfigurations: [{
        name: "my-gateway-ip-configuration",
        subnetId: frontend.id,
    }],
    httpListeners: [{
        frontendIpConfigurationName: frontendIpConfigurationName,
        frontendPortName: frontendPortName,
        name: listenerName,
        protocol: "Http",
    }],
    location: testResourceGroup.location,
    name: "example-appgateway",
    requestRoutingRules: [{
        backendAddressPoolName: backendAddressPoolName,
        backendHttpSettingsName: httpSettingName,
        httpListenerName: listenerName,
        name: requestRoutingRuleName,
        ruleType: "Basic",
    }],
    resourceGroupName: testResourceGroup.name,
    sku: {
        capacity: 2,
        name: "Standard_Small",
        tier: "Standard",
    },
});
const backend = new azure.network.Subnet("backend", {
    addressPrefix: "10.254.2.0/24",
    name: "backend",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});

constructor

new ApplicationGateway(name: string, args: ApplicationGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a ApplicationGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ApplicationGatewayState, opts?: pulumi.CustomResourceOptions): ApplicationGateway

Get an existing ApplicationGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authenticationCertificates

public authenticationCertificates: pulumi.Output<{
    data: string;
    id: string;
    name: string;
}[] | undefined>;

One or more authentication_certificate blocks as defined below.

property autoscaleConfiguration

public autoscaleConfiguration: pulumi.Output<{
    maxCapacity: undefined | number;
    minCapacity: number;
} | undefined>;

A autoscale_configuration block as defined below.

property backendAddressPools

public backendAddressPools: pulumi.Output<{
    fqdnLists: string[];
    fqdns: string[];
    id: string;
    ipAddressLists: string[];
    ipAddresses: string[];
    name: string;
}[]>;

One or more backend_address_pool blocks as defined below.

property backendHttpSettings

public backendHttpSettings: pulumi.Output<{
    affinityCookieName: undefined | string;
    authenticationCertificates: {
        id: string;
        name: string;
    }[];
    connectionDraining: undefined | {
        drainTimeoutSec: number;
        enabled: boolean;
    };
    cookieBasedAffinity: string;
    hostName: undefined | string;
    id: string;
    name: string;
    path: undefined | string;
    pickHostNameFromBackendAddress: undefined | false | true;
    port: number;
    probeId: string;
    probeName: undefined | string;
    protocol: string;
    requestTimeout: undefined | number;
}[]>;

One or more backend_http_settings blocks as defined below.

property customErrorConfigurations

public customErrorConfigurations: pulumi.Output<{
    customErrorPageUrl: string;
    id: string;
    statusCode: string;
}[] | undefined>;

One or more custom_error_configuration blocks as defined below.

property disabledSslProtocols

public disabledSslProtocols: pulumi.Output<string[]>;

A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2. > NOTE: disabled_ssl_protocols has been deprecated in favour of disabled_protocols in the ssl_policy block.

property enableHttp2

public enableHttp2: pulumi.Output<boolean | undefined>;

Is HTTP2 enabled on the application gateway resource? Defaults to false.

property frontendIpConfigurations

public frontendIpConfigurations: pulumi.Output<{
    id: string;
    name: string;
    privateIpAddress: string;
    privateIpAddressAllocation: string;
    publicIpAddressId: string;
    subnetId: string;
}[]>;

One or more frontend_ip_configuration blocks as defined below.

property frontendPorts

public frontendPorts: pulumi.Output<{
    id: string;
    name: string;
    port: number;
}[]>;

One or more frontend_port blocks as defined below.

property gatewayIpConfigurations

public gatewayIpConfigurations: pulumi.Output<{
    id: string;
    name: string;
    subnetId: string;
}[]>;

One or more gateway_ip_configuration blocks as defined below.

property httpListeners

public httpListeners: pulumi.Output<{
    customErrorConfigurations: {
        customErrorPageUrl: string;
        id: string;
        statusCode: string;
    }[];
    frontendIpConfigurationId: string;
    frontendIpConfigurationName: string;
    frontendPortId: string;
    frontendPortName: string;
    hostName: undefined | string;
    id: string;
    name: string;
    protocol: string;
    requireSni: undefined | false | true;
    sslCertificateId: string;
    sslCertificateName: undefined | string;
}[]>;

One or more http_listener blocks as defined below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the Application Gateway. Changing this forces a new resource to be created.

property probes

public probes: pulumi.Output<{
    host: undefined | string;
    id: string;
    interval: number;
    match: {
        body: undefined | string;
        statusCodes: string[];
    };
    minimumServers: undefined | number;
    name: string;
    path: string;
    pickHostNameFromBackendHttpSettings: undefined | false | true;
    protocol: string;
    timeout: number;
    unhealthyThreshold: number;
}[] | undefined>;

One or more probe blocks as defined below.

property redirectConfigurations

public redirectConfigurations: pulumi.Output<{
    id: string;
    includePath: undefined | false | true;
    includeQueryString: undefined | false | true;
    name: string;
    redirectType: string;
    targetListenerId: string;
    targetListenerName: undefined | string;
    targetUrl: undefined | string;
}[] | undefined>;

A redirect_configuration block as defined below.

property requestRoutingRules

public requestRoutingRules: pulumi.Output<{
    backendAddressPoolId: string;
    backendAddressPoolName: undefined | string;
    backendHttpSettingsId: string;
    backendHttpSettingsName: undefined | string;
    httpListenerId: string;
    httpListenerName: string;
    id: string;
    name: string;
    redirectConfigurationId: string;
    redirectConfigurationName: undefined | string;
    rewriteRuleSetId: string;
    rewriteRuleSetName: undefined | string;
    ruleType: string;
    urlPathMapId: string;
    urlPathMapName: undefined | string;
}[]>;

One or more request_routing_rule blocks as defined below.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

property rewriteRuleSets

public rewriteRuleSets: pulumi.Output<{
    id: string;
    name: string;
    rewriteRules: {
        conditions: {
            ignoreCase: undefined | false | true;
            negate: undefined | false | true;
            pattern: string;
            variable: string;
        }[];
        name: string;
        requestHeaderConfigurations: {
            headerName: string;
            headerValue: string;
        }[];
        responseHeaderConfigurations: {
            headerName: string;
            headerValue: string;
        }[];
        ruleSequence: number;
    }[];
}[] | undefined>;

One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

property sku

public sku: pulumi.Output<{
    capacity: undefined | number;
    name: string;
    tier: string;
}>;

A sku block as defined below.

property sslCertificates

public sslCertificates: pulumi.Output<{
    data: string;
    id: string;
    name: string;
    password: string;
    publicCertData: string;
}[] | undefined>;

One or more ssl_certificate blocks as defined below.

property sslPolicies

public sslPolicies: pulumi.Output<{
    cipherSuites: string[];
    disabledProtocols: string[];
    minProtocolVersion: undefined | string;
    policyName: undefined | string;
    policyType: undefined | string;
}[]>;

a ssl policy block as defined below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urlPathMaps

public urlPathMaps: pulumi.Output<{
    defaultBackendAddressPoolId: string;
    defaultBackendAddressPoolName: undefined | string;
    defaultBackendHttpSettingsId: string;
    defaultBackendHttpSettingsName: undefined | string;
    defaultRedirectConfigurationId: string;
    defaultRedirectConfigurationName: undefined | string;
    defaultRewriteRuleSetId: string;
    defaultRewriteRuleSetName: undefined | string;
    id: string;
    name: string;
    pathRules: {
        backendAddressPoolId: string;
        backendAddressPoolName: undefined | string;
        backendHttpSettingsId: string;
        backendHttpSettingsName: undefined | string;
        id: string;
        name: string;
        paths: string[];
        redirectConfigurationId: string;
        redirectConfigurationName: undefined | string;
        rewriteRuleSetId: string;
        rewriteRuleSetName: undefined | string;
    }[];
}[] | undefined>;

One or more url_path_map blocks as defined below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property wafConfiguration

public wafConfiguration: pulumi.Output<{
    disabledRuleGroups: {
        ruleGroupName: string;
        rules: number[];
    }[];
    enabled: boolean;
    exclusions: {
        matchVariable: string;
        selector: undefined | string;
        selectorMatchOperator: undefined | string;
    }[];
    fileUploadLimitMb: undefined | number;
    firewallMode: string;
    maxRequestBodySizeKb: undefined | number;
    requestBodyCheck: undefined | false | true;
    ruleSetType: undefined | string;
    ruleSetVersion: string;
} | undefined>;

A waf_configuration block as defined below.

property zones

public zones: pulumi.Output<string[] | undefined>;

A collection of availability zones to spread the Application Gateway over.

class ApplicationSecurityGroup

extends CustomResource

Manage an Application Security Group.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "tf-test",
});
const testApplicationSecurityGroup = new azure.network.ApplicationSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "tf-appsecuritygroup",
    resourceGroupName: testResourceGroup.name,
    tags: {
        Hello: "World",
    },
});

constructor

new ApplicationSecurityGroup(name: string, args: ApplicationSecurityGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a ApplicationSecurityGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ApplicationSecurityGroupState, opts?: pulumi.CustomResourceOptions): ApplicationSecurityGroup

Get an existing ApplicationSecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Application Security Group.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class ConnectionMonitor

extends CustomResource

Configures a Connection Monitor to monitor communication between a Virtual Machine and an endpoint using a Network Watcher.

NOTE: This resource has been deprecated in favour of the azurerm_network_connection_monitor resource and will be removed in the next major version of the AzureRM Provider. The new resource shares the same fields as this one, and information on migrating across can be found in this guide.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "connection-monitor-rg",
});
const testNetworkWatcher = new azure.network.NetworkWatcher("test", {
    location: testResourceGroup.location,
    name: "network-watcher",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "production-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "cmtest-nic",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualMachine = new azure.compute.VirtualMachine("test", {
    location: testResourceGroup.location,
    name: "cmtest-vm",
    networkInterfaceIds: [testNetworkInterface.id],
    osProfile: {
        adminPassword: "Password1234!",
        adminUsername: "testadmin",
        computerName: "cmtest-vm",
    },
    osProfileLinuxConfig: {
        disablePasswordAuthentication: false,
    },
    resourceGroupName: testResourceGroup.name,
    storageImageReference: {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
    },
    storageOsDisk: {
        caching: "ReadWrite",
        createOption: "FromImage",
        managedDiskType: "Standard_LRS",
        name: "osdisk",
    },
    vmSize: "Standard_F2",
});
const testExtension = new azure.compute.Extension("test", {
    autoUpgradeMinorVersion: true,
    location: testResourceGroup.location,
    name: "cmtest-vm-network-watcher",
    publisher: "Microsoft.Azure.NetworkWatcher",
    resourceGroupName: testResourceGroup.name,
    type: "NetworkWatcherAgentLinux",
    typeHandlerVersion: "1.4",
    virtualMachineName: testVirtualMachine.name,
});
const testConnectionMonitor = new azure.network.ConnectionMonitor("test", {
    destination: {
        address: "terraform.io",
        port: 80,
    },
    location: testResourceGroup.location,
    name: "cmtest-connectionmonitor",
    networkWatcherName: testNetworkWatcher.name,
    resourceGroupName: testResourceGroup.name,
    source: {
        virtualMachineId: testVirtualMachine.id,
    },
}, {dependsOn: [testExtension]});

NOTE: This Resource requires that the Network Watcher Agent Virtual Machine Extension is installed on the Virtual Machine before monitoring can be started. The extension can be installed via the azurerm_virtual_machine_extension resource.

constructor

new ConnectionMonitor(name: string, args: ConnectionMonitorArgs, opts?: pulumi.CustomResourceOptions)

Create a ConnectionMonitor resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ConnectionMonitorState, opts?: pulumi.CustomResourceOptions): ConnectionMonitor

Get an existing ConnectionMonitor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoStart

public autoStart: pulumi.Output<boolean | undefined>;

Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

property destination

public destination: pulumi.Output<{
    address: undefined | string;
    port: number;
    virtualMachineId: undefined | string;
}>;

A destination block as defined below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property intervalInSeconds

public intervalInSeconds: pulumi.Output<number | undefined>;

Monitoring interval in seconds. Defaults to 60.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the Connection Monitor. Changing this forces a new resource to be created.

property networkWatcherName

public networkWatcherName: pulumi.Output<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

property source

public source: pulumi.Output<{
    port: undefined | number;
    virtualMachineId: string;
}>;

A source block as defined below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class DdosProtectionPlan

extends CustomResource

Manages an AzureNetwork DDoS Protection Plan.

NOTE Azure only allow one DDoS Protection Plan per region.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testDdosProtectionPlan = new azure.network.DdosProtectionPlan("test", {
    location: testResourceGroup.location,
    name: "example-protection-plan",
    resourceGroupName: testResourceGroup.name,
});

constructor

new DdosProtectionPlan(name: string, args: DdosProtectionPlanArgs, opts?: pulumi.CustomResourceOptions)

Create a DdosProtectionPlan resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DdosProtectionPlanState, opts?: pulumi.CustomResourceOptions): DdosProtectionPlan

Get an existing DdosProtectionPlan resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualNetworkIds

public virtualNetworkIds: pulumi.Output<string[]>;

The Resource ID list of the Virtual Networks associated with DDoS Protection Plan.

class ExpressRouteCircuit

extends CustomResource

Manages an ExpressRoute circuit.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "exprtTest",
});
const testExpressRouteCircuit = new azure.network.ExpressRouteCircuit("test", {
    bandwidthInMbps: 50,
    location: testResourceGroup.location,
    name: "expressRoute1",
    peeringLocation: "Silicon Valley",
    resourceGroupName: testResourceGroup.name,
    serviceProviderName: "Equinix",
    sku: {
        family: "MeteredData",
        tier: "Standard",
    },
    tags: {
        environment: "Production",
    },
});

constructor

new ExpressRouteCircuit(name: string, args: ExpressRouteCircuitArgs, opts?: pulumi.CustomResourceOptions)

Create a ExpressRouteCircuit resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExpressRouteCircuitState, opts?: pulumi.CustomResourceOptions): ExpressRouteCircuit

Get an existing ExpressRouteCircuit resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowClassicOperations

public allowClassicOperations: pulumi.Output<boolean | undefined>;

Allow the circuit to interact with classic (RDFE) resources. The default value is false.

property bandwidthInMbps

public bandwidthInMbps: pulumi.Output<number>;

The bandwidth in Mbps of the circuit being created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property peeringLocation

public peeringLocation: pulumi.Output<string>;

The name of the peering location and not the Azure resource location.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

property serviceKey

public serviceKey: pulumi.Output<string>;

The string needed by the service provider to provision the ExpressRoute circuit.

property serviceProviderName

public serviceProviderName: pulumi.Output<string>;

The name of the ExpressRoute Service Provider.

property serviceProviderProvisioningState

public serviceProviderProvisioningState: pulumi.Output<string>;

The ExpressRoute circuit provisioning state from your chosen service provider. Possible values are “NotProvisioned”, “Provisioning”, “Provisioned”, and “Deprovisioning”.

property sku

public sku: pulumi.Output<{
    family: string;
    tier: string;
}>;

A sku block for the ExpressRoute circuit as documented below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class ExpressRouteCircuitAuthorization

extends CustomResource

Manages an ExpressRoute Circuit Authorization.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "exprtTest",
});
const testExpressRouteCircuit = new azure.network.ExpressRouteCircuit("test", {
    allowClassicOperations: false,
    bandwidthInMbps: 50,
    location: testResourceGroup.location,
    name: "expressRoute1",
    peeringLocation: "Silicon Valley",
    resourceGroupName: testResourceGroup.name,
    serviceProviderName: "Equinix",
    sku: {
        family: "MeteredData",
        tier: "Standard",
    },
    tags: {
        environment: "Production",
    },
});
const testExpressRouteCircuitAuthorization = new azure.network.ExpressRouteCircuitAuthorization("test", {
    expressRouteCircuitName: testExpressRouteCircuit.name,
    name: "exampleERCAuth",
    resourceGroupName: testResourceGroup.name,
});

constructor

new ExpressRouteCircuitAuthorization(name: string, args: ExpressRouteCircuitAuthorizationArgs, opts?: pulumi.CustomResourceOptions)

Create a ExpressRouteCircuitAuthorization resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExpressRouteCircuitAuthorizationState, opts?: pulumi.CustomResourceOptions): ExpressRouteCircuitAuthorization

Get an existing ExpressRouteCircuitAuthorization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authorizationKey

public authorizationKey: pulumi.Output<string>;

The Authorization Key.

property authorizationUseStatus

public authorizationUseStatus: pulumi.Output<string>;

The authorization use status.

property expressRouteCircuitName

public expressRouteCircuitName: pulumi.Output<string>;

The name of the Express Route Circuit in which to create the Authorization.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class ExpressRouteCircuitPeering

extends CustomResource

Manages an ExpressRoute Circuit Peering.

Example Usage (Creating a Microsoft Peering)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "exprtTest",
});
const testExpressRouteCircuit = new azure.network.ExpressRouteCircuit("test", {
    allowClassicOperations: false,
    bandwidthInMbps: 50,
    location: testResourceGroup.location,
    name: "expressRoute1",
    peeringLocation: "Silicon Valley",
    resourceGroupName: testResourceGroup.name,
    serviceProviderName: "Equinix",
    sku: {
        family: "MeteredData",
        tier: "Standard",
    },
    tags: {
        environment: "Production",
    },
});
const testExpressRouteCircuitPeering = new azure.network.ExpressRouteCircuitPeering("test", {
    expressRouteCircuitName: testExpressRouteCircuit.name,
    microsoftPeeringConfig: {
        advertisedPublicPrefixes: ["123.1.0.0/24"],
    },
    peerAsn: 100,
    peeringType: "MicrosoftPeering",
    primaryPeerAddressPrefix: "123.0.0.0/30",
    resourceGroupName: testResourceGroup.name,
    secondaryPeerAddressPrefix: "123.0.0.4/30",
    vlanId: 300,
});

constructor

new ExpressRouteCircuitPeering(name: string, args: ExpressRouteCircuitPeeringArgs, opts?: pulumi.CustomResourceOptions)

Create a ExpressRouteCircuitPeering resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExpressRouteCircuitPeeringState, opts?: pulumi.CustomResourceOptions): ExpressRouteCircuitPeering

Get an existing ExpressRouteCircuitPeering resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property azureAsn

public azureAsn: pulumi.Output<number>;

The ASN used by Azure.

property expressRouteCircuitName

public expressRouteCircuitName: pulumi.Output<string>;

The name of the ExpressRoute Circuit in which to create the Peering.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property microsoftPeeringConfig

public microsoftPeeringConfig: pulumi.Output<{
    advertisedPublicPrefixes: string[];
} | undefined>;

A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

property peerAsn

public peerAsn: pulumi.Output<number>;

The Either a 16-bit or a 32-bit ASN. Can either be public or private..

property peeringType

public peeringType: pulumi.Output<string>;

The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

property primaryAzurePort

public primaryAzurePort: pulumi.Output<string>;

The Primary Port used by Azure for this Peering.

property primaryPeerAddressPrefix

public primaryPeerAddressPrefix: pulumi.Output<string>;

A /30 subnet for the primary link.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

property secondaryAzurePort

public secondaryAzurePort: pulumi.Output<string>;

The Secondary Port used by Azure for this Peering.

property secondaryPeerAddressPrefix

public secondaryPeerAddressPrefix: pulumi.Output<string>;

A /30 subnet for the secondary link.

property sharedKey

public sharedKey: pulumi.Output<string | undefined>;

The shared key. Can be a maximum of 25 characters.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vlanId

public vlanId: pulumi.Output<number>;

A valid VLAN ID to establish this peering on.

class Firewall

extends CustomResource

Manages an Azure Firewall.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "North Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "testpip",
    resourceGroupName: testResourceGroup.name,
    sku: "Standard",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "testvnet",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "AzureFirewallSubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testFirewall = new azure.network.Firewall("test", {
    ipConfiguration: {
        name: "configuration",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    },
    location: testResourceGroup.location,
    name: "testfirewall",
    resourceGroupName: testResourceGroup.name,
});

constructor

new Firewall(name: string, args: FirewallArgs, opts?: pulumi.CustomResourceOptions)

Create a Firewall resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallState, opts?: pulumi.CustomResourceOptions): Firewall

Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfiguration

public ipConfiguration: pulumi.Output<{
    internalPublicIpAddressId: string;
    name: string;
    privateIpAddress: string;
    publicIpAddressId: string;
    subnetId: string;
}>;

A ip_configuration block as documented below.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Firewall. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class FirewallApplicationRuleCollection

extends CustomResource

Manages an Application Rule Collection within an Azure Firewall.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "North Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "testpip",
    resourceGroupName: testResourceGroup.name,
    sku: "Standard",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "testvnet",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "AzureFirewallSubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testFirewall = new azure.network.Firewall("test", {
    ipConfiguration: {
        name: "configuration",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    },
    location: testResourceGroup.location,
    name: "testfirewall",
    resourceGroupName: testResourceGroup.name,
});
const testFirewallApplicationRuleCollection = new azure.network.FirewallApplicationRuleCollection("test", {
    action: "Allow",
    azureFirewallName: testFirewall.name,
    name: "testcollection",
    priority: 100,
    resourceGroupName: testResourceGroup.name,
    rules: [{
        name: "testrule",
        protocols: [{
            port: 443,
            type: "Https",
        }],
        sourceAddresses: ["10.0.0.0/16"],
        targetFqdns: ["*.google.com"],
    }],
});

constructor

new FirewallApplicationRuleCollection(name: string, args: FirewallApplicationRuleCollectionArgs, opts?: pulumi.CustomResourceOptions)

Create a FirewallApplicationRuleCollection resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallApplicationRuleCollectionState, opts?: pulumi.CustomResourceOptions): FirewallApplicationRuleCollection

Get an existing FirewallApplicationRuleCollection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property action

public action: pulumi.Output<string>;

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

property azureFirewallName

public azureFirewallName: pulumi.Output<string>;

Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

property priority

public priority: pulumi.Output<number>;

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

property rules

public rules: pulumi.Output<{
    description: undefined | string;
    fqdnTags: string[];
    name: string;
    protocols: {
        port: undefined | number;
        type: string;
    }[];
    sourceAddresses: string[];
    targetFqdns: string[];
}[]>;

One or more rule blocks as defined below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class FirewallNatRuleCollection

extends CustomResource

Manages a NAT Rule Collection within an Azure Firewall.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "North Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "testpip",
    resourceGroupName: testResourceGroup.name,
    sku: "Standard",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "testvnet",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "AzureFirewallSubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testFirewall = new azure.network.Firewall("test", {
    ipConfiguration: {
        name: "configuration",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    },
    location: testResourceGroup.location,
    name: "testfirewall",
    resourceGroupName: testResourceGroup.name,
});
const testFirewallNatRuleCollection = new azure.network.FirewallNatRuleCollection("test", {
    action: "Dnat",
    azureFirewallName: testFirewall.name,
    name: "testcollection",
    priority: 100,
    resourceGroupName: testResourceGroup.name,
    rules: [{
        destinationAddresses: [
            "8.8.8.8",
            "8.8.4.4",
        ],
        destinationPorts: ["53"],
        name: "testrule",
        protocols: [
            "TCP",
            "UDP",
        ],
        sourceAddresses: ["10.0.0.0/16"],
    }],
});

constructor

new FirewallNatRuleCollection(name: string, args: FirewallNatRuleCollectionArgs, opts?: pulumi.CustomResourceOptions)

Create a FirewallNatRuleCollection resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallNatRuleCollectionState, opts?: pulumi.CustomResourceOptions): FirewallNatRuleCollection

Get an existing FirewallNatRuleCollection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property action

public action: pulumi.Output<string>;

Specifies the action the rule will apply to matching traffic. Possible values are Dnat and Snat.

property azureFirewallName

public azureFirewallName: pulumi.Output<string>;

Specifies the name of the Firewall in which the NAT Rule Collection should be created. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Specifies the name of the NAT Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

property priority

public priority: pulumi.Output<number>;

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

property rules

public rules: pulumi.Output<{
    description: undefined | string;
    destinationAddresses: string[];
    destinationPorts: string[];
    name: string;
    protocols: string[];
    sourceAddresses: string[];
    translatedAddress: string;
    translatedPort: string;
}[]>;

One or more rule blocks as defined below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class FirewallNetworkRuleCollection

extends CustomResource

Manages a Network Rule Collection within an Azure Firewall.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "North Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "testpip",
    resourceGroupName: testResourceGroup.name,
    sku: "Standard",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "testvnet",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "AzureFirewallSubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testFirewall = new azure.network.Firewall("test", {
    ipConfiguration: {
        name: "configuration",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    },
    location: testResourceGroup.location,
    name: "testfirewall",
    resourceGroupName: testResourceGroup.name,
});
const testFirewallNetworkRuleCollection = new azure.network.FirewallNetworkRuleCollection("test", {
    action: "Allow",
    azureFirewallName: testFirewall.name,
    name: "testcollection",
    priority: 100,
    resourceGroupName: testResourceGroup.name,
    rules: [{
        destinationAddresses: [
            "8.8.8.8",
            "8.8.4.4",
        ],
        destinationPorts: ["53"],
        name: "testrule",
        protocols: [
            "TCP",
            "UDP",
        ],
        sourceAddresses: ["10.0.0.0/16"],
    }],
});

constructor

new FirewallNetworkRuleCollection(name: string, args: FirewallNetworkRuleCollectionArgs, opts?: pulumi.CustomResourceOptions)

Create a FirewallNetworkRuleCollection resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallNetworkRuleCollectionState, opts?: pulumi.CustomResourceOptions): FirewallNetworkRuleCollection

Get an existing FirewallNetworkRuleCollection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property action

public action: pulumi.Output<string>;

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

property azureFirewallName

public azureFirewallName: pulumi.Output<string>;

Specifies the name of the Firewall in which the Network Rule Collection should be created. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Specifies the name of the Network Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

property priority

public priority: pulumi.Output<number>;

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

property rules

public rules: pulumi.Output<{
    description: undefined | string;
    destinationAddresses: string[];
    destinationPorts: string[];
    name: string;
    protocols: string[];
    sourceAddresses: string[];
}[]>;

One or more rule blocks as defined below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class LocalNetworkGateway

extends CustomResource

Manages a local network gateway connection over which specific connections can be configured.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "localNetworkGWTest",
});
const home = new azure.network.LocalNetworkGateway("home", {
    addressSpaces: ["10.0.0.0/16"],
    gatewayAddress: "12.13.14.15",
    location: test.location,
    name: "backHome",
    resourceGroupName: test.name,
});

constructor

new LocalNetworkGateway(name: string, args: LocalNetworkGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a LocalNetworkGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LocalNetworkGatewayState, opts?: pulumi.CustomResourceOptions): LocalNetworkGateway

Get an existing LocalNetworkGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property addressSpaces

public addressSpaces: pulumi.Output<string[]>;

The list of string CIDRs representing the address spaces the gateway exposes.

property bgpSettings

public bgpSettings: pulumi.Output<{
    asn: number;
    bgpPeeringAddress: string;
    peerWeight: number;
} | undefined>;

A bgp_settings block as defined below containing the Local Network Gateway’s BGP speaker settings.

property gatewayAddress

public gatewayAddress: pulumi.Output<string>;

The IP address of the gateway to which to connect.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

The location/region where the local network gateway is created. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the local network gateway. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the local network gateway.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkConnectionMonitor

extends CustomResource

Configures a Network Connection Monitor to monitor communication between a Virtual Machine and an endpoint using a Network Watcher.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "connection-monitor-rg",
});
const testNetworkWatcher = new azure.network.NetworkWatcher("test", {
    location: testResourceGroup.location,
    name: "network-watcher",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "production-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "cmtest-nic",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualMachine = new azure.compute.VirtualMachine("test", {
    location: testResourceGroup.location,
    name: "cmtest-vm",
    networkInterfaceIds: [testNetworkInterface.id],
    osProfile: {
        adminPassword: "Password1234!",
        adminUsername: "testadmin",
        computerName: "cmtest-vm",
    },
    osProfileLinuxConfig: {
        disablePasswordAuthentication: false,
    },
    resourceGroupName: testResourceGroup.name,
    storageImageReference: {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
    },
    storageOsDisk: {
        caching: "ReadWrite",
        createOption: "FromImage",
        managedDiskType: "Standard_LRS",
        name: "osdisk",
    },
    vmSize: "Standard_F2",
});
const testExtension = new azure.compute.Extension("test", {
    autoUpgradeMinorVersion: true,
    location: testResourceGroup.location,
    name: "cmtest-vm-network-watcher",
    publisher: "Microsoft.Azure.NetworkWatcher",
    resourceGroupName: testResourceGroup.name,
    type: "NetworkWatcherAgentLinux",
    typeHandlerVersion: "1.4",
    virtualMachineName: testVirtualMachine.name,
});
const testNetworkConnectionMonitor = new azure.network.NetworkConnectionMonitor("test", {
    destination: {
        address: "terraform.io",
        port: 80,
    },
    location: testResourceGroup.location,
    name: "cmtest-connectionmonitor",
    networkWatcherName: testNetworkWatcher.name,
    resourceGroupName: testResourceGroup.name,
    source: {
        virtualMachineId: testVirtualMachine.id,
    },
}, {dependsOn: [testExtension]});

NOTE: This Resource requires that the Network Watcher Agent Virtual Machine Extension is installed on the Virtual Machine before monitoring can be started. The extension can be installed via the azurerm_virtual_machine_extension resource.

constructor

new NetworkConnectionMonitor(name: string, args: NetworkConnectionMonitorArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkConnectionMonitor resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkConnectionMonitorState, opts?: pulumi.CustomResourceOptions): NetworkConnectionMonitor

Get an existing NetworkConnectionMonitor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoStart

public autoStart: pulumi.Output<boolean | undefined>;

Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

property destination

public destination: pulumi.Output<{
    address: undefined | string;
    port: number;
    virtualMachineId: undefined | string;
}>;

A destination block as defined below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property intervalInSeconds

public intervalInSeconds: pulumi.Output<number | undefined>;

Monitoring interval in seconds. Defaults to 60.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the Network Connection Monitor. Changing this forces a new resource to be created.

property networkWatcherName

public networkWatcherName: pulumi.Output<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

property source

public source: pulumi.Output<{
    port: undefined | number;
    virtualMachineId: string;
}>;

A source block as defined below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkInterface

extends CustomResource

Manages a Network Interface located in a Virtual Network, usually attached to a Virtual Machine.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "acceptanceTestVirtualNetwork1",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "testsubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "acceptanceTestNetworkInterface1",
    resourceGroupName: testResourceGroup.name,
    tags: {
        environment: "staging",
    },
});

constructor

new NetworkInterface(name: string, args: NetworkInterfaceArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterface resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceState, opts?: pulumi.CustomResourceOptions): NetworkInterface

Get an existing NetworkInterface resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appliedDnsServers

public appliedDnsServers: pulumi.Output<string[]>;

If the VM that uses this NIC is part of an Availability Set, then this list will have the union of all DNS servers from all NICs that are part of the Availability Set

property dnsServers

public dnsServers: pulumi.Output<string[]>;

List of DNS servers IP addresses to use for this NIC, overrides the VNet-level server list

property enableAcceleratedNetworking

public enableAcceleratedNetworking: pulumi.Output<boolean | undefined>;

Enables Azure Accelerated Networking using SR-IOV. Only certain VM instance sizes are supported. Refer to Create a Virtual Machine with Accelerated Networking. Defaults to false.

property enableIpForwarding

public enableIpForwarding: pulumi.Output<boolean | undefined>;

Enables IP Forwarding on the NIC. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property internalDnsNameLabel

public internalDnsNameLabel: pulumi.Output<string>;

Relative DNS name for this NIC used for internal communications between VMs in the same VNet

property internalFqdn

public internalFqdn: pulumi.Output<string>;

property ipConfigurations

public ipConfigurations: pulumi.Output<{
    applicationGatewayBackendAddressPoolsIds: string[];
    applicationSecurityGroupIds: string[];
    loadBalancerBackendAddressPoolsIds: string[];
    loadBalancerInboundNatRulesIds: string[];
    name: string;
    primary: boolean;
    privateIpAddress: undefined | string;
    privateIpAddressAllocation: string;
    privateIpAddressVersion: undefined | string;
    publicIpAddressId: undefined | string;
    subnetId: undefined | string;
}[]>;

One or more ip_configuration associated with this NIC as documented below.

property location

public location: pulumi.Output<string>;

The location/region where the network interface is created. Changing this forces a new resource to be created.

property macAddress

public macAddress: pulumi.Output<string>;

The media access control (MAC) address of the network interface.

property name

public name: pulumi.Output<string>;

The name of the network interface. Changing this forces a new resource to be created.

property networkSecurityGroupId

public networkSecurityGroupId: pulumi.Output<string | undefined>;

The ID of the Network Security Group to associate with the network interface.

property privateIpAddress

public privateIpAddress: pulumi.Output<string>;

The first private IP address of the network interface.

property privateIpAddresses

public privateIpAddresses: pulumi.Output<string[]>;

The private IP addresses of the network interface.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the network interface. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualMachineId

public virtualMachineId: pulumi.Output<string>;

Reference to a VM with which this NIC has been associated.

class NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation

extends CustomResource

Manages the association between a Network Interface and a Application Gateway’s Backend Address Pool.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const backendAddressPoolName = pulumi.interpolate`${testVirtualNetwork.name}-beap`;
const frontendIpConfigurationName = pulumi.interpolate`${testVirtualNetwork.name}-feip`;
const frontendPortName = pulumi.interpolate`${testVirtualNetwork.name}-feport`;
const httpSettingName = pulumi.interpolate`${testVirtualNetwork.name}-be-htst`;
const listenerName = pulumi.interpolate`${testVirtualNetwork.name}-httplstn`;
const requestRoutingRuleName = pulumi.interpolate`${testVirtualNetwork.name}-rqrt`;
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Dynamic",
    location: testResourceGroup.location,
    name: "example-pip",
    resourceGroupName: testResourceGroup.name,
});
const frontend = new azure.network.Subnet("frontend", {
    addressPrefix: "10.254.0.0/24",
    name: "frontend",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const network = new azure.network.ApplicationGateway("network", {
    backendAddressPools: [{
        name: backendAddressPoolName,
    }],
    backendHttpSettings: [{
        cookieBasedAffinity: "Disabled",
        name: httpSettingName,
        port: 80,
        protocol: "Http",
        requestTimeout: 1,
    }],
    frontendIpConfigurations: [{
        name: frontendIpConfigurationName,
        publicIpAddressId: testPublicIp.id,
    }],
    frontendPorts: [{
        name: frontendPortName,
        port: 80,
    }],
    gatewayIpConfigurations: [{
        name: "my-gateway-ip-configuration",
        subnetId: frontend.id,
    }],
    httpListeners: [{
        frontendIpConfigurationName: frontendIpConfigurationName,
        frontendPortName: frontendPortName,
        name: listenerName,
        protocol: "Http",
    }],
    location: testResourceGroup.location,
    name: "example-appgateway",
    requestRoutingRules: [{
        backendAddressPoolName: backendAddressPoolName,
        backendHttpSettingsName: httpSettingName,
        httpListenerName: listenerName,
        name: requestRoutingRuleName,
        ruleType: "Basic",
    }],
    resourceGroupName: testResourceGroup.name,
    sku: {
        capacity: 2,
        name: "Standard_Small",
        tier: "Standard",
    },
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: frontend.id,
    }],
    location: testResourceGroup.location,
    name: "example-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkInterfaceApplicationGatewayBackendAddressPoolAssociation = new azure.network.NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation("test", {
    backendAddressPoolId: azurerm_application_gateway_test.backendAddressPool.0.id,
    ipConfigurationName: "testconfiguration1",
    networkInterfaceId: testNetworkInterface.id,
});
const backend = new azure.network.Subnet("backend", {
    addressPrefix: "10.254.2.0/24",
    name: "backend",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});

constructor

new NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation(name: string, args: NetworkInterfaceApplicationGatewayBackendAddressPoolAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceApplicationGatewayBackendAddressPoolAssociationState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation

Get an existing NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendAddressPoolId

public backendAddressPoolId: pulumi.Output<string>;

The ID of the Application Gateway’s Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurationName

public ipConfigurationName: pulumi.Output<string>;

The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

property networkInterfaceId

public networkInterfaceId: pulumi.Output<string>;

The ID of the Network Interface. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkInterfaceApplicationSecurityGroupAssociation

extends CustomResource

Manages the association between a Network Interface and a Application Security Group.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testApplicationSecurityGroup = new azure.network.ApplicationSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "example-asg",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        applicationSecurityGroupIds: [testApplicationSecurityGroup.id],
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "example-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkInterfaceApplicationSecurityGroupAssociation = new azure.network.NetworkInterfaceApplicationSecurityGroupAssociation("test", {
    applicationSecurityGroupId: testApplicationSecurityGroup.id,
    ipConfigurationName: "testconfiguration1",
    networkInterfaceId: testNetworkInterface.id,
});

constructor

new NetworkInterfaceApplicationSecurityGroupAssociation(name: string, args: NetworkInterfaceApplicationSecurityGroupAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceApplicationSecurityGroupAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceApplicationSecurityGroupAssociationState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceApplicationSecurityGroupAssociation

Get an existing NetworkInterfaceApplicationSecurityGroupAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property applicationSecurityGroupId

public applicationSecurityGroupId: pulumi.Output<string>;

The ID of the Application Security Group which this Network Interface which should be connected to. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurationName

public ipConfigurationName: pulumi.Output<string>;

The Name of the IP Configuration within the Network Interface which should be connected to the Application Security Group. Changing this forces a new resource to be created.

property networkInterfaceId

public networkInterfaceId: pulumi.Output<string>;

The ID of the Network Interface. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkInterfaceBackendAddressPoolAssociation

extends CustomResource

Manages the association between a Network Interface and a Load Balancer’s Backend Address Pool.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "example-pip",
    resourceGroupName: testResourceGroup.name,
});
const testLoadBalancer = new azure.lb.LoadBalancer("test", {
    frontendIpConfigurations: [{
        name: "primary",
        publicIpAddressId: testPublicIp.id,
    }],
    location: testResourceGroup.location,
    name: "example-lb",
    resourceGroupName: testResourceGroup.name,
});
const testBackendAddressPool = new azure.lb.BackendAddressPool("test", {
    loadbalancerId: testLoadBalancer.id,
    name: "acctestpool",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "example-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkInterfaceBackendAddressPoolAssociation = new azure.network.NetworkInterfaceBackendAddressPoolAssociation("test", {
    backendAddressPoolId: testBackendAddressPool.id,
    ipConfigurationName: "testconfiguration1",
    networkInterfaceId: testNetworkInterface.id,
});

constructor

new NetworkInterfaceBackendAddressPoolAssociation(name: string, args: NetworkInterfaceBackendAddressPoolAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceBackendAddressPoolAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceBackendAddressPoolAssociationState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceBackendAddressPoolAssociation

Get an existing NetworkInterfaceBackendAddressPoolAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendAddressPoolId

public backendAddressPoolId: pulumi.Output<string>;

The ID of the Load Balancer Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurationName

public ipConfigurationName: pulumi.Output<string>;

The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

property networkInterfaceId

public networkInterfaceId: pulumi.Output<string>;

The ID of the Network Interface. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkInterfaceNatRuleAssociation

extends CustomResource

Manages the association between a Network Interface and a Load Balancer’s NAT Rule.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: testResourceGroup.location,
    name: "example-pip",
    resourceGroupName: testResourceGroup.name,
});
const testLoadBalancer = new azure.lb.LoadBalancer("test", {
    frontendIpConfigurations: [{
        name: "primary",
        publicIpAddressId: testPublicIp.id,
    }],
    location: testResourceGroup.location,
    name: "example-lb",
    resourceGroupName: testResourceGroup.name,
});
const testNatRule = new azure.lb.NatRule("test", {
    backendPort: 3389,
    frontendIpConfigurationName: "primary",
    frontendPort: 3389,
    loadbalancerId: testLoadBalancer.id,
    name: "RDPAccess",
    protocol: "Tcp",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "example-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkInterfaceNatRuleAssociation = new azure.network.NetworkInterfaceNatRuleAssociation("test", {
    ipConfigurationName: "testconfiguration1",
    natRuleId: testNatRule.id,
    networkInterfaceId: testNetworkInterface.id,
});

constructor

new NetworkInterfaceNatRuleAssociation(name: string, args: NetworkInterfaceNatRuleAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceNatRuleAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceNatRuleAssociationState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceNatRuleAssociation

Get an existing NetworkInterfaceNatRuleAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurationName

public ipConfigurationName: pulumi.Output<string>;

The Name of the IP Configuration within the Network Interface which should be connected to the NAT Rule. Changing this forces a new resource to be created.

property natRuleId

public natRuleId: pulumi.Output<string>;

The ID of the Load Balancer NAT Rule which this Network Interface which should be connected to. Changing this forces a new resource to be created.

property networkInterfaceId

public networkInterfaceId: pulumi.Output<string>;

The ID of the Network Interface. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkPacketCapture

extends CustomResource

Configures Network Packet Capturing against a Virtual Machine using a Network Watcher.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "packet-capture-rg",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "production-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "pctest-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkWatcher = new azure.network.NetworkWatcher("test", {
    location: testResourceGroup.location,
    name: "network-watcher",
    resourceGroupName: testResourceGroup.name,
});
const testAccount = new azure.storage.Account("test", {
    accountReplicationType: "LRS",
    accountTier: "Standard",
    location: testResourceGroup.location,
    name: "pctestsa",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualMachine = new azure.compute.VirtualMachine("test", {
    location: testResourceGroup.location,
    name: "pctest-vm",
    networkInterfaceIds: [testNetworkInterface.id],
    osProfile: {
        adminPassword: "Password1234!",
        adminUsername: "testadmin",
        computerName: "pctest-vm",
    },
    osProfileLinuxConfig: {
        disablePasswordAuthentication: false,
    },
    resourceGroupName: testResourceGroup.name,
    storageImageReference: {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
    },
    storageOsDisk: {
        caching: "ReadWrite",
        createOption: "FromImage",
        managedDiskType: "Standard_LRS",
        name: "osdisk",
    },
    vmSize: "Standard_F2",
});
const testExtension = new azure.compute.Extension("test", {
    autoUpgradeMinorVersion: true,
    location: testResourceGroup.location,
    name: "network-watcher",
    publisher: "Microsoft.Azure.NetworkWatcher",
    resourceGroupName: testResourceGroup.name,
    type: "NetworkWatcherAgentLinux",
    typeHandlerVersion: "1.4",
    virtualMachineName: testVirtualMachine.name,
});
const testNetworkPacketCapture = new azure.network.NetworkPacketCapture("test", {
    name: "pctestcapture",
    networkWatcherName: testNetworkWatcher.name,
    resourceGroupName: testResourceGroup.name,
    storageLocation: {
        storageAccountId: testAccount.id,
    },
    targetResourceId: testVirtualMachine.id,
}, {dependsOn: [testExtension]});

NOTE: This Resource requires that the Network Watcher Virtual Machine Extension is installed on the Virtual Machine before capturing can be enabled which can be installed via the azurerm_virtual_machine_extension resource.

constructor

new NetworkPacketCapture(name: string, args: NetworkPacketCaptureArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkPacketCapture resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkPacketCaptureState, opts?: pulumi.CustomResourceOptions): NetworkPacketCapture

Get an existing NetworkPacketCapture resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property filters

public filters: pulumi.Output<{
    localIpAddress: undefined | string;
    localPort: undefined | string;
    protocol: string;
    remoteIpAddress: undefined | string;
    remotePort: undefined | string;
}[] | undefined>;

One or more filter blocks as defined below. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property maximumBytesPerPacket

public maximumBytesPerPacket: pulumi.Output<number | undefined>;

The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

property maximumBytesPerSession

public maximumBytesPerSession: pulumi.Output<number | undefined>;

Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

property maximumCaptureDuration

public maximumCaptureDuration: pulumi.Output<number | undefined>;

The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name to use for this Network Packet Capture. Changing this forces a new resource to be created.

property networkWatcherName

public networkWatcherName: pulumi.Output<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

property storageLocation

public storageLocation: pulumi.Output<{
    filePath: undefined | string;
    storageAccountId: undefined | string;
    storagePath: string;
}>;

A storage_location block as defined below. Changing this forces a new resource to be created.

property targetResourceId

public targetResourceId: pulumi.Output<string>;

The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkSecurityGroup

extends CustomResource

Manages a network security group that contains a list of network security rules. Network security groups enable inbound or outbound traffic to be enabled or denied.

NOTE on Network Security Groups and Network Security Rules: Terraform currently provides both a standalone Network Security Rule resource, and allows for Network Security Rules to be defined in-line within the Network Security Group resource. At this time you cannot use a Network Security Group with in-line Network Security Rules in conjunction with any Network Security Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "acceptanceTestSecurityGroup1",
    resourceGroupName: testResourceGroup.name,
    securityRules: [{
        access: "Allow",
        destinationAddressPrefix: "*",
        destinationPortRange: "*",
        direction: "Inbound",
        name: "test123",
        priority: 100,
        protocol: "Tcp",
        sourceAddressPrefix: "*",
        sourcePortRange: "*",
    }],
    tags: {
        environment: "Production",
    },
});

constructor

new NetworkSecurityGroup(name: string, args: NetworkSecurityGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkSecurityGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkSecurityGroupState, opts?: pulumi.CustomResourceOptions): NetworkSecurityGroup

Get an existing NetworkSecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the security rule.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the network security group. Changing this forces a new resource to be created.

property securityRules

public securityRules: pulumi.Output<{
    access: string;
    description: undefined | string;
    destinationAddressPrefix: undefined | string;
    destinationAddressPrefixes: string[];
    destinationApplicationSecurityGroupIds: string[];
    destinationPortRange: undefined | string;
    destinationPortRanges: string[];
    direction: string;
    name: string;
    priority: number;
    protocol: string;
    sourceAddressPrefix: undefined | string;
    sourceAddressPrefixes: string[];
    sourceApplicationSecurityGroupIds: string[];
    sourcePortRange: undefined | string;
    sourcePortRanges: string[];
}[]>;

List of objects representing security rules, as defined below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkSecurityRule

extends CustomResource

Manages a Network Security Rule.

NOTE on Network Security Groups and Network Security Rules: Terraform currently provides both a standalone Network Security Rule resource, and allows for Network Security Rules to be defined in-line within the Network Security Group resource. At this time you cannot use a Network Security Group with in-line Network Security Rules in conjunction with any Network Security Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "acceptanceTestSecurityGroup1",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkSecurityRule = new azure.network.NetworkSecurityRule("test", {
    access: "Allow",
    destinationAddressPrefix: "*",
    destinationPortRange: "*",
    direction: "Outbound",
    name: "test123",
    networkSecurityGroupName: testNetworkSecurityGroup.name,
    priority: 100,
    protocol: "Tcp",
    resourceGroupName: testResourceGroup.name,
    sourceAddressPrefix: "*",
    sourcePortRange: "*",
});

constructor

new NetworkSecurityRule(name: string, args: NetworkSecurityRuleArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkSecurityRule resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkSecurityRuleState, opts?: pulumi.CustomResourceOptions): NetworkSecurityRule

Get an existing NetworkSecurityRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property access

public access: pulumi.Output<string>;

Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

property description

public description: pulumi.Output<string | undefined>;

A description for this rule. Restricted to 140 characters.

property destinationAddressPrefix

public destinationAddressPrefix: pulumi.Output<string | undefined>;

CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

property destinationAddressPrefixes

public destinationAddressPrefixes: pulumi.Output<string[] | undefined>;

List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

property destinationApplicationSecurityGroupIds

public destinationApplicationSecurityGroupIds: pulumi.Output<string | undefined>;

A List of destination Application Security Group ID’s

property destinationPortRange

public destinationPortRange: pulumi.Output<string | undefined>;

Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified.

property destinationPortRanges

public destinationPortRanges: pulumi.Output<string[] | undefined>;

List of destination ports or port ranges. This is required if destination_port_range is not specified.

property direction

public direction: pulumi.Output<string>;

The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are Inbound and Outbound.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the security rule. This needs to be unique across all Rules in the Network Security Group. Changing this forces a new resource to be created.

property networkSecurityGroupName

public networkSecurityGroupName: pulumi.Output<string>;

The name of the Network Security Group that we want to attach the rule to. Changing this forces a new resource to be created.

property priority

public priority: pulumi.Output<number>;

Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

property protocol

public protocol: pulumi.Output<string>;

Network protocol this rule applies to. Possible values include Tcp, Udp or * (which matches both).

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Network Security Rule. Changing this forces a new resource to be created.

property sourceAddressPrefix

public sourceAddressPrefix: pulumi.Output<string | undefined>;

CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

property sourceAddressPrefixes

public sourceAddressPrefixes: pulumi.Output<string[] | undefined>;

List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

property sourceApplicationSecurityGroupIds

public sourceApplicationSecurityGroupIds: pulumi.Output<string | undefined>;

A List of source Application Security Group ID’s

property sourcePortRange

public sourcePortRange: pulumi.Output<string | undefined>;

Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

property sourcePortRanges

public sourcePortRanges: pulumi.Output<string[] | undefined>;

List of source ports or port ranges. This is required if source_port_range is not specified.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkWatcher

extends CustomResource

Manages a Network Watcher.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "production-nwwatcher",
});
const testNetworkWatcher = new azure.network.NetworkWatcher("test", {
    location: testResourceGroup.location,
    name: "production-nwwatcher",
    resourceGroupName: testResourceGroup.name,
});

constructor

new NetworkWatcher(name: string, args: NetworkWatcherArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkWatcher resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkWatcherState, opts?: pulumi.CustomResourceOptions): NetworkWatcher

Get an existing NetworkWatcher resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Network Watcher. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class PacketCapture

extends CustomResource

Configures Packet Capturing against a Virtual Machine using a Network Watcher.

NOTE: This resource has been deprecated in favour of the azurerm_network_connection_monitor resource and will be removed in the next major version of the AzureRM Provider. The new resource shares the same fields as this one, and information on migrating across can be found in this guide.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "packet-capture-rg",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "production-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "internal",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddressAllocation: "Dynamic",
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "pctest-nic",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkWatcher = new azure.network.NetworkWatcher("test", {
    location: testResourceGroup.location,
    name: "network-watcher",
    resourceGroupName: testResourceGroup.name,
});
const testAccount = new azure.storage.Account("test", {
    accountReplicationType: "LRS",
    accountTier: "Standard",
    location: testResourceGroup.location,
    name: "pctestsa",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualMachine = new azure.compute.VirtualMachine("test", {
    location: testResourceGroup.location,
    name: "pctest-vm",
    networkInterfaceIds: [testNetworkInterface.id],
    osProfile: {
        adminPassword: "Password1234!",
        adminUsername: "testadmin",
        computerName: "pctest-vm",
    },
    osProfileLinuxConfig: {
        disablePasswordAuthentication: false,
    },
    resourceGroupName: testResourceGroup.name,
    storageImageReference: {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
    },
    storageOsDisk: {
        caching: "ReadWrite",
        createOption: "FromImage",
        managedDiskType: "Standard_LRS",
        name: "osdisk",
    },
    vmSize: "Standard_F2",
});
const testExtension = new azure.compute.Extension("test", {
    autoUpgradeMinorVersion: true,
    location: testResourceGroup.location,
    name: "network-watcher",
    publisher: "Microsoft.Azure.NetworkWatcher",
    resourceGroupName: testResourceGroup.name,
    type: "NetworkWatcherAgentLinux",
    typeHandlerVersion: "1.4",
    virtualMachineName: testVirtualMachine.name,
});
const testPacketCapture = new azure.network.PacketCapture("test", {
    name: "pctestcapture",
    networkWatcherName: testNetworkWatcher.name,
    resourceGroupName: testResourceGroup.name,
    storageLocation: {
        storageAccountId: testAccount.id,
    },
    targetResourceId: testVirtualMachine.id,
}, {dependsOn: [testExtension]});

NOTE: This Resource requires that the Network Watcher Virtual Machine Extension is installed on the Virtual Machine before capturing can be enabled which can be installed via the azurerm_virtual_machine_extension resource.

constructor

new PacketCapture(name: string, args: PacketCaptureArgs, opts?: pulumi.CustomResourceOptions)

Create a PacketCapture resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PacketCaptureState, opts?: pulumi.CustomResourceOptions): PacketCapture

Get an existing PacketCapture resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property filters

public filters: pulumi.Output<{
    localIpAddress: undefined | string;
    localPort: undefined | string;
    protocol: string;
    remoteIpAddress: undefined | string;
    remotePort: undefined | string;
}[] | undefined>;

One or more filter blocks as defined below. Changing this forces a new resource to be created.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property maximumBytesPerPacket

public maximumBytesPerPacket: pulumi.Output<number | undefined>;

The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

property maximumBytesPerSession

public maximumBytesPerSession: pulumi.Output<number | undefined>;

Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

property maximumCaptureDuration

public maximumCaptureDuration: pulumi.Output<number | undefined>;

The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name to use for this Packet Capture. Changing this forces a new resource to be created.

property networkWatcherName

public networkWatcherName: pulumi.Output<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

property storageLocation

public storageLocation: pulumi.Output<{
    filePath: undefined | string;
    storageAccountId: undefined | string;
    storagePath: string;
}>;

A storage_location block as defined below. Changing this forces a new resource to be created.

property targetResourceId

public targetResourceId: pulumi.Output<string>;

The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Profile

extends CustomResource

Manages an Azure Network Profile.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const exampleResourceGroup = new azure.core.ResourceGroup("example", {
    location: "West Europe",
    name: "examplegroup",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
    addressSpaces: ["10.1.0.0/16"],
    location: exampleResourceGroup.location,
    name: "examplevnet",
    resourceGroupName: exampleResourceGroup.name,
});
const exampleSubnet = new azure.network.Subnet("example", {
    addressPrefix: "10.1.0.0/24",
    delegations: [{
        name: "delegation",
        serviceDelegation: {
            actions: ["Microsoft.Network/virtualNetworks/subnets/action"],
            name: "Microsoft.ContainerInstance/containerGroups",
        },
    }],
    name: "examplesubnet",
    resourceGroupName: exampleResourceGroup.name,
    virtualNetworkName: exampleVirtualNetwork.name,
});
const exampleProfile = new azure.network.Profile("example", {
    containerNetworkInterfaceConfiguration: [{
        ipConfiguration: [{
            name: "exampleipconfig",
            subnetId: exampleSubnet.id,
        }],
        name: "examplecnic",
    }],
    location: exampleResourceGroup.location,
    name: "examplenetprofile",
    resourceGroupName: exampleResourceGroup.name,
});

constructor

new Profile(name: string, args: ProfileArgs, opts?: pulumi.CustomResourceOptions)

Create a Profile resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProfileState, opts?: pulumi.CustomResourceOptions): Profile

Get an existing Profile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property containerNetworkInterface

public containerNetworkInterface: pulumi.Output<{
    ipConfigurations: {
        name: string;
        subnetId: string;
    }[];
    name: string;
}>;

property containerNetworkInterfaceIds

public containerNetworkInterfaceIds: pulumi.Output<string[]>;

One or more Resource IDs of Azure Container Network Interfaces.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Network Profile. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class PublicIp

extends CustomResource

Manage a Public IP Address.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "resourceGroup1",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Static",
    location: "West US",
    name: "acceptanceTestPublicIp1",
    resourceGroupName: testResourceGroup.name,
    tags: {
        environment: "Production",
    },
});

constructor

new PublicIp(name: string, args: PublicIpArgs, opts?: pulumi.CustomResourceOptions)

Create a PublicIp resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PublicIpState, opts?: pulumi.CustomResourceOptions): PublicIp

Get an existing PublicIp resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allocationMethod

public allocationMethod: pulumi.Output<string>;

Defines the allocation method for this IP address. Possible values are Static or Dynamic.

property domainNameLabel

public domainNameLabel: pulumi.Output<string | undefined>;

Label for the Domain Name. Will be used to make up the FQDN. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.

property fqdn

public fqdn: pulumi.Output<string>;

Fully qualified domain name of the A DNS record associated with the public IP. domain_name_label must be specified to get the fqdn. This is the concatenation of the domain_name_label and the regionalized DNS zone

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property idleTimeoutInMinutes

public idleTimeoutInMinutes: pulumi.Output<number | undefined>;

Specifies the timeout for the TCP idle connection. The value can be set between 4 and 30 minutes.

property ipAddress

public ipAddress: pulumi.Output<string>;

The IP address value that was allocated.

property ipVersion

public ipVersion: pulumi.Output<string | undefined>;

The IP Version to use, IPv6 or IPv4.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Public IP resource . Changing this forces a new resource to be created.

property publicIpAddressAllocation

public publicIpAddressAllocation: pulumi.Output<string>;

property publicIpPrefixId

public publicIpPrefixId: pulumi.Output<string | undefined>;

If specified then public IP address allocated will be provided from the public IP prefix resource.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the public ip.

property reverseFqdn

public reverseFqdn: pulumi.Output<string | undefined>;

A fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

property sku

public sku: pulumi.Output<string | undefined>;

The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zones

public zones: pulumi.Output<string | undefined>;

A collection containing the availability zone to allocate the Public IP in.

class PublicIpPrefix

extends CustomResource

Manage a Public IP Prefix.

NOTE Public IP Prefix are currently in Public Preview. You can find more information about Public IP Preifx Preview here.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "resourceGroup1",
});
const testPublicIpPrefix = new azure.network.PublicIpPrefix("test", {
    location: testResourceGroup.location,
    name: "acceptanceTestPublicIpPrefix1",
    prefixLength: 31,
    resourceGroupName: testResourceGroup.name,
    tags: {
        environment: "Production",
    },
});

constructor

new PublicIpPrefix(name: string, args: PublicIpPrefixArgs, opts?: pulumi.CustomResourceOptions)

Create a PublicIpPrefix resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PublicIpPrefixState, opts?: pulumi.CustomResourceOptions): PublicIpPrefix

Get an existing PublicIpPrefix resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipPrefix

public ipPrefix: pulumi.Output<string>;

The IP address prefix value that was allocated.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

Specifies the name of the Public IP resource . Changing this forces a new resource to be created.

property prefixLength

public prefixLength: pulumi.Output<number | undefined>;

Specifies the number of bits of the prefix. The value can be set between 24 (256 addresses) and 31 (2 addresses). Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the public IP.

property sku

public sku: pulumi.Output<string | undefined>;

The SKU of the Public IP Prefix. Accepted values are Standard. Defaults to Standard. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zones

public zones: pulumi.Output<string | undefined>;

A collection containing the availability zone to allocate the Public IP in.

class Route

extends CustomResource

Manages a Route within a Route Table.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testRouteTable = new azure.network.RouteTable("test", {
    location: testResourceGroup.location,
    name: "acceptanceTestRouteTable1",
    resourceGroupName: testResourceGroup.name,
});
const testRoute = new azure.network.Route("test", {
    addressPrefix: "10.1.0.0/16",
    name: "acceptanceTestRoute1",
    nextHopType: "vnetlocal",
    resourceGroupName: testResourceGroup.name,
    routeTableName: testRouteTable.name,
});

constructor

new Route(name: string, args: RouteArgs, opts?: pulumi.CustomResourceOptions)

Create a Route resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteState, opts?: pulumi.CustomResourceOptions): Route

Get an existing Route resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property addressPrefix

public addressPrefix: pulumi.Output<string>;

The destination CIDR to which the route applies, such as 10.1.0.0/16

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the route. Changing this forces a new resource to be created.

property nextHopInIpAddress

public nextHopInIpAddress: pulumi.Output<string | undefined>;

Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

property nextHopType

public nextHopType: pulumi.Output<string>;

The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the route. Changing this forces a new resource to be created.

property routeTableName

public routeTableName: pulumi.Output<string>;

The name of the route table within which create the route. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class RouteTable

extends CustomResource

Manages a Route Table

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testRouteTable = new azure.network.RouteTable("test", {
    disableBgpRoutePropagation: false,
    location: testResourceGroup.location,
    name: "acceptanceTestSecurityGroup1",
    resourceGroupName: testResourceGroup.name,
    routes: [{
        addressPrefix: "10.1.0.0/16",
        name: "route1",
        nextHopType: "vnetlocal",
    }],
    tags: {
        environment: "Production",
    },
});

constructor

new RouteTable(name: string, args: RouteTableArgs, opts?: pulumi.CustomResourceOptions)

Create a RouteTable resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteTableState, opts?: pulumi.CustomResourceOptions): RouteTable

Get an existing RouteTable resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property disableBgpRoutePropagation

public disableBgpRoutePropagation: pulumi.Output<boolean | undefined>;

Boolean flag which controls propagation of routes learned by BGP on that route table. True means disable.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the route.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the route table. Changing this forces a new resource to be created.

property routes

public routes: pulumi.Output<{
    addressPrefix: string;
    name: string;
    nextHopInIpAddress: undefined | string;
    nextHopType: string;
}[]>;

List of objects representing routes. Each object accepts the arguments documented below.

property subnets

public subnets: pulumi.Output<string[]>;

The collection of Subnets associated with this route table.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Subnet

extends CustomResource

Manages a subnet. Subnets represent network segments within the IP space defined by the virtual network.

NOTE on Virtual Networks and Subnet’s: Terraform currently provides both a standalone Subnet resource, and allows for Subnets to be defined in-line within the Virtual Network resource. At this time you cannot use a Virtual Network with in-line Subnets in conjunction with any Subnet resources. Doing so will cause a conflict of Subnet configurations and will overwrite Subnet’s.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "acceptanceTestVirtualNetwork1",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    delegations: [{
        name: "acctestdelegation",
        serviceDelegation: {
            actions: ["Microsoft.Network/virtualNetworks/subnets/action"],
            name: "Microsoft.ContainerInstance/containerGroups",
        },
    }],
    name: "testsubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});

constructor

new Subnet(name: string, args: SubnetArgs, opts?: pulumi.CustomResourceOptions)

Create a Subnet resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetState, opts?: pulumi.CustomResourceOptions): Subnet

Get an existing Subnet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property addressPrefix

public addressPrefix: pulumi.Output<string>;

The address prefix to use for the subnet.

property delegations

public delegations: pulumi.Output<{
    name: string;
    serviceDelegation: {
        actions: string[];
        name: string;
    };
}[] | undefined>;

One or more delegation blocks as defined below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurations

public ipConfigurations: pulumi.Output<string[]>;

The collection of IP Configurations with IPs within this subnet.

property name

public name: pulumi.Output<string>;

The name of the subnet. Changing this forces a new resource to be created.

property networkSecurityGroupId

public networkSecurityGroupId: pulumi.Output<string | undefined>;

The ID of the Network Security Group to associate with the subnet.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the subnet. Changing this forces a new resource to be created.

property routeTableId

public routeTableId: pulumi.Output<string | undefined>;

The ID of the Route Table to associate with the subnet.

property serviceEndpoints

public serviceEndpoints: pulumi.Output<string[] | undefined>;

The list of Service endpoints to associate with the subnet. Possible values include: Microsoft.AzureActiveDirectory, Microsoft.AzureCosmosDB, Microsoft.EventHub, Microsoft.KeyVault, Microsoft.ServiceBus, Microsoft.Sql and Microsoft.Storage.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualNetworkName

public virtualNetworkName: pulumi.Output<string>;

The name of the virtual network to which to attach the subnet. Changing this forces a new resource to be created.

class SubnetNetworkSecurityGroupAssociation

extends CustomResource

Associates a Network Security Group with a Subnet within a Virtual Network.

NOTE: Subnet <-> Network Security Group associations currently need to be configured on both this resource and using the network_security_group_id field on the azurerm_subnet resource. The next major version of the AzureRM Provider (2.0) will remove the network_security_group_id field from the azurerm_subnet resource such that this resource is used to link resources in future.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "example-nsg",
    resourceGroupName: testResourceGroup.name,
    securityRules: [{
        access: "Allow",
        destinationAddressPrefix: "*",
        destinationPortRange: "*",
        direction: "Inbound",
        name: "test123",
        priority: 100,
        protocol: "Tcp",
        sourceAddressPrefix: "*",
        sourcePortRange: "*",
    }],
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "frontend",
    networkSecurityGroupId: testNetworkSecurityGroup.id,
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testSubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation("test", {
    networkSecurityGroupId: testNetworkSecurityGroup.id,
    subnetId: testSubnet.id,
});

constructor

new SubnetNetworkSecurityGroupAssociation(name: string, args: SubnetNetworkSecurityGroupAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a SubnetNetworkSecurityGroupAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetNetworkSecurityGroupAssociationState, opts?: pulumi.CustomResourceOptions): SubnetNetworkSecurityGroupAssociation

Get an existing SubnetNetworkSecurityGroupAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property networkSecurityGroupId

public networkSecurityGroupId: pulumi.Output<string>;

The ID of the Network Security Group which should be associated with the Subnet. Changing this forces a new resource to be created.

property subnetId

public subnetId: pulumi.Output<string>;

The ID of the Subnet. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class SubnetRouteTableAssociation

extends CustomResource

Associates a Route Table with a Subnet within a Virtual Network.

NOTE: Subnet <-> Route Table associations currently need to be configured on both this resource and using the route_table_id field on the azurerm_subnet resource. The next major version of the AzureRM Provider (2.0) will remove the route_table_id field from the azurerm_subnet resource such that this resource is used to link resources in future.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West Europe",
    name: "example-resources",
});
const testRouteTable = new azure.network.RouteTable("test", {
    location: testResourceGroup.location,
    name: "example-routetable",
    resourceGroupName: testResourceGroup.name,
    routes: [{
        addressPrefix: "10.100.0.0/14",
        name: "example",
        nextHopInIpAddress: "10.10.1.1",
        nextHopType: "VirtualAppliance",
    }],
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "example-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "frontend",
    resourceGroupName: testResourceGroup.name,
    routeTableId: testRouteTable.id,
    virtualNetworkName: testVirtualNetwork.name,
});
const testSubnetRouteTableAssociation = new azure.network.SubnetRouteTableAssociation("test", {
    routeTableId: testRouteTable.id,
    subnetId: testSubnet.id,
});

constructor

new SubnetRouteTableAssociation(name: string, args: SubnetRouteTableAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a SubnetRouteTableAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetRouteTableAssociationState, opts?: pulumi.CustomResourceOptions): SubnetRouteTableAssociation

Get an existing SubnetRouteTableAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property routeTableId

public routeTableId: pulumi.Output<string>;

The ID of the Route Table which should be associated with the Subnet. Changing this forces a new resource to be created.

property subnetId

public subnetId: pulumi.Output<string>;

The ID of the Subnet. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class VirtualNetwork

extends CustomResource

Manages a virtual network including any configured subnets. Each subnet can optionally be configured with a security group to be associated with the subnet.

NOTE on Virtual Networks and Subnet’s: Terraform currently provides both a standalone Subnet resource, and allows for Subnets to be defined in-line within the Virtual Network resource. At this time you cannot use a Virtual Network with in-line Subnets in conjunction with any Subnet resources. Doing so will cause a conflict of Subnet configurations and will overwrite Subnet’s.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "acceptanceTestResourceGroup1",
});
const testPlan = new azure.ddosprotection.Plan("test", {
    location: testResourceGroup.location,
    name: "ddospplan1",
    resourceGroupName: testResourceGroup.name,
});
const testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("test", {
    location: testResourceGroup.location,
    name: "acceptanceTestSecurityGroup1",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    ddosProtectionPlan: {
        enable: true,
        id: testPlan.id,
    },
    dnsServers: [
        "10.0.0.4",
        "10.0.0.5",
    ],
    location: testResourceGroup.location,
    name: "virtualNetwork1",
    resourceGroupName: testResourceGroup.name,
    subnets: [
        {
            addressPrefix: "10.0.1.0/24",
            name: "subnet1",
        },
        {
            addressPrefix: "10.0.2.0/24",
            name: "subnet2",
        },
        {
            addressPrefix: "10.0.3.0/24",
            name: "subnet3",
            securityGroup: testNetworkSecurityGroup.id,
        },
    ],
    tags: {
        environment: "Production",
    },
});

constructor

new VirtualNetwork(name: string, args: VirtualNetworkArgs, opts?: pulumi.CustomResourceOptions)

Create a VirtualNetwork resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VirtualNetworkState, opts?: pulumi.CustomResourceOptions): VirtualNetwork

Get an existing VirtualNetwork resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property addressSpaces

public addressSpaces: pulumi.Output<string[]>;

The address space that is used the virtual network. You can supply more than one address space. Changing this forces a new resource to be created.

property ddosProtectionPlan

public ddosProtectionPlan: pulumi.Output<{
    enable: boolean;
    id: string;
} | undefined>;

A ddos_protection_plan block as documented below.

property dnsServers

public dnsServers: pulumi.Output<string[] | undefined>;

List of IP addresses of DNS servers

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

The location/region where the virtual network is created. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the virtual network. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the virtual network.

property subnets

public subnets: pulumi.Output<{
    addressPrefix: string;
    id: string;
    name: string;
    securityGroup: undefined | string;
}[]>;

Can be specified multiple times to define multiple subnets. Each subnet block supports fields documented below.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class VirtualNetworkGateway

extends CustomResource

Manages a Virtual Network Gateway to establish secure, cross-premises connectivity.

Note: Please be aware that provisioning a Virtual Network Gateway takes a long time (between 30 minutes and 1 hour)

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "test",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Dynamic",
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "GatewaySubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testVirtualNetworkGateway = new azure.network.VirtualNetworkGateway("test", {
    activeActive: false,
    enableBgp: false,
    ipConfigurations: [{
        name: "vnetGatewayConfig",
        privateIpAddressAllocation: "Dynamic",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
    sku: "Basic",
    type: "Vpn",
    vpnClientConfiguration: {
        addressSpaces: ["10.2.0.0/24"],
        revokedCertificates: [{
            name: "Verizon-Global-Root-CA",
            thumbprint: "912198EEF23DCAC40939312FEE97DD560BAE49B1",
        }],
        rootCertificates: [{
            name: "DigiCert-Federated-ID-Root-CA",
            publicCertData: `MIIDuzCCAqOgAwIBAgIQCHTZWCM+IlfFIRXIvyKSrjANBgkqhkiG9w0BAQsFADBn
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSYwJAYDVQQDEx1EaWdpQ2VydCBGZWRlcmF0ZWQgSUQg
Um9vdCBDQTAeFw0xMzAxMTUxMjAwMDBaFw0zMzAxMTUxMjAwMDBaMGcxCzAJBgNV
BAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdp
Y2VydC5jb20xJjAkBgNVBAMTHURpZ2lDZXJ0IEZlZGVyYXRlZCBJRCBSb290IENB
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAEB4pcCqnNNOWE6Ur5j
QPUH+1y1F9KdHTRSza6k5iDlXq1kGS1qAkuKtw9JsiNRrjltmFnzMZRBbX8Tlfl8
zAhBmb6dDduDGED01kBsTkgywYPxXVTKec0WxYEEF0oMn4wSYNl0lt2eJAKHXjNf
GTwiibdP8CUR2ghSM2sUTI8Nt1Omfc4SMHhGhYD64uJMbX98THQ/4LMGuYegou+d
GTiahfHtjn7AboSEknwAMJHCh5RlYZZ6B1O4QbKJ+34Q0eKgnI3X6Vc9u0zf6DH8
Dk+4zQDYRRTqTnVO3VT8jzqDlCRuNtq6YvryOWN74/dq8LQhUnXHvFyrsdMaE1X2
DwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNV
HQ4EFgQUGRdkFnbGt1EWjKwbUne+5OaZvRYwHwYDVR0jBBgwFoAUGRdkFnbGt1EW
jKwbUne+5OaZvRYwDQYJKoZIhvcNAQELBQADggEBAHcqsHkrjpESqfuVTRiptJfP
9JbdtWqRTmOf6uJi2c8YVqI6XlKXsD8C1dUUaaHKLUJzvKiazibVuBwMIT84AyqR
QELn3e0BtgEymEygMU569b01ZPxoFSnNXc7qDZBDef8WfqAV/sxkTi8L9BkmFYfL
uGLOhRJOFprPdoDIUBB+tmCl3oDcBy3vnUeOEioz8zAkprcb3GHwHAK+vHmmfgcn
WsfMLH4JCLa/tRYL+Rw/N3ybCkDp00s0WUZ+AoDywSl0Q/ZEnNY0MsFiw6LyIdbq
M/s/1JRtO3bDSzD9TazRVzn2oBqzSa8VgIo5C1nOnoAKJTlsClJKvIhnRlaLQqk=
`,
        }],
    },
    vpnType: "RouteBased",
});

constructor

new VirtualNetworkGateway(name: string, args: VirtualNetworkGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a VirtualNetworkGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VirtualNetworkGatewayState, opts?: pulumi.CustomResourceOptions): VirtualNetworkGateway

Get an existing VirtualNetworkGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property activeActive

public activeActive: pulumi.Output<boolean>;

If true, an active-active Virtual Network Gateway will be created. An active-active gateway requires a HighPerformance or an UltraPerformance sku. If false, an active-standby gateway will be created. Defaults to false.

property bgpSettings

public bgpSettings: pulumi.Output<{
    asn: undefined | number;
    peerWeight: undefined | number;
    peeringAddress: string;
}>;

property defaultLocalNetworkGatewayId

public defaultLocalNetworkGatewayId: pulumi.Output<string | undefined>;

The ID of the local network gateway through which outbound Internet traffic from the virtual network in which the gateway is created will be routed (forced tunneling). Refer to the Azure documentation on forced tunneling. If not specified, forced tunneling is disabled.

property enableBgp

public enableBgp: pulumi.Output<boolean>;

If true, BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipConfigurations

public ipConfigurations: pulumi.Output<{
    name: undefined | string;
    privateIpAddressAllocation: undefined | string;
    publicIpAddressId: undefined | string;
    subnetId: string;
}[]>;

One or two ip_configuration blocks documented below. An active-standby gateway requires exactly one ip_configuration block whereas an active-active gateway requires exactly two ip_configuration blocks.

property location

public location: pulumi.Output<string>;

The location/region where the Virtual Network Gateway is located. Changing the location/region forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the Virtual Network Gateway. Changing the name forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Virtual Network Gateway. Changing the resource group name forces a new resource to be created.

property sku

public sku: pulumi.Output<string>;

Configuration of the size and capacity of the virtual network gateway. Valid options are Basic, Standard, HighPerformance, UltraPerformance, ErGw1AZ, ErGw2AZ, ErGw3AZ, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, and VpnGw3AZ and depend on the type and vpn_type arguments. A PolicyBased gateway only supports the Basic sku. Further, the UltraPerformance sku is only supported by an ExpressRoute gateway.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property type

public type: pulumi.Output<string>;

The type of the Virtual Network Gateway. Valid options are Vpn or ExpressRoute. Changing the type forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpnClientConfiguration

public vpnClientConfiguration: pulumi.Output<{
    addressSpaces: string[];
    radiusServerAddress: undefined | string;
    radiusServerSecret: undefined | string;
    revokedCertificates: {
        name: string;
        thumbprint: string;
    }[];
    rootCertificates: {
        name: string;
        publicCertData: string;
    }[];
    vpnClientProtocols: string[];
} | undefined>;

A vpn_client_configuration block which is documented below. In this block the Virtual Network Gateway can be configured to accept IPSec point-to-site connections.

property vpnType

public vpnType: pulumi.Output<string | undefined>;

The routing type of the Virtual Network Gateway. Valid options are RouteBased or PolicyBased. Defaults to RouteBased.

class VirtualNetworkGatewayConnection

extends CustomResource

Manages a connection in an existing Virtual Network Gateway.

Example Usage

Site-to-Site connection

The following example shows a connection between an Azure virtual network and an on-premises VPN device and network.

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "test",
});
const onpremiseLocalNetworkGateway = new azure.network.LocalNetworkGateway("onpremise", {
    addressSpaces: ["10.1.1.0/24"],
    gatewayAddress: "168.62.225.23",
    location: testResourceGroup.location,
    name: "onpremise",
    resourceGroupName: testResourceGroup.name,
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Dynamic",
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.1.0/24",
    name: "GatewaySubnet",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testVirtualNetworkGateway = new azure.network.VirtualNetworkGateway("test", {
    activeActive: false,
    enableBgp: false,
    ipConfigurations: [{
        privateIpAddressAllocation: "Dynamic",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "test",
    resourceGroupName: testResourceGroup.name,
    sku: "Basic",
    type: "Vpn",
    vpnType: "RouteBased",
});
const onpremiseVirtualNetworkGatewayConnection = new azure.network.VirtualNetworkGatewayConnection("onpremise", {
    localNetworkGatewayId: onpremiseLocalNetworkGateway.id,
    location: testResourceGroup.location,
    name: "onpremise",
    resourceGroupName: testResourceGroup.name,
    sharedKey: "4-v3ry-53cr37-1p53c-5h4r3d-k3y",
    type: "IPsec",
    virtualNetworkGatewayId: testVirtualNetworkGateway.id,
});

VNet-to-VNet connection

The following example shows a connection between two Azure virtual network in different locations/regions.

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const europeResourceGroup = new azure.core.ResourceGroup("europe", {
    location: "West Europe",
    name: "europe",
});
const usResourceGroup = new azure.core.ResourceGroup("us", {
    location: "East US",
    name: "us",
});
const europePublicIp = new azure.network.PublicIp("europe", {
    allocationMethod: "Dynamic",
    location: europeResourceGroup.location,
    name: "europe",
    resourceGroupName: europeResourceGroup.name,
});
const usPublicIp = new azure.network.PublicIp("us", {
    allocationMethod: "Dynamic",
    location: usResourceGroup.location,
    name: "us",
    resourceGroupName: usResourceGroup.name,
});
const europeVirtualNetwork = new azure.network.VirtualNetwork("europe", {
    addressSpaces: ["10.1.0.0/16"],
    location: europeResourceGroup.location,
    name: "europe",
    resourceGroupName: europeResourceGroup.name,
});
const europeGateway = new azure.network.Subnet("europe_gateway", {
    addressPrefix: "10.1.1.0/24",
    name: "GatewaySubnet",
    resourceGroupName: europeResourceGroup.name,
    virtualNetworkName: europeVirtualNetwork.name,
});
const usVirtualNetwork = new azure.network.VirtualNetwork("us", {
    addressSpaces: ["10.0.0.0/16"],
    location: usResourceGroup.location,
    name: "us",
    resourceGroupName: usResourceGroup.name,
});
const usGateway = new azure.network.Subnet("us_gateway", {
    addressPrefix: "10.0.1.0/24",
    name: "GatewaySubnet",
    resourceGroupName: usResourceGroup.name,
    virtualNetworkName: usVirtualNetwork.name,
});
const europeVirtualNetworkGateway = new azure.network.VirtualNetworkGateway("europe", {
    ipConfigurations: [{
        privateIpAddressAllocation: "Dynamic",
        publicIpAddressId: europePublicIp.id,
        subnetId: europeGateway.id,
    }],
    location: europeResourceGroup.location,
    name: "europe-gateway",
    resourceGroupName: europeResourceGroup.name,
    sku: "Basic",
    type: "Vpn",
    vpnType: "RouteBased",
});
const usVirtualNetworkGateway = new azure.network.VirtualNetworkGateway("us", {
    ipConfigurations: [{
        privateIpAddressAllocation: "Dynamic",
        publicIpAddressId: usPublicIp.id,
        subnetId: usGateway.id,
    }],
    location: usResourceGroup.location,
    name: "us-gateway",
    resourceGroupName: usResourceGroup.name,
    sku: "Basic",
    type: "Vpn",
    vpnType: "RouteBased",
});
const europeToUs = new azure.network.VirtualNetworkGatewayConnection("europe_to_us", {
    location: europeResourceGroup.location,
    name: "europe-to-us",
    peerVirtualNetworkGatewayId: usVirtualNetworkGateway.id,
    resourceGroupName: europeResourceGroup.name,
    sharedKey: "4-v3ry-53cr37-1p53c-5h4r3d-k3y",
    type: "Vnet2Vnet",
    virtualNetworkGatewayId: europeVirtualNetworkGateway.id,
});
const usToEurope = new azure.network.VirtualNetworkGatewayConnection("us_to_europe", {
    location: usResourceGroup.location,
    name: "us-to-europe",
    peerVirtualNetworkGatewayId: europeVirtualNetworkGateway.id,
    resourceGroupName: usResourceGroup.name,
    sharedKey: "4-v3ry-53cr37-1p53c-5h4r3d-k3y",
    type: "Vnet2Vnet",
    virtualNetworkGatewayId: usVirtualNetworkGateway.id,
});

constructor

new VirtualNetworkGatewayConnection(name: string, args: VirtualNetworkGatewayConnectionArgs, opts?: pulumi.CustomResourceOptions)

Create a VirtualNetworkGatewayConnection resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VirtualNetworkGatewayConnectionState, opts?: pulumi.CustomResourceOptions): VirtualNetworkGatewayConnection

Get an existing VirtualNetworkGatewayConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authorizationKey

public authorizationKey: pulumi.Output<string | undefined>;

The authorization key associated with the Express Route Circuit. This field is required only if the type is an ExpressRoute connection.

property enableBgp

public enableBgp: pulumi.Output<boolean>;

If true, BGP (Border Gateway Protocol) is enabled for this connection. Defaults to false.

property expressRouteCircuitId

public expressRouteCircuitId: pulumi.Output<string | undefined>;

The ID of the Express Route Circuit when creating an ExpressRoute connection (i.e. when type is ExpressRoute). The Express Route Circuit can be in the same or in a different subscription.

property expressRouteGatewayBypass

public expressRouteGatewayBypass: pulumi.Output<boolean>;

If true, data packets will bypass ExpressRoute Gateway for data forwarding This is only valid for ExpressRoute connections.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipsecPolicy

public ipsecPolicy: pulumi.Output<{
    dhGroup: string;
    ikeEncryption: string;
    ikeIntegrity: string;
    ipsecEncryption: string;
    ipsecIntegrity: string;
    pfsGroup: string;
    saDatasize: number;
    saLifetime: number;
} | undefined>;

A ipsec_policy block which is documented below. Only a single policy can be defined for a connection. For details on custom policies refer to the relevant section in the Azure documentation.

property localNetworkGatewayId

public localNetworkGatewayId: pulumi.Output<string | undefined>;

The ID of the local network gateway when creating Site-to-Site connection (i.e. when type is IPsec).

property location

public location: pulumi.Output<string>;

The location/region where the connection is located. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

The name of the connection. Changing the name forces a new resource to be created.

property peerVirtualNetworkGatewayId

public peerVirtualNetworkGatewayId: pulumi.Output<string | undefined>;

The ID of the peer virtual network gateway when creating a VNet-to-VNet connection (i.e. when type is Vnet2Vnet). The peer Virtual Network Gateway can be in the same or in a different subscription.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the connection Changing the name forces a new resource to be created.

property routingWeight

public routingWeight: pulumi.Output<number>;

The routing weight. Defaults to 10.

property sharedKey

public sharedKey: pulumi.Output<string | undefined>;

The shared IPSec key. A key must be provided if a Site-to-Site or VNet-to-VNet connection is created whereas ExpressRoute connections do not need a shared key.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property type

public type: pulumi.Output<string>;

The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet). Each connection type requires different mandatory arguments (refer to the examples above). Changing the connection type will force a new connection to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property usePolicyBasedTrafficSelectors

public usePolicyBasedTrafficSelectors: pulumi.Output<boolean>;

If true, policy-based traffic selectors are enabled for this connection. Enabling policy-based traffic selectors requires an ipsec_policy block. Defaults to false.

property virtualNetworkGatewayId

public virtualNetworkGatewayId: pulumi.Output<string>;

The ID of the Virtual Network Gateway in which the connection will be created. Changing the gateway forces a new resource to be created.

class VirtualNetworkPeering

extends CustomResource

Manages a virtual network peering which allows resources to access other resources in the linked virtual network.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = new azure.core.ResourceGroup("test", {
    location: "West US",
    name: "peeredvnets-rg",
});
const test1VirtualNetwork = new azure.network.VirtualNetwork("test1", {
    addressSpaces: ["10.0.1.0/24"],
    location: "West US",
    name: "peternetwork1",
    resourceGroupName: test.name,
});
const test2VirtualNetwork = new azure.network.VirtualNetwork("test2", {
    addressSpaces: ["10.0.2.0/24"],
    location: "West US",
    name: "peternetwork2",
    resourceGroupName: test.name,
});
const test1VirtualNetworkPeering = new azure.network.VirtualNetworkPeering("test1", {
    name: "peer1to2",
    remoteVirtualNetworkId: test2VirtualNetwork.id,
    resourceGroupName: test.name,
    virtualNetworkName: test1VirtualNetwork.name,
});
const test2VirtualNetworkPeering = new azure.network.VirtualNetworkPeering("test2", {
    name: "peer2to1",
    remoteVirtualNetworkId: test1VirtualNetwork.id,
    resourceGroupName: test.name,
    virtualNetworkName: test2VirtualNetwork.name,
});

Example Usage (Global virtual network peering)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const config = new pulumi.Config();
const location = config.get("location") || [
    "uksouth",
    "southeastasia",
];
const vnetAddressSpace = config.get("vnetAddressSpace") || [
    "10.0.0.0/16",
    "10.1.0.0/16",
];

const vnetResourceGroup: azure.core.ResourceGroup[] = [];
for (let i = 0; i < location.length; i++) {
    vnetResourceGroup.push(new azure.core.ResourceGroup(`vnet-${i}`, {
        location: location[i],
        name: `rg-global-vnet-peering-${i}`,
    }));
}
const vnetVirtualNetwork: azure.network.VirtualNetwork[] = [];
for (let i = 0; i < location.length; i++) {
    vnetVirtualNetwork.push(new azure.network.VirtualNetwork(`vnet-${i}`, {
        addressSpaces: [vnetAddressSpace[i]],
        location: pulumi.all(vnetResourceGroup.map(v => v.location)).apply(location => location.map(v => v)[i]),
        name: `vnet-${i}`,
        resourceGroupName: pulumi.all(vnetResourceGroup.map(v => v.name)).apply(name => name.map(v => v)[i]),
    }));
}
const nva: azure.network.Subnet[] = [];
for (let i = 0; i < location.length; i++) {
    nva.push(new azure.network.Subnet(`nva-${i}`, {
        addressPrefix: pulumi.all(vnetVirtualNetwork.map(v => v.addressSpaces)).apply(addressSpaces => (() => {
            throw "tf2pulumi error: NYI: call to cidrsubnet";
            return (() => { throw "NYI: call to cidrsubnet"; })();
        })()),
        name: "nva",
        resourceGroupName: pulumi.all(vnetResourceGroup.map(v => v.name)).apply(name => name.map(v => v)[i]),
        virtualNetworkName: pulumi.all(vnetVirtualNetwork.map(v => v.name)).apply(name => name.map(v => v)[i]),
    }));
}
// enable global peering between the two virtual network
const peering: azure.network.VirtualNetworkPeering[] = [];
for (let i = 0; i < location.length; i++) {
    peering.push(new azure.network.VirtualNetworkPeering(`peering-${i}`, {
        allowForwardedTraffic: true,
        // `allow_gateway_transit` must be set to false for vnet Global Peering
        allowGatewayTransit: false,
        allowVirtualNetworkAccess: true,
        name: pulumi.all(vnetVirtualNetwork.map(v => v.name)).apply(name => `peering-to-${name.map(v => v)[(1 - i)]}`),
        remoteVirtualNetworkId: pulumi.all(vnetVirtualNetwork.map(v => v.id)).apply(id => id.map(v => v)[(1 - i)]),
        resourceGroupName: pulumi.all(vnetResourceGroup.map(v => v.name)).apply(name => name.map(v => v)[i]),
        virtualNetworkName: pulumi.all(vnetVirtualNetwork.map(v => v.name)).apply(name => name.map(v => v)[i]),
    }));
}

Note

Virtual Network peerings cannot be created, updated or deleted concurrently.

constructor

new VirtualNetworkPeering(name: string, args: VirtualNetworkPeeringArgs, opts?: pulumi.CustomResourceOptions)

Create a VirtualNetworkPeering resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VirtualNetworkPeeringState, opts?: pulumi.CustomResourceOptions): VirtualNetworkPeering

Get an existing VirtualNetworkPeering resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowForwardedTraffic

public allowForwardedTraffic: pulumi.Output<boolean>;

Controls if forwarded traffic from VMs in the remote virtual network is allowed. Defaults to false.

property allowGatewayTransit

public allowGatewayTransit: pulumi.Output<boolean>;

Controls gatewayLinks can be used in the remote virtual network’s link to the local virtual network.

property allowVirtualNetworkAccess

public allowVirtualNetworkAccess: pulumi.Output<boolean>;

Controls if the VMs in the remote virtual network can access VMs in the local virtual network. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the virtual network peering. Changing this forces a new resource to be created.

property remoteVirtualNetworkId

public remoteVirtualNetworkId: pulumi.Output<string>;

The full Azure resource ID of the remote virtual network. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property useRemoteGateways

public useRemoteGateways: pulumi.Output<boolean>;

Controls if remote gateways can be used on the local virtual network. If the flag is set to true, and allow_gateway_transit on the remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. Defaults to false.

property virtualNetworkName

public virtualNetworkName: pulumi.Output<string>;

The name of the virtual network. Changing this forces a new resource to be created.

function getApplicationSecurityGroup

getApplicationSecurityGroup(args: GetApplicationSecurityGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetApplicationSecurityGroupResult>

Use this data source to access information about an existing Application Security Group.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getApplicationSecurityGroup({
    name: "tf-appsecuritygroup",
    resourceGroupName: "my-resource-group",
}));

export const applicationSecurityGroupId = test.id;

function getExpressRouteCircuit

getExpressRouteCircuit(args: GetExpressRouteCircuitArgs, opts?: pulumi.InvokeOptions): Promise<GetExpressRouteCircuitResult>

Use this data source to access information about an existing ExpressRoute circuit.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.all([azurerm_express_route_circuit_test.name, azurerm_resource_group_test.name]).apply(([azurerm_express_route_circuit_testName, azurerm_resource_group_testName]) => azure.network.getExpressRouteCircuit({
    name: azurerm_express_route_circuit_testName,
    resourceGroupName: azurerm_resource_group_testName,
}));

export const expressRouteCircuitId = test.id;
export const serviceKey = test.serviceKey;

function getFirewall

getFirewall(args: GetFirewallArgs, opts?: pulumi.InvokeOptions): Promise<GetFirewallResult>

Use this data source to access information about an existing Azure Firewall.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getFirewall({
    name: "firewall1",
    resourceGroupName: "firewall-RG",
}));

export const firewallPrivateIp = test.ipConfiguration.privateIpAddress;

function getNetworkInterface

getNetworkInterface(args: GetNetworkInterfaceArgs, opts?: pulumi.InvokeOptions): Promise<GetNetworkInterfaceResult>

Use this data source to access information about an existing Network Interface.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getNetworkInterface({
    name: "acctest-nic",
    resourceGroupName: "networking",
}));

export const networkInterfaceId = test.id;

function getNetworkSecurityGroup

getNetworkSecurityGroup(args: GetNetworkSecurityGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetNetworkSecurityGroupResult>

Use this data source to access information about an existing Network Security Group.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.all([azurerm_network_security_group_test.name, azurerm_resource_group_test.name]).apply(([azurerm_network_security_group_testName, azurerm_resource_group_testName]) => azure.network.getNetworkSecurityGroup({
    name: azurerm_network_security_group_testName,
    resourceGroupName: azurerm_resource_group_testName,
}));

export const location = test.location;

function getNetworkWatcher

getNetworkWatcher(args: GetNetworkWatcherArgs, opts?: pulumi.InvokeOptions): Promise<GetNetworkWatcherResult>

Use this data source to access information about an existing Network Watcher.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.all([azurerm_network_watcher_test.name, azurerm_resource_group_test.name]).apply(([azurerm_network_watcher_testName, azurerm_resource_group_testName]) => azure.network.getNetworkWatcher({
    name: azurerm_network_watcher_testName,
    resourceGroupName: azurerm_resource_group_testName,
}));

export const networkWatcherId = test.id;

function getPublicIP

getPublicIP(args: GetPublicIPArgs, opts?: pulumi.InvokeOptions): Promise<GetPublicIPResult>

Use this data source to access information about an existing Public IP Address.

Example Usage (reference an existing)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getPublicIP({
    name: "name_of_public_ip",
    resourceGroupName: "name_of_resource_group",
}));

export const domainNameLabel = test.domainNameLabel;
export const publicIpAddress = test.ipAddress;

Example Usage (Retrieve the Dynamic Public IP of a new VM)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const testResourceGroup = new azure.core.ResourceGroup("test", {
    location: "West US 2",
    name: "test-resources",
});
const testPublicIp = new azure.network.PublicIp("test", {
    allocationMethod: "Dynamic",
    idleTimeoutInMinutes: 30,
    location: testResourceGroup.location,
    name: "test-pip",
    resourceGroupName: testResourceGroup.name,
    tags: {
        environment: "test",
    },
});
const testVirtualNetwork = new azure.network.VirtualNetwork("test", {
    addressSpaces: ["10.0.0.0/16"],
    location: testResourceGroup.location,
    name: "test-network",
    resourceGroupName: testResourceGroup.name,
});
const testSubnet = new azure.network.Subnet("test", {
    addressPrefix: "10.0.2.0/24",
    name: "acctsub",
    resourceGroupName: testResourceGroup.name,
    virtualNetworkName: testVirtualNetwork.name,
});
const testNetworkInterface = new azure.network.NetworkInterface("test", {
    ipConfigurations: [{
        name: "testconfiguration1",
        privateIpAddress: "10.0.2.5",
        privateIpAddressAllocation: "Static",
        publicIpAddressId: testPublicIp.id,
        subnetId: testSubnet.id,
    }],
    location: testResourceGroup.location,
    name: "test-nic",
    resourceGroupName: testResourceGroup.name,
});
const testVirtualMachine = new azure.compute.VirtualMachine("test", {
    location: testResourceGroup.location,
    name: "test-vm",
    networkInterfaceIds: [testNetworkInterface.id],
    resourceGroupName: testResourceGroup.name,
});
const testPublicIP = pulumi.all([testPublicIp.name, testVirtualMachine.resourceGroupName]).apply(([name, resourceGroupName]) => azure.network.getPublicIP({
    name: name,
    resourceGroupName: resourceGroupName,
}));

export const publicIpAddress = testPublicIP.ipAddress;

function getPublicIPs

getPublicIPs(args: GetPublicIPsArgs, opts?: pulumi.InvokeOptions): Promise<GetPublicIPsResult>

Use this data source to access information about a set of existing Public IP Addresses.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getPublicIPs({
    attached: false,
    resourceGroupName: "pip-test",
}));

function getRouteTable

getRouteTable(args: GetRouteTableArgs, opts?: pulumi.InvokeOptions): Promise<GetRouteTableResult>

Use this data source to access information about an existing Route Table.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getRouteTable({
    name: "myroutetable",
    resourceGroupName: "some-resource-group",
}));

function getSubnet

getSubnet(args: GetSubnetArgs, opts?: pulumi.InvokeOptions): Promise<GetSubnetResult>

Use this data source to access information about an existing Subnet within a Virtual Network.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getSubnet({
    name: "backend",
    resourceGroupName: "networking",
    virtualNetworkName: "production",
}));

export const subnetId = test.id;

function getVirtualNetwork

getVirtualNetwork(args: GetVirtualNetworkArgs, opts?: pulumi.InvokeOptions): Promise<GetVirtualNetworkResult>

Use this data source to access information about an existing Virtual Network.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getVirtualNetwork({
    name: "production",
    resourceGroupName: "networking",
}));

export const virtualNetworkId = test.id;

function getVirtualNetworkGateway

getVirtualNetworkGateway(args: GetVirtualNetworkGatewayArgs, opts?: pulumi.InvokeOptions): Promise<GetVirtualNetworkGatewayResult>

Use this data source to access information about an existing Virtual Network Gateway.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const test = pulumi.output(azure.network.getVirtualNetworkGateway({
    name: "production",
    resourceGroupName: "networking",
}));

export const virtualNetworkGatewayId = test.id;

interface ApplicationGatewayArgs

The set of arguments for constructing a ApplicationGateway resource.

property authenticationCertificates

authenticationCertificates?: pulumi.Input<pulumi.Input<{
    data: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
}>[]>;

One or more authentication_certificate blocks as defined below.

property autoscaleConfiguration

autoscaleConfiguration?: pulumi.Input<{
    maxCapacity: pulumi.Input<number>;
    minCapacity: pulumi.Input<number>;
}>;

A autoscale_configuration block as defined below.

property backendAddressPools

backendAddressPools: pulumi.Input<pulumi.Input<{
    fqdnLists: pulumi.Input<pulumi.Input<string>[]>;
    fqdns: pulumi.Input<pulumi.Input<string>[]>;
    id: pulumi.Input<string>;
    ipAddressLists: pulumi.Input<pulumi.Input<string>[]>;
    ipAddresses: pulumi.Input<pulumi.Input<string>[]>;
    name: pulumi.Input<string>;
}>[]>;

One or more backend_address_pool blocks as defined below.

property backendHttpSettings

backendHttpSettings: pulumi.Input<pulumi.Input<{
    affinityCookieName: pulumi.Input<string>;
    authenticationCertificates: pulumi.Input<pulumi.Input<{
        id: pulumi.Input<string>;
        name: pulumi.Input<string>;
    }>[]>;
    connectionDraining: pulumi.Input<{
        drainTimeoutSec: pulumi.Input<number>;
        enabled: pulumi.Input<boolean>;
    }>;
    cookieBasedAffinity: pulumi.Input<string>;
    hostName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    path: pulumi.Input<string>;
    pickHostNameFromBackendAddress: pulumi.Input<boolean>;
    port: pulumi.Input<number>;
    probeId: pulumi.Input<string>;
    probeName: pulumi.Input<string>;
    protocol: pulumi.Input<string>;
    requestTimeout: pulumi.Input<number>;
}>[]>;

One or more backend_http_settings blocks as defined below.

property customErrorConfigurations

customErrorConfigurations?: pulumi.Input<pulumi.Input<{
    customErrorPageUrl: pulumi.Input<string>;
    id: pulumi.Input<string>;
    statusCode: pulumi.Input<string>;
}>[]>;

One or more custom_error_configuration blocks as defined below.

property disabledSslProtocols

disabledSslProtocols?: pulumi.Input<pulumi.Input<string>[]>;

A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2. > NOTE: disabled_ssl_protocols has been deprecated in favour of disabled_protocols in the ssl_policy block.

property enableHttp2

enableHttp2?: pulumi.Input<boolean>;

Is HTTP2 enabled on the application gateway resource? Defaults to false.

property frontendIpConfigurations

frontendIpConfigurations: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    privateIpAddress: pulumi.Input<string>;
    privateIpAddressAllocation: pulumi.Input<string>;
    publicIpAddressId: pulumi.Input<string>;
    subnetId: pulumi.Input<string>;
}>[]>;

One or more frontend_ip_configuration blocks as defined below.

property frontendPorts

frontendPorts: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    port: pulumi.Input<number>;
}>[]>;

One or more frontend_port blocks as defined below.

property gatewayIpConfigurations

gatewayIpConfigurations: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    subnetId: pulumi.Input<string>;
}>[]>;

One or more gateway_ip_configuration blocks as defined below.

property httpListeners

httpListeners: pulumi.Input<pulumi.Input<{
    customErrorConfigurations: pulumi.Input<pulumi.Input<{
        customErrorPageUrl: pulumi.Input<string>;
        id: pulumi.Input<string>;
        statusCode: pulumi.Input<string>;
    }>[]>;
    frontendIpConfigurationId: pulumi.Input<string>;
    frontendIpConfigurationName: pulumi.Input<string>;
    frontendPortId: pulumi.Input<string>;
    frontendPortName: pulumi.Input<string>;
    hostName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    protocol: pulumi.Input<string>;
    requireSni: pulumi.Input<boolean>;
    sslCertificateId: pulumi.Input<string>;
    sslCertificateName: pulumi.Input<string>;
}>[]>;

One or more http_listener blocks as defined below.

property location

location?: pulumi.Input<string>;

The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the Application Gateway. Changing this forces a new resource to be created.

property probes

probes?: pulumi.Input<pulumi.Input<{
    host: pulumi.Input<string>;
    id: pulumi.Input<string>;
    interval: pulumi.Input<number>;
    match: pulumi.Input<{
        body: pulumi.Input<string>;
        statusCodes: pulumi.Input<pulumi.Input<string>[]>;
    }>;
    minimumServers: pulumi.Input<number>;
    name: pulumi.Input<string>;
    path: pulumi.Input<string>;
    pickHostNameFromBackendHttpSettings: pulumi.Input<boolean>;
    protocol: pulumi.Input<string>;
    timeout: pulumi.Input<number>;
    unhealthyThreshold: pulumi.Input<number>;
}>[]>;

One or more probe blocks as defined below.

property redirectConfigurations

redirectConfigurations?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    includePath: pulumi.Input<boolean>;
    includeQueryString: pulumi.Input<boolean>;
    name: pulumi.Input<string>;
    redirectType: pulumi.Input<string>;
    targetListenerId: pulumi.Input<string>;
    targetListenerName: pulumi.Input<string>;
    targetUrl: pulumi.Input<string>;
}>[]>;

A redirect_configuration block as defined below.

property requestRoutingRules

requestRoutingRules: pulumi.Input<pulumi.Input<{
    backendAddressPoolId: pulumi.Input<string>;
    backendAddressPoolName: pulumi.Input<string>;
    backendHttpSettingsId: pulumi.Input<string>;
    backendHttpSettingsName: pulumi.Input<string>;
    httpListenerId: pulumi.Input<string>;
    httpListenerName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    redirectConfigurationId: pulumi.Input<string>;
    redirectConfigurationName: pulumi.Input<string>;
    rewriteRuleSetId: pulumi.Input<string>;
    rewriteRuleSetName: pulumi.Input<string>;
    ruleType: pulumi.Input<string>;
    urlPathMapId: pulumi.Input<string>;
    urlPathMapName: pulumi.Input<string>;
}>[]>;

One or more request_routing_rule blocks as defined below.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

property rewriteRuleSets

rewriteRuleSets?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    rewriteRules: pulumi.Input<pulumi.Input<{
        conditions: pulumi.Input<pulumi.Input<{
            ignoreCase: pulumi.Input<boolean>;
            negate: pulumi.Input<boolean>;
            pattern: pulumi.Input<string>;
            variable: pulumi.Input<string>;
        }>[]>;
        name: pulumi.Input<string>;
        requestHeaderConfigurations: pulumi.Input<pulumi.Input<{
            headerName: pulumi.Input<string>;
            headerValue: pulumi.Input<string>;
        }>[]>;
        responseHeaderConfigurations: pulumi.Input<pulumi.Input<{
            headerName: pulumi.Input<string>;
            headerValue: pulumi.Input<string>;
        }>[]>;
        ruleSequence: pulumi.Input<number>;
    }>[]>;
}>[]>;

One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

property sku

sku: pulumi.Input<{
    capacity: pulumi.Input<number>;
    name: pulumi.Input<string>;
    tier: pulumi.Input<string>;
}>;

A sku block as defined below.

property sslCertificates

sslCertificates?: pulumi.Input<pulumi.Input<{
    data: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    password: pulumi.Input<string>;
    publicCertData: pulumi.Input<string>;
}>[]>;

One or more ssl_certificate blocks as defined below.

property sslPolicies

sslPolicies?: pulumi.Input<pulumi.Input<{
    cipherSuites: pulumi.Input<pulumi.Input<string>[]>;
    disabledProtocols: pulumi.Input<pulumi.Input<string>[]>;
    minProtocolVersion: pulumi.Input<string>;
    policyName: pulumi.Input<string>;
    policyType: pulumi.Input<string>;
}>[]>;

a ssl policy block as defined below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urlPathMaps

urlPathMaps?: pulumi.Input<pulumi.Input<{
    defaultBackendAddressPoolId: pulumi.Input<string>;
    defaultBackendAddressPoolName: pulumi.Input<string>;
    defaultBackendHttpSettingsId: pulumi.Input<string>;
    defaultBackendHttpSettingsName: pulumi.Input<string>;
    defaultRedirectConfigurationId: pulumi.Input<string>;
    defaultRedirectConfigurationName: pulumi.Input<string>;
    defaultRewriteRuleSetId: pulumi.Input<string>;
    defaultRewriteRuleSetName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    pathRules: pulumi.Input<pulumi.Input<{
        backendAddressPoolId: pulumi.Input<string>;
        backendAddressPoolName: pulumi.Input<string>;
        backendHttpSettingsId: pulumi.Input<string>;
        backendHttpSettingsName: pulumi.Input<string>;
        id: pulumi.Input<string>;
        name: pulumi.Input<string>;
        paths: pulumi.Input<pulumi.Input<string>[]>;
        redirectConfigurationId: pulumi.Input<string>;
        redirectConfigurationName: pulumi.Input<string>;
        rewriteRuleSetId: pulumi.Input<string>;
        rewriteRuleSetName: pulumi.Input<string>;
    }>[]>;
}>[]>;

One or more url_path_map blocks as defined below.

property wafConfiguration

wafConfiguration?: pulumi.Input<{
    disabledRuleGroups: pulumi.Input<pulumi.Input<{
        ruleGroupName: pulumi.Input<string>;
        rules: pulumi.Input<pulumi.Input<number>[]>;
    }>[]>;
    enabled: pulumi.Input<boolean>;
    exclusions: pulumi.Input<pulumi.Input<{
        matchVariable: pulumi.Input<string>;
        selector: pulumi.Input<string>;
        selectorMatchOperator: pulumi.Input<string>;
    }>[]>;
    fileUploadLimitMb: pulumi.Input<number>;
    firewallMode: pulumi.Input<string>;
    maxRequestBodySizeKb: pulumi.Input<number>;
    requestBodyCheck: pulumi.Input<boolean>;
    ruleSetType: pulumi.Input<string>;
    ruleSetVersion: pulumi.Input<string>;
}>;

A waf_configuration block as defined below.

property zones

zones?: pulumi.Input<pulumi.Input<string>[]>;

A collection of availability zones to spread the Application Gateway over.

interface ApplicationGatewayState

Input properties used for looking up and filtering ApplicationGateway resources.

property authenticationCertificates

authenticationCertificates?: pulumi.Input<pulumi.Input<{
    data: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
}>[]>;

One or more authentication_certificate blocks as defined below.

property autoscaleConfiguration

autoscaleConfiguration?: pulumi.Input<{
    maxCapacity: pulumi.Input<number>;
    minCapacity: pulumi.Input<number>;
}>;

A autoscale_configuration block as defined below.

property backendAddressPools

backendAddressPools?: pulumi.Input<pulumi.Input<{
    fqdnLists: pulumi.Input<pulumi.Input<string>[]>;
    fqdns: pulumi.Input<pulumi.Input<string>[]>;
    id: pulumi.Input<string>;
    ipAddressLists: pulumi.Input<pulumi.Input<string>[]>;
    ipAddresses: pulumi.Input<pulumi.Input<string>[]>;
    name: pulumi.Input<string>;
}>[]>;

One or more backend_address_pool blocks as defined below.

property backendHttpSettings

backendHttpSettings?: pulumi.Input<pulumi.Input<{
    affinityCookieName: pulumi.Input<string>;
    authenticationCertificates: pulumi.Input<pulumi.Input<{
        id: pulumi.Input<string>;
        name: pulumi.Input<string>;
    }>[]>;
    connectionDraining: pulumi.Input<{
        drainTimeoutSec: pulumi.Input<number>;
        enabled: pulumi.Input<boolean>;
    }>;
    cookieBasedAffinity: pulumi.Input<string>;
    hostName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    path: pulumi.Input<string>;
    pickHostNameFromBackendAddress: pulumi.Input<boolean>;
    port: pulumi.Input<number>;
    probeId: pulumi.Input<string>;
    probeName: pulumi.Input<string>;
    protocol: pulumi.Input<string>;
    requestTimeout: pulumi.Input<number>;
}>[]>;

One or more backend_http_settings blocks as defined below.

property customErrorConfigurations

customErrorConfigurations?: pulumi.Input<pulumi.Input<{
    customErrorPageUrl: pulumi.Input<string>;
    id: pulumi.Input<string>;
    statusCode: pulumi.Input<string>;
}>[]>;

One or more custom_error_configuration blocks as defined below.

property disabledSslProtocols

disabledSslProtocols?: pulumi.Input<pulumi.Input<string>[]>;

A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2. > NOTE: disabled_ssl_protocols has been deprecated in favour of disabled_protocols in the ssl_policy block.

property enableHttp2

enableHttp2?: pulumi.Input<boolean>;

Is HTTP2 enabled on the application gateway resource? Defaults to false.

property frontendIpConfigurations

frontendIpConfigurations?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    privateIpAddress: pulumi.Input<string>;
    privateIpAddressAllocation: pulumi.Input<string>;
    publicIpAddressId: pulumi.Input<string>;
    subnetId: pulumi.Input<string>;
}>[]>;

One or more frontend_ip_configuration blocks as defined below.

property frontendPorts

frontendPorts?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    port: pulumi.Input<number>;
}>[]>;

One or more frontend_port blocks as defined below.

property gatewayIpConfigurations

gatewayIpConfigurations?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    subnetId: pulumi.Input<string>;
}>[]>;

One or more gateway_ip_configuration blocks as defined below.

property httpListeners

httpListeners?: pulumi.Input<pulumi.Input<{
    customErrorConfigurations: pulumi.Input<pulumi.Input<{
        customErrorPageUrl: pulumi.Input<string>;
        id: pulumi.Input<string>;
        statusCode: pulumi.Input<string>;
    }>[]>;
    frontendIpConfigurationId: pulumi.Input<string>;
    frontendIpConfigurationName: pulumi.Input<string>;
    frontendPortId: pulumi.Input<string>;
    frontendPortName: pulumi.Input<string>;
    hostName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    protocol: pulumi.Input<string>;
    requireSni: pulumi.Input<boolean>;
    sslCertificateId: pulumi.Input<string>;
    sslCertificateName: pulumi.Input<string>;
}>[]>;

One or more http_listener blocks as defined below.

property location

location?: pulumi.Input<string>;

The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the Application Gateway. Changing this forces a new resource to be created.

property probes

probes?: pulumi.Input<pulumi.Input<{
    host: pulumi.Input<string>;
    id: pulumi.Input<string>;
    interval: pulumi.Input<number>;
    match: pulumi.Input<{
        body: pulumi.Input<string>;
        statusCodes: pulumi.Input<pulumi.Input<string>[]>;
    }>;
    minimumServers: pulumi.Input<number>;
    name: pulumi.Input<string>;
    path: pulumi.Input<string>;
    pickHostNameFromBackendHttpSettings: pulumi.Input<boolean>;
    protocol: pulumi.Input<string>;
    timeout: pulumi.Input<number>;
    unhealthyThreshold: pulumi.Input<number>;
}>[]>;

One or more probe blocks as defined below.

property redirectConfigurations

redirectConfigurations?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    includePath: pulumi.Input<boolean>;
    includeQueryString: pulumi.Input<boolean>;
    name: pulumi.Input<string>;
    redirectType: pulumi.Input<string>;
    targetListenerId: pulumi.Input<string>;
    targetListenerName: pulumi.Input<string>;
    targetUrl: pulumi.Input<string>;
}>[]>;

A redirect_configuration block as defined below.

property requestRoutingRules

requestRoutingRules?: pulumi.Input<pulumi.Input<{
    backendAddressPoolId: pulumi.Input<string>;
    backendAddressPoolName: pulumi.Input<string>;
    backendHttpSettingsId: pulumi.Input<string>;
    backendHttpSettingsName: pulumi.Input<string>;
    httpListenerId: pulumi.Input<string>;
    httpListenerName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    redirectConfigurationId: pulumi.Input<string>;
    redirectConfigurationName: pulumi.Input<string>;
    rewriteRuleSetId: pulumi.Input<string>;
    rewriteRuleSetName: pulumi.Input<string>;
    ruleType: pulumi.Input<string>;
    urlPathMapId: pulumi.Input<string>;
    urlPathMapName: pulumi.Input<string>;
}>[]>;

One or more request_routing_rule blocks as defined below.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

property rewriteRuleSets

rewriteRuleSets?: pulumi.Input<pulumi.Input<{
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    rewriteRules: pulumi.Input<pulumi.Input<{
        conditions: pulumi.Input<pulumi.Input<{
            ignoreCase: pulumi.Input<boolean>;
            negate: pulumi.Input<boolean>;
            pattern: pulumi.Input<string>;
            variable: pulumi.Input<string>;
        }>[]>;
        name: pulumi.Input<string>;
        requestHeaderConfigurations: pulumi.Input<pulumi.Input<{
            headerName: pulumi.Input<string>;
            headerValue: pulumi.Input<string>;
        }>[]>;
        responseHeaderConfigurations: pulumi.Input<pulumi.Input<{
            headerName: pulumi.Input<string>;
            headerValue: pulumi.Input<string>;
        }>[]>;
        ruleSequence: pulumi.Input<number>;
    }>[]>;
}>[]>;

One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

property sku

sku?: pulumi.Input<{
    capacity: pulumi.Input<number>;
    name: pulumi.Input<string>;
    tier: pulumi.Input<string>;
}>;

A sku block as defined below.

property sslCertificates

sslCertificates?: pulumi.Input<pulumi.Input<{
    data: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    password: pulumi.Input<string>;
    publicCertData: pulumi.Input<string>;
}>[]>;

One or more ssl_certificate blocks as defined below.

property sslPolicies

sslPolicies?: pulumi.Input<pulumi.Input<{
    cipherSuites: pulumi.Input<pulumi.Input<string>[]>;
    disabledProtocols: pulumi.Input<pulumi.Input<string>[]>;
    minProtocolVersion: pulumi.Input<string>;
    policyName: pulumi.Input<string>;
    policyType: pulumi.Input<string>;
}>[]>;

a ssl policy block as defined below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property urlPathMaps

urlPathMaps?: pulumi.Input<pulumi.Input<{
    defaultBackendAddressPoolId: pulumi.Input<string>;
    defaultBackendAddressPoolName: pulumi.Input<string>;
    defaultBackendHttpSettingsId: pulumi.Input<string>;
    defaultBackendHttpSettingsName: pulumi.Input<string>;
    defaultRedirectConfigurationId: pulumi.Input<string>;
    defaultRedirectConfigurationName: pulumi.Input<string>;
    defaultRewriteRuleSetId: pulumi.Input<string>;
    defaultRewriteRuleSetName: pulumi.Input<string>;
    id: pulumi.Input<string>;
    name: pulumi.Input<string>;
    pathRules: pulumi.Input<pulumi.Input<{
        backendAddressPoolId: pulumi.Input<string>;
        backendAddressPoolName: pulumi.Input<string>;
        backendHttpSettingsId: pulumi.Input<string>;
        backendHttpSettingsName: pulumi.Input<string>;
        id: pulumi.Input<string>;
        name: pulumi.Input<string>;
        paths: pulumi.Input<pulumi.Input<string>[]>;
        redirectConfigurationId: pulumi.Input<string>;
        redirectConfigurationName: pulumi.Input<string>;
        rewriteRuleSetId: pulumi.Input<string>;
        rewriteRuleSetName: pulumi.Input<string>;
    }>[]>;
}>[]>;

One or more url_path_map blocks as defined below.

property wafConfiguration

wafConfiguration?: pulumi.Input<{
    disabledRuleGroups: pulumi.Input<pulumi.Input<{
        ruleGroupName: pulumi.Input<string>;
        rules: pulumi.Input<pulumi.Input<number>[]>;
    }>[]>;
    enabled: pulumi.Input<boolean>;
    exclusions: pulumi.Input<pulumi.Input<{
        matchVariable: pulumi.Input<string>;
        selector: pulumi.Input<string>;
        selectorMatchOperator: pulumi.Input<string>;
    }>[]>;
    fileUploadLimitMb: pulumi.Input<number>;
    firewallMode: pulumi.Input<string>;
    maxRequestBodySizeKb: pulumi.Input<number>;
    requestBodyCheck: pulumi.Input<boolean>;
    ruleSetType: pulumi.Input<string>;
    ruleSetVersion: pulumi.Input<string>;
}>;

A waf_configuration block as defined below.

property zones

zones?: pulumi.Input<pulumi.Input<string>[]>;

A collection of availability zones to spread the Application Gateway over.

interface ApplicationSecurityGroupArgs

The set of arguments for constructing a ApplicationSecurityGroup resource.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the Application Security Group.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface ApplicationSecurityGroupState

Input properties used for looking up and filtering ApplicationSecurityGroup resources.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the Application Security Group.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface ConnectionMonitorArgs

The set of arguments for constructing a ConnectionMonitor resource.

property autoStart

autoStart?: pulumi.Input<boolean>;

Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

property destination

destination: pulumi.Input<{
    address: pulumi.Input<string>;
    port: pulumi.Input<number>;
    virtualMachineId: pulumi.Input<string>;
}>;

A destination block as defined below.

property intervalInSeconds

intervalInSeconds?: pulumi.Input<number>;

Monitoring interval in seconds. Defaults to 60.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the Connection Monitor. Changing this forces a new resource to be created.

property networkWatcherName

networkWatcherName: pulumi.Input<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

property source

source: pulumi.Input<{
    port: pulumi.Input<number>;
    virtualMachineId: pulumi.Input<string>;
}>;

A source block as defined below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface ConnectionMonitorState

Input properties used for looking up and filtering ConnectionMonitor resources.

property autoStart

autoStart?: pulumi.Input<boolean>;

Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

property destination

destination?: pulumi.Input<{
    address: pulumi.Input<string>;
    port: pulumi.Input<number>;
    virtualMachineId: pulumi.Input<string>;
}>;

A destination block as defined below.

property intervalInSeconds

intervalInSeconds?: pulumi.Input<number>;

Monitoring interval in seconds. Defaults to 60.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the Connection Monitor. Changing this forces a new resource to be created.

property networkWatcherName

networkWatcherName?: pulumi.Input<string>;

The name of the Network Watcher. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

property source

source?: pulumi.Input<{
    port: pulumi.Input<number>;
    virtualMachineId: pulumi.Input<string>;
}>;

A source block as defined below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface DdosProtectionPlanArgs

The set of arguments for constructing a DdosProtectionPlan resource.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface DdosProtectionPlanState

Input properties used for looking up and filtering DdosProtectionPlan resources.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property virtualNetworkIds

virtualNetworkIds?: pulumi.Input<pulumi.Input<string>[]>;

The Resource ID list of the Virtual Networks associated with DDoS Protection Plan.

interface ExpressRouteCircuitArgs

The set of arguments for constructing a ExpressRouteCircuit resource.

property allowClassicOperations

allowClassicOperations?: pulumi.Input<boolean>;

Allow the circuit to interact with classic (RDFE) resources. The default value is false.

property bandwidthInMbps

bandwidthInMbps: pulumi.Input<number>;

The bandwidth in Mbps of the circuit being created.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property peeringLocation

peeringLocation: pulumi.Input<string>;

The name of the peering location and not the Azure resource location.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

property serviceProviderName

serviceProviderName: pulumi.Input<string>;

The name of the ExpressRoute Service Provider.

property sku

sku: pulumi.Input<{
    family: pulumi.Input<string>;
    tier: pulumi.Input<string>;
}>;

A sku block for the ExpressRoute circuit as documented below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface ExpressRouteCircuitAuthorizationArgs

The set of arguments for constructing a ExpressRouteCircuitAuthorization resource.

property expressRouteCircuitName

expressRouteCircuitName: pulumi.Input<string>;

The name of the Express Route Circuit in which to create the Authorization.

property name

name?: pulumi.Input<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

interface ExpressRouteCircuitAuthorizationState

Input properties used for looking up and filtering ExpressRouteCircuitAuthorization resources.

property authorizationKey

authorizationKey?: pulumi.Input<string>;

The Authorization Key.

property authorizationUseStatus

authorizationUseStatus?: pulumi.Input<string>;

The authorization use status.

property expressRouteCircuitName

expressRouteCircuitName?: pulumi.Input<string>;

The name of the Express Route Circuit in which to create the Authorization.

property name

name?: pulumi.Input<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

interface ExpressRouteCircuitPeeringArgs

The set of arguments for constructing a ExpressRouteCircuitPeering resource.

property expressRouteCircuitName

expressRouteCircuitName: pulumi.Input<string>;

The name of the ExpressRoute Circuit in which to create the Peering.

property microsoftPeeringConfig

microsoftPeeringConfig?: pulumi.Input<{
    advertisedPublicPrefixes: pulumi.Input<pulumi.Input<string>[]>;
}>;

A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

property peerAsn

peerAsn?: pulumi.Input<number>;

The Either a 16-bit or a 32-bit ASN. Can either be public or private..

property peeringType

peeringType: pulumi.Input<string>;

The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

property primaryPeerAddressPrefix

primaryPeerAddressPrefix: pulumi.Input<string>;

A /30 subnet for the primary link.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

property secondaryPeerAddressPrefix

secondaryPeerAddressPrefix: pulumi.Input<string>;

A /30 subnet for the secondary link.

property sharedKey

sharedKey?: pulumi.Input<string>;

The shared key. Can be a maximum of 25 characters.

property vlanId

vlanId: pulumi.Input<number>;

A valid VLAN ID to establish this peering on.

interface ExpressRouteCircuitPeeringState

Input properties used for looking up and filtering ExpressRouteCircuitPeering resources.

property azureAsn

azureAsn?: pulumi.Input<number>;

The ASN used by Azure.

property expressRouteCircuitName

expressRouteCircuitName?: pulumi.Input<string>;

The name of the ExpressRoute Circuit in which to create the Peering.

property microsoftPeeringConfig

microsoftPeeringConfig?: pulumi.Input<{
    advertisedPublicPrefixes: pulumi.Input<pulumi.Input<string>[]>;
}>;

A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

property peerAsn

peerAsn?: pulumi.Input<number>;

The Either a 16-bit or a 32-bit ASN. Can either be public or private..

property peeringType

peeringType?: pulumi.Input<string>;

The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

property primaryAzurePort

primaryAzurePort?: pulumi.Input<string>;

The Primary Port used by Azure for this Peering.

property primaryPeerAddressPrefix

primaryPeerAddressPrefix?: pulumi.Input<string>;

A /30 subnet for the primary link.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

property secondaryAzurePort

secondaryAzurePort?: pulumi.Input<string>;

The Secondary Port used by Azure for this Peering.

property secondaryPeerAddressPrefix

secondaryPeerAddressPrefix?: pulumi.Input<string>;

A /30 subnet for the secondary link.

property sharedKey

sharedKey?: pulumi.Input<string>;

The shared key. Can be a maximum of 25 characters.

property vlanId

vlanId?: pulumi.Input<number>;

A valid VLAN ID to establish this peering on.

interface ExpressRouteCircuitState

Input properties used for looking up and filtering ExpressRouteCircuit resources.

property allowClassicOperations

allowClassicOperations?: pulumi.Input<boolean>;

Allow the circuit to interact with classic (RDFE) resources. The default value is false.

property bandwidthInMbps

bandwidthInMbps?: pulumi.Input<number>;

The bandwidth in Mbps of the circuit being created.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

property peeringLocation

peeringLocation?: pulumi.Input<string>;

The name of the peering location and not the Azure resource location.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

property serviceKey

serviceKey?: pulumi.Input<string>;

The string needed by the service provider to provision the ExpressRoute circuit.

property serviceProviderName

serviceProviderName?: pulumi.Input<string>;

The name of the ExpressRoute Service Provider.

property serviceProviderProvisioningState

serviceProviderProvisioningState?: pulumi.Input<string>;

The ExpressRoute circuit provisioning state from your chosen service provider. Possible values are “NotProvisioned”, “Provisioning”, “Provisioned”, and “Deprovisioning”.

property sku

sku?: pulumi.Input<{
    family: pulumi.Input<string>;
    tier: pulumi.Input<string>;
}>;

A sku block for the ExpressRoute circuit as documented below.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface FirewallApplicationRuleCollectionArgs

The set of arguments for constructing a FirewallApplicationRuleCollection resource.

property action

action: pulumi.Input<string>;

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

property azureFirewallName

azureFirewallName: pulumi.Input<string>;

Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

property priority

priority: pulumi.Input<number>;

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

property rules

rules: pulumi.Input<pulumi.Input<{
    description: pulumi.Input<string>;
    fqdnTags: pulumi.Input<pulumi.Input<string>[]>;
    name: pulumi.Input<string>;
    protocols: pulumi.Input<pulumi.Input<{
        port: pulumi.Input<number>;
        type: pulumi.Input<string>;
    }>[]>;
    sourceAddresses: pulumi.Input<pulumi.Input<string>[]>;
    targetFqdns: pulumi.Input<pulumi.Input<string>[]>;
}>[]>;

One or more rule blocks as defined below.

interface FirewallApplicationRuleCollectionState

Input properties used for looking up and filtering FirewallApplicationRuleCollection resources.

property action

action?: pulumi.Input<string>;

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

property azureFirewallName

azureFirewallName?: pulumi.Input<string>;

Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

property priority

priority?: pulumi.Input<number>;

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

property rules

rules?: pulumi.Input<pulumi.Input<{
    description: pulumi.Input<string>;
    fqdnTags: pulumi.Input<pulumi.Input<string>[]>;
    name: pulumi.Input<string>;
    protocols: pulumi.Input<pulumi.Input<{
        port: pulumi.Input<number>;
        type: pulumi.Input<string>;
    }>[]>;
    sourceAddresses: pulumi.Input<pulumi.Input<string>[]>;
    targetFqdns: pulumi.Input<pulumi.Input<string>[]>;
}&g