Manage IP addresses with Azure Virtual Network Manager
Important
Currently, the IP address management (IPAM) feature in Azure Virtual Network Manager is in preview. It is available in the following regions during preview:
- Australia Central
- Australia Central 2
- Australia East
- Australia Southeast
- Brazil South
- Brazil Southeast
- Canada Central
- Canada East
- Central India
- Central US
- Central US EUAP
- East Asia
- East US
- East US 2
- East US 2 EUAP
- France Central
- France South
- Germany North
- Germany West Central
- Israel Central
- Italy North
- Japan East
- Japan West
- Korea Central
- Korea South
- Malaysia South
- Mexico Central
- North Central US
- North Europe
- Norway East
- Norway West
- Poland Central
- South Africa North
- South Central US
- South India
- Southeast Asia
- Spain Central
- Sweden Central
- Sweden South
- Switzerland North
- Switzerland West
- Taiwan Northwest
- UAE Central
- UAE North
- UK South
- UK West
- West Europe
- West US
- West US 2
This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see Supplemental Terms of Use for Microsoft Azure Previews.
Azure Virtual Network Manager allows you to manage IP addresses by creating and assigning IP address pools to your virtual networks. This article shows you how to create and assign IP address pools to your virtual networks with IP address management (IPAM) in Azure Virtual Network Manager.
Prerequisites
- An Azure subscription. If you don't have an Azure subscription, create a free account before you begin.
- An existing network manager instance. If you don't have a network manager instance, see Create a network manager instance.
- A virtual network that you want to associate with an IP address pool.
- To manage IP addresses in your network manager, you have the Network Contributor role with role-based access control Classic Admin/legacy authorization isn't supported.
Create an IP address pool
In this step, you create an IP address pool for your virtual network.
In the Azure portal, search for and select Network managers.
Select your network manager instance.
In the left menu, select IP address pools (Preview) under IP address management (Preview).
Select + Create or Create to create a new IP address pool.
In the Create an IP address pool window, enter the following information:
Field Description Name Enter a name for the IP address pool. Description Enter a description for the IP address pool. Parent pool For creating a root pool, leave default of None. For creating a child pool, select the parent pool. Select Next or the IP addresses tab.
Under Starting address, enter the IP address range for the pool.
Select Review + create and then Create to create the IP address pool.
Repeat these steps for another root or child pool.
Associate a virtual network with an IP address pool
In this step, you associate an existing virtual network with an IP address pool from the Allocations settings page in the IP address pool.
Browse to your network manager instance and select your IP address pool.
From the left menu, select Allocations under Settings or select Allocate.
In the Allocations window, select + Create > Associate resources. The Associate resources option allocates a CIDR to an existing virtual network.
In the Select resources window, select the virtual networks you want to associate with the IP address pool and then choose Select.
Verify the virtual network is listed.
Note
In addition to associating resources, you can allocate address spaces to a child pool or a static CIDR block from the a pool's Allocations page.
Create static CIDR blocks for a pool
In this step, you create a static CIDR block for a pool. This is helpful for allocating a space that is outside of Azure or Azure resources not supported by IP address manager. For example, you can allocate a CIDR in the pool to the address space in your on-premises environment. Likewise, you can also use this for a space that is used by a Virtual WAN hub or Azure VMware Private Cloud.
Browse to your IP address pool.
Select Allocate or Allocations under Settings.
In the Allocations window, select + Create > Allocate static CIDRs.
In the Allocate static CIDRs from pool window, enter the following information:
Field Description Name Enter a name for the static CIDR block. Description Enter a description for the static CIDR block. CIDR Enter the CIDR block. Select Allocate.
Review allocation usage
In this step, you review the allocation usage of the IP address pool. This helps you understand how the CIDRs are being used in the pool, along with the percentage of the pool that is allocated and the compliance status of the pool.
Browse to your IP address pool.
Select Allocations under Settings.
In the Allocations window, you can review all of the statistics for the address pool including:
Field Description Pool address space The total address space that is allocated to the pool. Allocated address Space The address space that is allocated to the pool. Available address Space The address space that is available for allocation. Available address count The number of addresses that are allocated to the pool. IP allocation The set of IP addresses that are allocated from the pool for potential use. For each allocation, you can review the following:
Field Description Name The name of the allocation. Address space The address space that is allocated to the pool. Address count The number of addresses that are allocated to the pool. IP allocation The set of IP addresses that are allocated from the pool for potential use. Status The status of the allocation to the pool.
Delegating permissions for IP address management (IPAM)
In this step, you delegate permissions to other users to manage IP address pools in your network manager using Azure role-based access control (RBAC). This allows you to control access to the IP address pools and ensure that only authorized users can manage the pools.
- Browse to your IP address pool.
- In the left menu, select Access control (IAM).
- In the Access control (IAM) window, select + Add>Add role assignment.
- Under Role, select IPAM Pool User through the search bar under the Job function roles tab, and then select Next.
- On the Members tab, select how you wish to assign access to the role. You can assign access to a user, group, or service principal, or you can use a managed identity.
- Choose + Select members and then Select the user, group, service principal, or managed identity that you want to assign the role to.
- Select Review + assign and then Assign to delegate permissions to the user.
Create a virtual network with a nonoverlapping CIDR range
In this step, you create a virtual network with a nonoverlapping CIDR range by allowing IP address manager to automatically provide a nonoverlapping CIDR.
In the Azure portal, search for and select Virtual networks.
Select + Create.
On the Basics tab, enter the following information:
Field Description Subscription Select the subscription managed by a Network Manager management scope. Resource group Select the resource group for the virtual network. Name Enter a name for the virtual network. Region Select the region for the virtual network. IP address pools must be in the same region as your virtual network in order to be associated. Select the IP addresses tab or Next > Next.
On the IP addresses tab, select Allocate using IP address pools checkbox.
In the Select an IP address pool window, select the IP address pool that you want to associate with the virtual network and then choose Save. You can select at most one IPv4 pool and one IPv6 pool for association to a single virtual network.
From the dropdown menu next to your IP address pool, select the size for the virtual network.
Optionally create subnets referring to the selected pool.
Select Review + create and then Create to create the virtual network.