Microsoft.Network virtualNetworks/virtualNetworkPeerings
- Latest
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
- 2018-07-01
- 2018-06-01
- 2018-04-01
- 2018-02-01
- 2018-01-01
- 2017-11-01
- 2017-10-01
- 2017-09-01
- 2017-08-01
- 2017-06-01
- 2017-03-30
- 2017-03-01
- 2016-12-01
- 2016-09-01
- 2016-06-01
Bicep resource definition
The virtualNetworks/virtualNetworkPeerings resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworks/virtualNetworkPeerings resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2024-05-01' = {
parent: resourceSymbolicName
name: 'string'
properties: {
allowForwardedTraffic: bool
allowGatewayTransit: bool
allowVirtualNetworkAccess: bool
doNotVerifyRemoteGateways: bool
enableOnlyIPv6Peering: bool
localAddressSpace: {
addressPrefixes: [
'string'
]
ipamPoolPrefixAllocations: [
{
numberOfIpAddresses: 'string'
pool: {
id: 'string'
}
}
]
}
localSubnetNames: [
'string'
]
localVirtualNetworkAddressSpace: {
addressPrefixes: [
'string'
]
ipamPoolPrefixAllocations: [
{
numberOfIpAddresses: 'string'
pool: {
id: 'string'
}
}
]
}
peerCompleteVnets: bool
peeringState: 'string'
peeringSyncLevel: 'string'
remoteAddressSpace: {
addressPrefixes: [
'string'
]
ipamPoolPrefixAllocations: [
{
numberOfIpAddresses: 'string'
pool: {
id: 'string'
}
}
]
}
remoteBgpCommunities: {
virtualNetworkCommunity: 'string'
}
remoteSubnetNames: [
'string'
]
remoteVirtualNetwork: {
id: 'string'
}
remoteVirtualNetworkAddressSpace: {
addressPrefixes: [
'string'
]
ipamPoolPrefixAllocations: [
{
numberOfIpAddresses: 'string'
pool: {
id: 'string'
}
}
]
}
useRemoteGateways: bool
}
}
Property values
AddressSpace
Name | Description | Value |
---|---|---|
addressPrefixes | A list of address blocks reserved for this virtual network in CIDR notation. | string[] |
ipamPoolPrefixAllocations | A list of IPAM Pools allocating IP address prefixes. | IpamPoolPrefixAllocation[] |
IpamPoolPrefixAllocation
Name | Description | Value |
---|---|---|
numberOfIpAddresses | Number of IP addresses to allocate. | string |
pool | IpamPoolPrefixAllocationPool |
IpamPoolPrefixAllocationPool
Name | Description | Value |
---|---|---|
id | Resource id of the associated Azure IpamPool resource. | string |
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
Name | Description | Value |
---|---|---|
name | The resource name | string (required) |
parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: virtualNetworks |
properties | Properties of the virtual network peering. | VirtualNetworkPeeringPropertiesFormat |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkBgpCommunities
Name | Description | Value |
---|---|---|
virtualNetworkCommunity | The BGP community associated with the virtual network. | string (required) |
VirtualNetworkPeeringPropertiesFormat
Name | Description | Value |
---|---|---|
allowForwardedTraffic | Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. | bool |
allowGatewayTransit | If gateway links can be used in remote virtual networking to link to this virtual network. | bool |
allowVirtualNetworkAccess | Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. | bool |
doNotVerifyRemoteGateways | If we need to verify the provisioning state of the remote gateway. | bool |
enableOnlyIPv6Peering | Whether only Ipv6 address space is peered for subnet peering. | bool |
localAddressSpace | The local address space of the local virtual network that is peered. | AddressSpace |
localSubnetNames | List of local subnet names that are subnet peered with remote virtual network. | string[] |
localVirtualNetworkAddressSpace | The current local address space of the local virtual network that is peered. | AddressSpace |
peerCompleteVnets | Whether complete virtual network address space is peered. | bool |
peeringState | The status of the virtual network peering. | 'Connected' 'Disconnected' 'Initiated' |
peeringSyncLevel | The peering sync status of the virtual network peering. | 'FullyInSync' 'LocalAndRemoteNotInSync' 'LocalNotInSync' 'RemoteNotInSync' |
remoteAddressSpace | The reference to the address space peered with the remote virtual network. | AddressSpace |
remoteBgpCommunities | The reference to the remote virtual network's Bgp Communities. | VirtualNetworkBgpCommunities |
remoteSubnetNames | List of remote subnet names from remote virtual network that are subnet peered. | string[] |
remoteVirtualNetwork | The reference to the remote virtual network. The remote virtual network can be in the same or different region (preview). See here to register for the preview and learn more (/azure/virtual-network/virtual-network-create-peering). | SubResource |
remoteVirtualNetworkAddressSpace | The reference to the current address space of the remote virtual network. | AddressSpace |
useRemoteGateways | If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. | bool |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Azure Game Developer Virtual Machine | Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. |
Create a vNet to vNet connection using vNet Peering | This template allows you to connect two vNets using vNet Peering |
Deploy a Bastion host in a hub Virtual Network | This template creates two vNets with peerings, a Bastion host in the Hub vNet and a Linux VM in the spoke vNet |
Peer two existing VNets within a single region | This template allows you to connect two VNETs from the same or different resource groups in the same region using VNet Peering |
Public Load Balancer chained to a Gateway Load Balancer | This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool. |
Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology | This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
ARM template resource definition
The virtualNetworks/virtualNetworkPeerings resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworks/virtualNetworkPeerings resource, add the following JSON to your template.
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2024-05-01",
"name": "string",
"properties": {
"allowForwardedTraffic": "bool",
"allowGatewayTransit": "bool",
"allowVirtualNetworkAccess": "bool",
"doNotVerifyRemoteGateways": "bool",
"enableOnlyIPv6Peering": "bool",
"localAddressSpace": {
"addressPrefixes": [ "string" ],
"ipamPoolPrefixAllocations": [
{
"numberOfIpAddresses": "string",
"pool": {
"id": "string"
}
}
]
},
"localSubnetNames": [ "string" ],
"localVirtualNetworkAddressSpace": {
"addressPrefixes": [ "string" ],
"ipamPoolPrefixAllocations": [
{
"numberOfIpAddresses": "string",
"pool": {
"id": "string"
}
}
]
},
"peerCompleteVnets": "bool",
"peeringState": "string",
"peeringSyncLevel": "string",
"remoteAddressSpace": {
"addressPrefixes": [ "string" ],
"ipamPoolPrefixAllocations": [
{
"numberOfIpAddresses": "string",
"pool": {
"id": "string"
}
}
]
},
"remoteBgpCommunities": {
"virtualNetworkCommunity": "string"
},
"remoteSubnetNames": [ "string" ],
"remoteVirtualNetwork": {
"id": "string"
},
"remoteVirtualNetworkAddressSpace": {
"addressPrefixes": [ "string" ],
"ipamPoolPrefixAllocations": [
{
"numberOfIpAddresses": "string",
"pool": {
"id": "string"
}
}
]
},
"useRemoteGateways": "bool"
}
}
Property values
AddressSpace
Name | Description | Value |
---|---|---|
addressPrefixes | A list of address blocks reserved for this virtual network in CIDR notation. | string[] |
ipamPoolPrefixAllocations | A list of IPAM Pools allocating IP address prefixes. | IpamPoolPrefixAllocation[] |
IpamPoolPrefixAllocation
Name | Description | Value |
---|---|---|
numberOfIpAddresses | Number of IP addresses to allocate. | string |
pool | IpamPoolPrefixAllocationPool |
IpamPoolPrefixAllocationPool
Name | Description | Value |
---|---|---|
id | Resource id of the associated Azure IpamPool resource. | string |
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2024-05-01' |
name | The resource name | string (required) |
properties | Properties of the virtual network peering. | VirtualNetworkPeeringPropertiesFormat |
type | The resource type | 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings' |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkBgpCommunities
Name | Description | Value |
---|---|---|
virtualNetworkCommunity | The BGP community associated with the virtual network. | string (required) |
VirtualNetworkPeeringPropertiesFormat
Name | Description | Value |
---|---|---|
allowForwardedTraffic | Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. | bool |
allowGatewayTransit | If gateway links can be used in remote virtual networking to link to this virtual network. | bool |
allowVirtualNetworkAccess | Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. | bool |
doNotVerifyRemoteGateways | If we need to verify the provisioning state of the remote gateway. | bool |
enableOnlyIPv6Peering | Whether only Ipv6 address space is peered for subnet peering. | bool |
localAddressSpace | The local address space of the local virtual network that is peered. | AddressSpace |
localSubnetNames | List of local subnet names that are subnet peered with remote virtual network. | string[] |
localVirtualNetworkAddressSpace | The current local address space of the local virtual network that is peered. | AddressSpace |
peerCompleteVnets | Whether complete virtual network address space is peered. | bool |
peeringState | The status of the virtual network peering. | 'Connected' 'Disconnected' 'Initiated' |
peeringSyncLevel | The peering sync status of the virtual network peering. | 'FullyInSync' 'LocalAndRemoteNotInSync' 'LocalNotInSync' 'RemoteNotInSync' |
remoteAddressSpace | The reference to the address space peered with the remote virtual network. | AddressSpace |
remoteBgpCommunities | The reference to the remote virtual network's Bgp Communities. | VirtualNetworkBgpCommunities |
remoteSubnetNames | List of remote subnet names from remote virtual network that are subnet peered. | string[] |
remoteVirtualNetwork | The reference to the remote virtual network. The remote virtual network can be in the same or different region (preview). See here to register for the preview and learn more (/azure/virtual-network/virtual-network-create-peering). | SubResource |
remoteVirtualNetworkAddressSpace | The reference to the current address space of the remote virtual network. | AddressSpace |
useRemoteGateways | If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. | bool |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Azure Game Developer Virtual Machine |
Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. |
Create a vNet to vNet connection using vNet Peering |
This template allows you to connect two vNets using vNet Peering |
Create an Azure Firewall sandbox with forced tunneling |
This template creates an Azure Firewall sandbox (Linux) with one firewall force tunneled through another firewall in a peered VNET |
Deploy a Bastion host in a hub Virtual Network |
This template creates two vNets with peerings, a Bastion host in the Hub vNet and a Linux VM in the spoke vNet |
Deploy a Hub and Spoke topology sandbox |
This template creates a basic hub-and-spoke topology setup. It creates a Hub VNet with subnets DMZ, Management, Shared and Gateway (optionally), with two Spoke VNets (development and production) containing a workload subnet each. It also deploys a Windows Jump-Host on the Management subnet of the HUB, and establishes VNet peerings between the Hub and the two spokes. |
Deploy HBase replication with two VNets in one region |
This template allows you to configure aN HBase environment with two HBase clusters within two VNets in the same region for configuring HBase replication. |
Peer two existing VNets within a single region |
This template allows you to connect two VNETs from the same or different resource groups in the same region using VNet Peering |
Public Load Balancer chained to a Gateway Load Balancer |
This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool. |
Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
Terraform (AzAPI provider) resource definition
The virtualNetworks/virtualNetworkPeerings resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworks/virtualNetworkPeerings resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2024-05-01"
name = "string"
body = jsonencode({
properties = {
allowForwardedTraffic = bool
allowGatewayTransit = bool
allowVirtualNetworkAccess = bool
doNotVerifyRemoteGateways = bool
enableOnlyIPv6Peering = bool
localAddressSpace = {
addressPrefixes = [
"string"
]
ipamPoolPrefixAllocations = [
{
numberOfIpAddresses = "string"
pool = {
id = "string"
}
}
]
}
localSubnetNames = [
"string"
]
localVirtualNetworkAddressSpace = {
addressPrefixes = [
"string"
]
ipamPoolPrefixAllocations = [
{
numberOfIpAddresses = "string"
pool = {
id = "string"
}
}
]
}
peerCompleteVnets = bool
peeringState = "string"
peeringSyncLevel = "string"
remoteAddressSpace = {
addressPrefixes = [
"string"
]
ipamPoolPrefixAllocations = [
{
numberOfIpAddresses = "string"
pool = {
id = "string"
}
}
]
}
remoteBgpCommunities = {
virtualNetworkCommunity = "string"
}
remoteSubnetNames = [
"string"
]
remoteVirtualNetwork = {
id = "string"
}
remoteVirtualNetworkAddressSpace = {
addressPrefixes = [
"string"
]
ipamPoolPrefixAllocations = [
{
numberOfIpAddresses = "string"
pool = {
id = "string"
}
}
]
}
useRemoteGateways = bool
}
})
}
Property values
AddressSpace
Name | Description | Value |
---|---|---|
addressPrefixes | A list of address blocks reserved for this virtual network in CIDR notation. | string[] |
ipamPoolPrefixAllocations | A list of IPAM Pools allocating IP address prefixes. | IpamPoolPrefixAllocation[] |
IpamPoolPrefixAllocation
Name | Description | Value |
---|---|---|
numberOfIpAddresses | Number of IP addresses to allocate. | string |
pool | IpamPoolPrefixAllocationPool |
IpamPoolPrefixAllocationPool
Name | Description | Value |
---|---|---|
id | Resource id of the associated Azure IpamPool resource. | string |
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
Name | Description | Value |
---|---|---|
name | The resource name | string (required) |
parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: virtualNetworks |
properties | Properties of the virtual network peering. | VirtualNetworkPeeringPropertiesFormat |
type | The resource type | "Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2024-05-01" |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkBgpCommunities
Name | Description | Value |
---|---|---|
virtualNetworkCommunity | The BGP community associated with the virtual network. | string (required) |
VirtualNetworkPeeringPropertiesFormat
Name | Description | Value |
---|---|---|
allowForwardedTraffic | Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. | bool |
allowGatewayTransit | If gateway links can be used in remote virtual networking to link to this virtual network. | bool |
allowVirtualNetworkAccess | Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. | bool |
doNotVerifyRemoteGateways | If we need to verify the provisioning state of the remote gateway. | bool |
enableOnlyIPv6Peering | Whether only Ipv6 address space is peered for subnet peering. | bool |
localAddressSpace | The local address space of the local virtual network that is peered. | AddressSpace |
localSubnetNames | List of local subnet names that are subnet peered with remote virtual network. | string[] |
localVirtualNetworkAddressSpace | The current local address space of the local virtual network that is peered. | AddressSpace |
peerCompleteVnets | Whether complete virtual network address space is peered. | bool |
peeringState | The status of the virtual network peering. | 'Connected' 'Disconnected' 'Initiated' |
peeringSyncLevel | The peering sync status of the virtual network peering. | 'FullyInSync' 'LocalAndRemoteNotInSync' 'LocalNotInSync' 'RemoteNotInSync' |
remoteAddressSpace | The reference to the address space peered with the remote virtual network. | AddressSpace |
remoteBgpCommunities | The reference to the remote virtual network's Bgp Communities. | VirtualNetworkBgpCommunities |
remoteSubnetNames | List of remote subnet names from remote virtual network that are subnet peered. | string[] |
remoteVirtualNetwork | The reference to the remote virtual network. The remote virtual network can be in the same or different region (preview). See here to register for the preview and learn more (/azure/virtual-network/virtual-network-create-peering). | SubResource |
remoteVirtualNetworkAddressSpace | The reference to the current address space of the remote virtual network. | AddressSpace |
useRemoteGateways | If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. | bool |