Microsoft.Network virtualNetworkTaps 2019-11-01
- Latest
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
Bicep resource definition
The virtualNetworkTaps resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworkTaps resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/virtualNetworkTaps@2019-11-01' = {
location: 'string'
name: 'string'
properties: {
destinationLoadBalancerFrontEndIPConfiguration: {
id: 'string'
name: 'string'
properties: {
privateIPAddress: 'string'
privateIPAddressVersion: 'string'
privateIPAllocationMethod: 'string'
publicIPAddress: {
id: 'string'
location: 'string'
properties: {
ddosSettings: {
ddosCustomPolicy: {
id: 'string'
}
protectedIP: bool
protectionCoverage: 'string'
}
dnsSettings: {
domainNameLabel: 'string'
fqdn: 'string'
reverseFqdn: 'string'
}
idleTimeoutInMinutes: int
ipAddress: 'string'
ipTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
publicIPAddressVersion: 'string'
publicIPAllocationMethod: 'string'
publicIPPrefix: {
id: 'string'
}
}
sku: {
name: 'string'
}
tags: {
{customized property}: 'string'
}
zones: [
'string'
]
}
publicIPPrefix: {
id: 'string'
}
subnet: {
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
addressPrefixes: [
'string'
]
delegations: [
{
id: 'string'
name: 'string'
properties: {
serviceName: 'string'
}
}
]
natGateway: {
id: 'string'
}
networkSecurityGroup: {
id: 'string'
location: 'string'
properties: {
securityRules: [
{
id: 'string'
name: 'string'
properties: {
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationAddressPrefixes: [
'string'
]
destinationApplicationSecurityGroups: [
{
id: 'string'
location: 'string'
properties: {}
tags: {
{customized property}: 'string'
}
}
]
destinationPortRange: 'string'
destinationPortRanges: [
'string'
]
direction: 'string'
priority: int
protocol: 'string'
sourceAddressPrefix: 'string'
sourceAddressPrefixes: [
'string'
]
sourceApplicationSecurityGroups: [
{
id: 'string'
location: 'string'
properties: {}
tags: {
{customized property}: 'string'
}
}
]
sourcePortRange: 'string'
sourcePortRanges: [
'string'
]
}
}
]
}
tags: {
{customized property}: 'string'
}
}
privateEndpointNetworkPolicies: 'string'
privateLinkServiceNetworkPolicies: 'string'
routeTable: {
id: 'string'
location: 'string'
properties: {
disableBgpRoutePropagation: bool
routes: [
{
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
nextHopIpAddress: 'string'
nextHopType: 'string'
}
}
]
}
tags: {
{customized property}: 'string'
}
}
serviceEndpointPolicies: [
{
id: 'string'
location: 'string'
properties: {
serviceEndpointPolicyDefinitions: [
{
id: 'string'
name: 'string'
properties: {
description: 'string'
service: 'string'
serviceResources: [
'string'
]
}
}
]
}
tags: {
{customized property}: 'string'
}
}
]
serviceEndpoints: [
{
locations: [
'string'
]
service: 'string'
}
]
}
}
}
zones: [
'string'
]
}
destinationNetworkInterfaceIPConfiguration: {
id: 'string'
name: 'string'
properties: {
applicationGatewayBackendAddressPools: [
{
id: 'string'
name: 'string'
properties: {
backendAddresses: [
{
fqdn: 'string'
ipAddress: 'string'
}
]
}
}
]
applicationSecurityGroups: [
{
id: 'string'
location: 'string'
properties: {}
tags: {
{customized property}: 'string'
}
}
]
loadBalancerBackendAddressPools: [
{
id: 'string'
name: 'string'
properties: {}
}
]
loadBalancerInboundNatRules: [
{
id: 'string'
name: 'string'
properties: {
backendPort: int
enableFloatingIP: bool
enableTcpReset: bool
frontendIPConfiguration: {
id: 'string'
}
frontendPort: int
idleTimeoutInMinutes: int
protocol: 'string'
}
}
]
primary: bool
privateIPAddress: 'string'
privateIPAddressVersion: 'string'
privateIPAllocationMethod: 'string'
publicIPAddress: {
id: 'string'
location: 'string'
properties: {
ddosSettings: {
ddosCustomPolicy: {
id: 'string'
}
protectedIP: bool
protectionCoverage: 'string'
}
dnsSettings: {
domainNameLabel: 'string'
fqdn: 'string'
reverseFqdn: 'string'
}
idleTimeoutInMinutes: int
ipAddress: 'string'
ipTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
publicIPAddressVersion: 'string'
publicIPAllocationMethod: 'string'
publicIPPrefix: {
id: 'string'
}
}
sku: {
name: 'string'
}
tags: {
{customized property}: 'string'
}
zones: [
'string'
]
}
subnet: {
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
addressPrefixes: [
'string'
]
delegations: [
{
id: 'string'
name: 'string'
properties: {
serviceName: 'string'
}
}
]
natGateway: {
id: 'string'
}
networkSecurityGroup: {
id: 'string'
location: 'string'
properties: {
securityRules: [
{
id: 'string'
name: 'string'
properties: {
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationAddressPrefixes: [
'string'
]
destinationApplicationSecurityGroups: [
{
id: 'string'
location: 'string'
properties: {}
tags: {
{customized property}: 'string'
}
}
]
destinationPortRange: 'string'
destinationPortRanges: [
'string'
]
direction: 'string'
priority: int
protocol: 'string'
sourceAddressPrefix: 'string'
sourceAddressPrefixes: [
'string'
]
sourceApplicationSecurityGroups: [
{
id: 'string'
location: 'string'
properties: {}
tags: {
{customized property}: 'string'
}
}
]
sourcePortRange: 'string'
sourcePortRanges: [
'string'
]
}
}
]
}
tags: {
{customized property}: 'string'
}
}
privateEndpointNetworkPolicies: 'string'
privateLinkServiceNetworkPolicies: 'string'
routeTable: {
id: 'string'
location: 'string'
properties: {
disableBgpRoutePropagation: bool
routes: [
{
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
nextHopIpAddress: 'string'
nextHopType: 'string'
}
}
]
}
tags: {
{customized property}: 'string'
}
}
serviceEndpointPolicies: [
{
id: 'string'
location: 'string'
properties: {
serviceEndpointPolicyDefinitions: [
{
id: 'string'
name: 'string'
properties: {
description: 'string'
service: 'string'
serviceResources: [
'string'
]
}
}
]
}
tags: {
{customized property}: 'string'
}
}
]
serviceEndpoints: [
{
locations: [
'string'
]
service: 'string'
}
]
}
}
virtualNetworkTaps: [
{
id: 'string'
location: 'string'
properties: ...
tags: {
{customized property}: 'string'
}
}
]
}
}
destinationPort: int
}
tags: {
{customized property}: 'string'
}
}
Property values
ApplicationGatewayBackendAddress
Name | Description | Value |
---|---|---|
fqdn | Fully qualified domain name (FQDN). | string |
ipAddress | IP address. | string |
ApplicationGatewayBackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | Name of the backend address pool that is unique within an Application Gateway. | string |
properties | Properties of the application gateway backend address pool. | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
Name | Description | Value |
---|---|---|
backendAddresses | Backend addresses. | ApplicationGatewayBackendAddress[] |
ApplicationSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the application security group. | ApplicationSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
ApplicationSecurityGroupPropertiesFormat
Name | Description | Value |
---|
BackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer backend address pool. | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
Name | Description | Value |
---|
DdosSettings
Name | Description | Value |
---|---|---|
ddosCustomPolicy | The DDoS custom policy associated with the public IP. | SubResource |
protectedIP | Enables DDoS protection on the public IP. | bool |
protectionCoverage | The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. | 'Basic' 'Standard' |
Delegation
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a subnet. This name can be used to access the resource. | string |
properties | Properties of the subnet. | ServiceDelegationPropertiesFormat |
FrontendIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of the load balancer probe. | FrontendIPConfigurationPropertiesFormat |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
FrontendIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
privateIPAddress | The private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The Private IP allocation method. | 'Dynamic' 'Static' |
publicIPAddress | The reference to the Public IP resource. | PublicIPAddress |
publicIPPrefix | The reference to the Public IP Prefix resource. | SubResource |
subnet | The reference to the subnet resource. | Subnet |
InboundNatRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer inbound nat rule. | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
Name | Description | Value |
---|---|---|
backendPort | The port used for the internal endpoint. Acceptable values range from 1 to 65535. | int |
enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | bool |
enableTcpReset | Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. | bool |
frontendIPConfiguration | A reference to frontend IP addresses. | SubResource |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. | int |
idleTimeoutInMinutes | The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. | int |
protocol | The reference to the transport protocol used by the load balancing rule. | 'All' 'Tcp' 'Udp' |
IpTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: FirstPartyUsage. | string |
tag | The value of the IP tag associated with the public IP. Example: SQL. | string |
Microsoft.Network/virtualNetworkTaps
Name | Description | Value |
---|---|---|
location | Resource location. | string |
name | The resource name | string (required) |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
NetworkInterfaceIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Network interface IP configuration properties. | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | The reference to ApplicationGatewayBackendAddressPool resource. | ApplicationGatewayBackendAddressPool[] |
applicationSecurityGroups | Application security groups in which the IP configuration is included. | ApplicationSecurityGroup[] |
loadBalancerBackendAddressPools | The reference to LoadBalancerBackendAddressPool resource. | BackendAddressPool[] |
loadBalancerInboundNatRules | A list of references of LoadBalancerInboundNatRules. | InboundNatRule[] |
primary | Whether this is a primary customer address on the network interface. | bool |
privateIPAddress | Private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The private IP address allocation method. | 'Dynamic' 'Static' |
publicIPAddress | Public IP address bound to the IP configuration. | PublicIPAddress |
subnet | Subnet bound to the IP configuration. | Subnet |
virtualNetworkTaps | The reference to Virtual Network Taps. | VirtualNetworkTap[] |
NetworkSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the network security group. | NetworkSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
NetworkSecurityGroupPropertiesFormat
Name | Description | Value |
---|---|---|
securityRules | A collection of security rules of the network security group. | SecurityRule[] |
PublicIPAddress
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Public IP address properties. | PublicIPAddressPropertiesFormat |
sku | The public IP address SKU. | PublicIPAddressSku |
tags | Resource tags. | ResourceTags |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
PublicIPAddressDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
fqdn | The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
reverseFqdn | The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
Name | Description | Value |
---|---|---|
ddosSettings | The DDoS protection custom policy associated with the public IP address. | DdosSettings |
dnsSettings | The FQDN of the DNS record associated with the public IP address. | PublicIPAddressDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipAddress | The IP address associated with the public IP address resource. | string |
ipTags | The list of tags associated with the public IP address. | IpTag[] |
publicIPAddressVersion | The public IP address version. | 'IPv4' 'IPv6' |
publicIPAllocationMethod | The public IP address allocation method. | 'Dynamic' 'Static' |
publicIPPrefix | The Public IP Prefix this Public IP Address should be allocated from. | SubResource |
PublicIPAddressSku
Name | Description | Value |
---|---|---|
name | Name of a public IP address SKU. | 'Basic' 'Standard' |
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
Route
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the route. | RoutePropertiesFormat |
RoutePropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The destination CIDR to which the route applies. | string |
nextHopIpAddress | The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
nextHopType | The type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
RouteTable
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the route table. | RouteTablePropertiesFormat |
tags | Resource tags. | ResourceTags |
RouteTablePropertiesFormat
Name | Description | Value |
---|---|---|
disableBgpRoutePropagation | Whether to disable the routes learned by BGP on that route table. True means disable. | bool |
routes | Collection of routes contained within a route table. | Route[] |
SecurityRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the security rule. | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'Allow' 'Deny' (required) |
description | A description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationApplicationSecurityGroups | The application security group specified as destination. | ApplicationSecurityGroup[] |
destinationPortRange | The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Network protocol this rule applies to. | '*' 'Ah' 'Esp' 'Icmp' 'Tcp' 'Udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourceApplicationSecurityGroups | The application security group specified as source. | ApplicationSecurityGroup[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceDelegationPropertiesFormat
Name | Description | Value |
---|---|---|
serviceName | The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers). | string |
ServiceEndpointPolicy
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the service end point policy. | ServiceEndpointPolicyPropertiesFormat |
tags | Resource tags. | ResourceTags |
ServiceEndpointPolicyDefinition
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the service endpoint policy definition. | ServiceEndpointPolicyDefinitionPropertiesFormat |
ServiceEndpointPolicyDefinitionPropertiesFormat
Name | Description | Value |
---|---|---|
description | A description for this rule. Restricted to 140 chars. | string |
service | Service endpoint name. | string |
serviceResources | A list of service resources. | string[] |
ServiceEndpointPolicyPropertiesFormat
Name | Description | Value |
---|---|---|
serviceEndpointPolicyDefinitions | A collection of service endpoint policy definitions of the service endpoint policy. | ServiceEndpointPolicyDefinition[] |
ServiceEndpointPropertiesFormat
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string |
Subnet
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the subnet. | SubnetPropertiesFormat |
SubnetPropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The address prefix for the subnet. | string |
addressPrefixes | List of address prefixes for the subnet. | string[] |
delegations | An array of references to the delegations on the subnet. | Delegation[] |
natGateway | Nat gateway associated with this subnet. | SubResource |
networkSecurityGroup | The reference to the NetworkSecurityGroup resource. | NetworkSecurityGroup |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | string |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | string |
routeTable | The reference to the RouteTable resource. | RouteTable |
serviceEndpointPolicies | An array of service endpoint policies. | ServiceEndpointPolicy[] |
serviceEndpoints | An array of service endpoints. | ServiceEndpointPropertiesFormat[] |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkTap
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags. | ResourceTags |
VirtualNetworkTapPropertiesFormat
Name | Description | Value |
---|---|---|
destinationLoadBalancerFrontEndIPConfiguration | The reference to the private IP address on the internal Load Balancer that will receive the tap. | FrontendIPConfiguration |
destinationNetworkInterfaceIPConfiguration | The reference to the private IP Address of the collector nic that will receive the tap. | NetworkInterfaceIPConfiguration |
destinationPort | The VXLAN destination port that will receive the tapped traffic. | int |
ARM template resource definition
The virtualNetworkTaps resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworkTaps resource, add the following JSON to your template.
{
"type": "Microsoft.Network/virtualNetworkTaps",
"apiVersion": "2019-11-01",
"name": "string",
"location": "string",
"properties": {
"destinationLoadBalancerFrontEndIPConfiguration": {
"id": "string",
"name": "string",
"properties": {
"privateIPAddress": "string",
"privateIPAddressVersion": "string",
"privateIPAllocationMethod": "string",
"publicIPAddress": {
"id": "string",
"location": "string",
"properties": {
"ddosSettings": {
"ddosCustomPolicy": {
"id": "string"
},
"protectedIP": "bool",
"protectionCoverage": "string"
},
"dnsSettings": {
"domainNameLabel": "string",
"fqdn": "string",
"reverseFqdn": "string"
},
"idleTimeoutInMinutes": "int",
"ipAddress": "string",
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"publicIPAddressVersion": "string",
"publicIPAllocationMethod": "string",
"publicIPPrefix": {
"id": "string"
}
},
"sku": {
"name": "string"
},
"tags": {
"{customized property}": "string"
},
"zones": [ "string" ]
},
"publicIPPrefix": {
"id": "string"
},
"subnet": {
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [ "string" ],
"delegations": [
{
"id": "string",
"name": "string",
"properties": {
"serviceName": "string"
}
}
],
"natGateway": {
"id": "string"
},
"networkSecurityGroup": {
"id": "string",
"location": "string",
"properties": {
"securityRules": [
{
"id": "string",
"name": "string",
"properties": {
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [ "string" ],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"properties": {
},
"tags": {
"{customized property}": "string"
}
}
],
"destinationPortRange": "string",
"destinationPortRanges": [ "string" ],
"direction": "string",
"priority": "int",
"protocol": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [ "string" ],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"properties": {
},
"tags": {
"{customized property}": "string"
}
}
],
"sourcePortRange": "string",
"sourcePortRanges": [ "string" ]
}
}
]
},
"tags": {
"{customized property}": "string"
}
},
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string",
"routeTable": {
"id": "string",
"location": "string",
"properties": {
"disableBgpRoutePropagation": "bool",
"routes": [
{
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"nextHopIpAddress": "string",
"nextHopType": "string"
}
}
]
},
"tags": {
"{customized property}": "string"
}
},
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"name": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [ "string" ]
}
}
]
},
"tags": {
"{customized property}": "string"
}
}
],
"serviceEndpoints": [
{
"locations": [ "string" ],
"service": "string"
}
]
}
}
},
"zones": [ "string" ]
},
"destinationNetworkInterfaceIPConfiguration": {
"id": "string",
"name": "string",
"properties": {
"applicationGatewayBackendAddressPools": [
{
"id": "string",
"name": "string",
"properties": {
"backendAddresses": [
{
"fqdn": "string",
"ipAddress": "string"
}
]
}
}
],
"applicationSecurityGroups": [
{
"id": "string",
"location": "string",
"properties": {
},
"tags": {
"{customized property}": "string"
}
}
],
"loadBalancerBackendAddressPools": [
{
"id": "string",
"name": "string",
"properties": {
}
}
],
"loadBalancerInboundNatRules": [
{
"id": "string",
"name": "string",
"properties": {
"backendPort": "int",
"enableFloatingIP": "bool",
"enableTcpReset": "bool",
"frontendIPConfiguration": {
"id": "string"
},
"frontendPort": "int",
"idleTimeoutInMinutes": "int",
"protocol": "string"
}
}
],
"primary": "bool",
"privateIPAddress": "string",
"privateIPAddressVersion": "string",
"privateIPAllocationMethod": "string",
"publicIPAddress": {
"id": "string",
"location": "string",
"properties": {
"ddosSettings": {
"ddosCustomPolicy": {
"id": "string"
},
"protectedIP": "bool",
"protectionCoverage": "string"
},
"dnsSettings": {
"domainNameLabel": "string",
"fqdn": "string",
"reverseFqdn": "string"
},
"idleTimeoutInMinutes": "int",
"ipAddress": "string",
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"publicIPAddressVersion": "string",
"publicIPAllocationMethod": "string",
"publicIPPrefix": {
"id": "string"
}
},
"sku": {
"name": "string"
},
"tags": {
"{customized property}": "string"
},
"zones": [ "string" ]
},
"subnet": {
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [ "string" ],
"delegations": [
{
"id": "string",
"name": "string",
"properties": {
"serviceName": "string"
}
}
],
"natGateway": {
"id": "string"
},
"networkSecurityGroup": {
"id": "string",
"location": "string",
"properties": {
"securityRules": [
{
"id": "string",
"name": "string",
"properties": {
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [ "string" ],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"properties": {
},
"tags": {
"{customized property}": "string"
}
}
],
"destinationPortRange": "string",
"destinationPortRanges": [ "string" ],
"direction": "string",
"priority": "int",
"protocol": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [ "string" ],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"properties": {
},
"tags": {
"{customized property}": "string"
}
}
],
"sourcePortRange": "string",
"sourcePortRanges": [ "string" ]
}
}
]
},
"tags": {
"{customized property}": "string"
}
},
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string",
"routeTable": {
"id": "string",
"location": "string",
"properties": {
"disableBgpRoutePropagation": "bool",
"routes": [
{
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"nextHopIpAddress": "string",
"nextHopType": "string"
}
}
]
},
"tags": {
"{customized property}": "string"
}
},
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"name": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [ "string" ]
}
}
]
},
"tags": {
"{customized property}": "string"
}
}
],
"serviceEndpoints": [
{
"locations": [ "string" ],
"service": "string"
}
]
}
},
"virtualNetworkTaps": [
{
"id": "string",
"location": "string",
"properties": ...,
"tags": {
"{customized property}": "string"
}
}
]
}
},
"destinationPort": "int"
},
"tags": {
"{customized property}": "string"
}
}
Property values
ApplicationGatewayBackendAddress
Name | Description | Value |
---|---|---|
fqdn | Fully qualified domain name (FQDN). | string |
ipAddress | IP address. | string |
ApplicationGatewayBackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | Name of the backend address pool that is unique within an Application Gateway. | string |
properties | Properties of the application gateway backend address pool. | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
Name | Description | Value |
---|---|---|
backendAddresses | Backend addresses. | ApplicationGatewayBackendAddress[] |
ApplicationSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the application security group. | ApplicationSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
ApplicationSecurityGroupPropertiesFormat
Name | Description | Value |
---|
BackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer backend address pool. | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
Name | Description | Value |
---|
DdosSettings
Name | Description | Value |
---|---|---|
ddosCustomPolicy | The DDoS custom policy associated with the public IP. | SubResource |
protectedIP | Enables DDoS protection on the public IP. | bool |
protectionCoverage | The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. | 'Basic' 'Standard' |
Delegation
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a subnet. This name can be used to access the resource. | string |
properties | Properties of the subnet. | ServiceDelegationPropertiesFormat |
FrontendIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of the load balancer probe. | FrontendIPConfigurationPropertiesFormat |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
FrontendIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
privateIPAddress | The private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The Private IP allocation method. | 'Dynamic' 'Static' |
publicIPAddress | The reference to the Public IP resource. | PublicIPAddress |
publicIPPrefix | The reference to the Public IP Prefix resource. | SubResource |
subnet | The reference to the subnet resource. | Subnet |
InboundNatRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer inbound nat rule. | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
Name | Description | Value |
---|---|---|
backendPort | The port used for the internal endpoint. Acceptable values range from 1 to 65535. | int |
enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | bool |
enableTcpReset | Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. | bool |
frontendIPConfiguration | A reference to frontend IP addresses. | SubResource |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. | int |
idleTimeoutInMinutes | The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. | int |
protocol | The reference to the transport protocol used by the load balancing rule. | 'All' 'Tcp' 'Udp' |
IpTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: FirstPartyUsage. | string |
tag | The value of the IP tag associated with the public IP. Example: SQL. | string |
Microsoft.Network/virtualNetworkTaps
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2019-11-01' |
location | Resource location. | string |
name | The resource name | string (required) |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.Network/virtualNetworkTaps' |
NetworkInterfaceIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Network interface IP configuration properties. | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | The reference to ApplicationGatewayBackendAddressPool resource. | ApplicationGatewayBackendAddressPool[] |
applicationSecurityGroups | Application security groups in which the IP configuration is included. | ApplicationSecurityGroup[] |
loadBalancerBackendAddressPools | The reference to LoadBalancerBackendAddressPool resource. | BackendAddressPool[] |
loadBalancerInboundNatRules | A list of references of LoadBalancerInboundNatRules. | InboundNatRule[] |
primary | Whether this is a primary customer address on the network interface. | bool |
privateIPAddress | Private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The private IP address allocation method. | 'Dynamic' 'Static' |
publicIPAddress | Public IP address bound to the IP configuration. | PublicIPAddress |
subnet | Subnet bound to the IP configuration. | Subnet |
virtualNetworkTaps | The reference to Virtual Network Taps. | VirtualNetworkTap[] |
NetworkSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the network security group. | NetworkSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
NetworkSecurityGroupPropertiesFormat
Name | Description | Value |
---|---|---|
securityRules | A collection of security rules of the network security group. | SecurityRule[] |
PublicIPAddress
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Public IP address properties. | PublicIPAddressPropertiesFormat |
sku | The public IP address SKU. | PublicIPAddressSku |
tags | Resource tags. | ResourceTags |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
PublicIPAddressDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
fqdn | The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
reverseFqdn | The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
Name | Description | Value |
---|---|---|
ddosSettings | The DDoS protection custom policy associated with the public IP address. | DdosSettings |
dnsSettings | The FQDN of the DNS record associated with the public IP address. | PublicIPAddressDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipAddress | The IP address associated with the public IP address resource. | string |
ipTags | The list of tags associated with the public IP address. | IpTag[] |
publicIPAddressVersion | The public IP address version. | 'IPv4' 'IPv6' |
publicIPAllocationMethod | The public IP address allocation method. | 'Dynamic' 'Static' |
publicIPPrefix | The Public IP Prefix this Public IP Address should be allocated from. | SubResource |
PublicIPAddressSku
Name | Description | Value |
---|---|---|
name | Name of a public IP address SKU. | 'Basic' 'Standard' |
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
Route
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the route. | RoutePropertiesFormat |
RoutePropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The destination CIDR to which the route applies. | string |
nextHopIpAddress | The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
nextHopType | The type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
RouteTable
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the route table. | RouteTablePropertiesFormat |
tags | Resource tags. | ResourceTags |
RouteTablePropertiesFormat
Name | Description | Value |
---|---|---|
disableBgpRoutePropagation | Whether to disable the routes learned by BGP on that route table. True means disable. | bool |
routes | Collection of routes contained within a route table. | Route[] |
SecurityRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the security rule. | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'Allow' 'Deny' (required) |
description | A description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationApplicationSecurityGroups | The application security group specified as destination. | ApplicationSecurityGroup[] |
destinationPortRange | The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Network protocol this rule applies to. | '*' 'Ah' 'Esp' 'Icmp' 'Tcp' 'Udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourceApplicationSecurityGroups | The application security group specified as source. | ApplicationSecurityGroup[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceDelegationPropertiesFormat
Name | Description | Value |
---|---|---|
serviceName | The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers). | string |
ServiceEndpointPolicy
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the service end point policy. | ServiceEndpointPolicyPropertiesFormat |
tags | Resource tags. | ResourceTags |
ServiceEndpointPolicyDefinition
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the service endpoint policy definition. | ServiceEndpointPolicyDefinitionPropertiesFormat |
ServiceEndpointPolicyDefinitionPropertiesFormat
Name | Description | Value |
---|---|---|
description | A description for this rule. Restricted to 140 chars. | string |
service | Service endpoint name. | string |
serviceResources | A list of service resources. | string[] |
ServiceEndpointPolicyPropertiesFormat
Name | Description | Value |
---|---|---|
serviceEndpointPolicyDefinitions | A collection of service endpoint policy definitions of the service endpoint policy. | ServiceEndpointPolicyDefinition[] |
ServiceEndpointPropertiesFormat
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string |
Subnet
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the subnet. | SubnetPropertiesFormat |
SubnetPropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The address prefix for the subnet. | string |
addressPrefixes | List of address prefixes for the subnet. | string[] |
delegations | An array of references to the delegations on the subnet. | Delegation[] |
natGateway | Nat gateway associated with this subnet. | SubResource |
networkSecurityGroup | The reference to the NetworkSecurityGroup resource. | NetworkSecurityGroup |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | string |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | string |
routeTable | The reference to the RouteTable resource. | RouteTable |
serviceEndpointPolicies | An array of service endpoint policies. | ServiceEndpointPolicy[] |
serviceEndpoints | An array of service endpoints. | ServiceEndpointPropertiesFormat[] |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkTap
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags. | ResourceTags |
VirtualNetworkTapPropertiesFormat
Name | Description | Value |
---|---|---|
destinationLoadBalancerFrontEndIPConfiguration | The reference to the private IP address on the internal Load Balancer that will receive the tap. | FrontendIPConfiguration |
destinationNetworkInterfaceIPConfiguration | The reference to the private IP Address of the collector nic that will receive the tap. | NetworkInterfaceIPConfiguration |
destinationPort | The VXLAN destination port that will receive the tapped traffic. | int |
Terraform (AzAPI provider) resource definition
The virtualNetworkTaps resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/virtualNetworkTaps resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/virtualNetworkTaps@2019-11-01"
name = "string"
location = "string"
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
destinationLoadBalancerFrontEndIPConfiguration = {
id = "string"
name = "string"
properties = {
privateIPAddress = "string"
privateIPAddressVersion = "string"
privateIPAllocationMethod = "string"
publicIPAddress = {
id = "string"
location = "string"
properties = {
ddosSettings = {
ddosCustomPolicy = {
id = "string"
}
protectedIP = bool
protectionCoverage = "string"
}
dnsSettings = {
domainNameLabel = "string"
fqdn = "string"
reverseFqdn = "string"
}
idleTimeoutInMinutes = int
ipAddress = "string"
ipTags = [
{
ipTagType = "string"
tag = "string"
}
]
publicIPAddressVersion = "string"
publicIPAllocationMethod = "string"
publicIPPrefix = {
id = "string"
}
}
sku = {
name = "string"
}
tags = {
{customized property} = "string"
}
zones = [
"string"
]
}
publicIPPrefix = {
id = "string"
}
subnet = {
id = "string"
name = "string"
properties = {
addressPrefix = "string"
addressPrefixes = [
"string"
]
delegations = [
{
id = "string"
name = "string"
properties = {
serviceName = "string"
}
}
]
natGateway = {
id = "string"
}
networkSecurityGroup = {
id = "string"
location = "string"
properties = {
securityRules = [
{
id = "string"
name = "string"
properties = {
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationAddressPrefixes = [
"string"
]
destinationApplicationSecurityGroups = [
{
id = "string"
location = "string"
properties = {
}
tags = {
{customized property} = "string"
}
}
]
destinationPortRange = "string"
destinationPortRanges = [
"string"
]
direction = "string"
priority = int
protocol = "string"
sourceAddressPrefix = "string"
sourceAddressPrefixes = [
"string"
]
sourceApplicationSecurityGroups = [
{
id = "string"
location = "string"
properties = {
}
tags = {
{customized property} = "string"
}
}
]
sourcePortRange = "string"
sourcePortRanges = [
"string"
]
}
}
]
}
tags = {
{customized property} = "string"
}
}
privateEndpointNetworkPolicies = "string"
privateLinkServiceNetworkPolicies = "string"
routeTable = {
id = "string"
location = "string"
properties = {
disableBgpRoutePropagation = bool
routes = [
{
id = "string"
name = "string"
properties = {
addressPrefix = "string"
nextHopIpAddress = "string"
nextHopType = "string"
}
}
]
}
tags = {
{customized property} = "string"
}
}
serviceEndpointPolicies = [
{
id = "string"
location = "string"
properties = {
serviceEndpointPolicyDefinitions = [
{
id = "string"
name = "string"
properties = {
description = "string"
service = "string"
serviceResources = [
"string"
]
}
}
]
}
tags = {
{customized property} = "string"
}
}
]
serviceEndpoints = [
{
locations = [
"string"
]
service = "string"
}
]
}
}
}
zones = [
"string"
]
}
destinationNetworkInterfaceIPConfiguration = {
id = "string"
name = "string"
properties = {
applicationGatewayBackendAddressPools = [
{
id = "string"
name = "string"
properties = {
backendAddresses = [
{
fqdn = "string"
ipAddress = "string"
}
]
}
}
]
applicationSecurityGroups = [
{
id = "string"
location = "string"
properties = {
}
tags = {
{customized property} = "string"
}
}
]
loadBalancerBackendAddressPools = [
{
id = "string"
name = "string"
properties = {
}
}
]
loadBalancerInboundNatRules = [
{
id = "string"
name = "string"
properties = {
backendPort = int
enableFloatingIP = bool
enableTcpReset = bool
frontendIPConfiguration = {
id = "string"
}
frontendPort = int
idleTimeoutInMinutes = int
protocol = "string"
}
}
]
primary = bool
privateIPAddress = "string"
privateIPAddressVersion = "string"
privateIPAllocationMethod = "string"
publicIPAddress = {
id = "string"
location = "string"
properties = {
ddosSettings = {
ddosCustomPolicy = {
id = "string"
}
protectedIP = bool
protectionCoverage = "string"
}
dnsSettings = {
domainNameLabel = "string"
fqdn = "string"
reverseFqdn = "string"
}
idleTimeoutInMinutes = int
ipAddress = "string"
ipTags = [
{
ipTagType = "string"
tag = "string"
}
]
publicIPAddressVersion = "string"
publicIPAllocationMethod = "string"
publicIPPrefix = {
id = "string"
}
}
sku = {
name = "string"
}
tags = {
{customized property} = "string"
}
zones = [
"string"
]
}
subnet = {
id = "string"
name = "string"
properties = {
addressPrefix = "string"
addressPrefixes = [
"string"
]
delegations = [
{
id = "string"
name = "string"
properties = {
serviceName = "string"
}
}
]
natGateway = {
id = "string"
}
networkSecurityGroup = {
id = "string"
location = "string"
properties = {
securityRules = [
{
id = "string"
name = "string"
properties = {
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationAddressPrefixes = [
"string"
]
destinationApplicationSecurityGroups = [
{
id = "string"
location = "string"
properties = {
}
tags = {
{customized property} = "string"
}
}
]
destinationPortRange = "string"
destinationPortRanges = [
"string"
]
direction = "string"
priority = int
protocol = "string"
sourceAddressPrefix = "string"
sourceAddressPrefixes = [
"string"
]
sourceApplicationSecurityGroups = [
{
id = "string"
location = "string"
properties = {
}
tags = {
{customized property} = "string"
}
}
]
sourcePortRange = "string"
sourcePortRanges = [
"string"
]
}
}
]
}
tags = {
{customized property} = "string"
}
}
privateEndpointNetworkPolicies = "string"
privateLinkServiceNetworkPolicies = "string"
routeTable = {
id = "string"
location = "string"
properties = {
disableBgpRoutePropagation = bool
routes = [
{
id = "string"
name = "string"
properties = {
addressPrefix = "string"
nextHopIpAddress = "string"
nextHopType = "string"
}
}
]
}
tags = {
{customized property} = "string"
}
}
serviceEndpointPolicies = [
{
id = "string"
location = "string"
properties = {
serviceEndpointPolicyDefinitions = [
{
id = "string"
name = "string"
properties = {
description = "string"
service = "string"
serviceResources = [
"string"
]
}
}
]
}
tags = {
{customized property} = "string"
}
}
]
serviceEndpoints = [
{
locations = [
"string"
]
service = "string"
}
]
}
}
virtualNetworkTaps = [
{
id = "string"
location = "string"
properties = ...
tags = {
{customized property} = "string"
}
}
]
}
}
destinationPort = int
}
})
}
Property values
ApplicationGatewayBackendAddress
Name | Description | Value |
---|---|---|
fqdn | Fully qualified domain name (FQDN). | string |
ipAddress | IP address. | string |
ApplicationGatewayBackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | Name of the backend address pool that is unique within an Application Gateway. | string |
properties | Properties of the application gateway backend address pool. | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
Name | Description | Value |
---|---|---|
backendAddresses | Backend addresses. | ApplicationGatewayBackendAddress[] |
ApplicationSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the application security group. | ApplicationSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
ApplicationSecurityGroupPropertiesFormat
Name | Description | Value |
---|
BackendAddressPool
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer backend address pool. | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
Name | Description | Value |
---|
DdosSettings
Name | Description | Value |
---|---|---|
ddosCustomPolicy | The DDoS custom policy associated with the public IP. | SubResource |
protectedIP | Enables DDoS protection on the public IP. | bool |
protectionCoverage | The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. | 'Basic' 'Standard' |
Delegation
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a subnet. This name can be used to access the resource. | string |
properties | Properties of the subnet. | ServiceDelegationPropertiesFormat |
FrontendIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of the load balancer probe. | FrontendIPConfigurationPropertiesFormat |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
FrontendIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
privateIPAddress | The private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The Private IP allocation method. | 'Dynamic' 'Static' |
publicIPAddress | The reference to the Public IP resource. | PublicIPAddress |
publicIPPrefix | The reference to the Public IP Prefix resource. | SubResource |
subnet | The reference to the subnet resource. | Subnet |
InboundNatRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource. | string |
properties | Properties of load balancer inbound nat rule. | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
Name | Description | Value |
---|---|---|
backendPort | The port used for the internal endpoint. Acceptable values range from 1 to 65535. | int |
enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | bool |
enableTcpReset | Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. | bool |
frontendIPConfiguration | A reference to frontend IP addresses. | SubResource |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. | int |
idleTimeoutInMinutes | The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. | int |
protocol | The reference to the transport protocol used by the load balancing rule. | 'All' 'Tcp' 'Udp' |
IpTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: FirstPartyUsage. | string |
tag | The value of the IP tag associated with the public IP. Example: SQL. | string |
Microsoft.Network/virtualNetworkTaps
Name | Description | Value |
---|---|---|
location | Resource location. | string |
name | The resource name | string (required) |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.Network/virtualNetworkTaps@2019-11-01" |
NetworkInterfaceIPConfiguration
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Network interface IP configuration properties. | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
Name | Description | Value |
---|---|---|
applicationGatewayBackendAddressPools | The reference to ApplicationGatewayBackendAddressPool resource. | ApplicationGatewayBackendAddressPool[] |
applicationSecurityGroups | Application security groups in which the IP configuration is included. | ApplicationSecurityGroup[] |
loadBalancerBackendAddressPools | The reference to LoadBalancerBackendAddressPool resource. | BackendAddressPool[] |
loadBalancerInboundNatRules | A list of references of LoadBalancerInboundNatRules. | InboundNatRule[] |
primary | Whether this is a primary customer address on the network interface. | bool |
privateIPAddress | Private IP address of the IP configuration. | string |
privateIPAddressVersion | Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4. | 'IPv4' 'IPv6' |
privateIPAllocationMethod | The private IP address allocation method. | 'Dynamic' 'Static' |
publicIPAddress | Public IP address bound to the IP configuration. | PublicIPAddress |
subnet | Subnet bound to the IP configuration. | Subnet |
virtualNetworkTaps | The reference to Virtual Network Taps. | VirtualNetworkTap[] |
NetworkSecurityGroup
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the network security group. | NetworkSecurityGroupPropertiesFormat |
tags | Resource tags. | ResourceTags |
NetworkSecurityGroupPropertiesFormat
Name | Description | Value |
---|---|---|
securityRules | A collection of security rules of the network security group. | SecurityRule[] |
PublicIPAddress
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Public IP address properties. | PublicIPAddressPropertiesFormat |
sku | The public IP address SKU. | PublicIPAddressSku |
tags | Resource tags. | ResourceTags |
zones | A list of availability zones denoting the IP allocated for the resource needs to come from. | string[] |
PublicIPAddressDnsSettings
Name | Description | Value |
---|---|---|
domainNameLabel | The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
fqdn | The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
reverseFqdn | The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
Name | Description | Value |
---|---|---|
ddosSettings | The DDoS protection custom policy associated with the public IP address. | DdosSettings |
dnsSettings | The FQDN of the DNS record associated with the public IP address. | PublicIPAddressDnsSettings |
idleTimeoutInMinutes | The idle timeout of the public IP address. | int |
ipAddress | The IP address associated with the public IP address resource. | string |
ipTags | The list of tags associated with the public IP address. | IpTag[] |
publicIPAddressVersion | The public IP address version. | 'IPv4' 'IPv6' |
publicIPAllocationMethod | The public IP address allocation method. | 'Dynamic' 'Static' |
publicIPPrefix | The Public IP Prefix this Public IP Address should be allocated from. | SubResource |
PublicIPAddressSku
Name | Description | Value |
---|---|---|
name | Name of a public IP address SKU. | 'Basic' 'Standard' |
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
ResourceTags
Name | Description | Value |
---|
Route
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the route. | RoutePropertiesFormat |
RoutePropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The destination CIDR to which the route applies. | string |
nextHopIpAddress | The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
nextHopType | The type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
RouteTable
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the route table. | RouteTablePropertiesFormat |
tags | Resource tags. | ResourceTags |
RouteTablePropertiesFormat
Name | Description | Value |
---|---|---|
disableBgpRoutePropagation | Whether to disable the routes learned by BGP on that route table. True means disable. | bool |
routes | Collection of routes contained within a route table. | Route[] |
SecurityRule
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the security rule. | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'Allow' 'Deny' (required) |
description | A description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationApplicationSecurityGroups | The application security group specified as destination. | ApplicationSecurityGroup[] |
destinationPortRange | The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Network protocol this rule applies to. | '*' 'Ah' 'Esp' 'Icmp' 'Tcp' 'Udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourceApplicationSecurityGroups | The application security group specified as source. | ApplicationSecurityGroup[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceDelegationPropertiesFormat
Name | Description | Value |
---|---|---|
serviceName | The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers). | string |
ServiceEndpointPolicy
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Properties of the service end point policy. | ServiceEndpointPolicyPropertiesFormat |
tags | Resource tags. | ResourceTags |
ServiceEndpointPolicyDefinition
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the service endpoint policy definition. | ServiceEndpointPolicyDefinitionPropertiesFormat |
ServiceEndpointPolicyDefinitionPropertiesFormat
Name | Description | Value |
---|---|---|
description | A description for this rule. Restricted to 140 chars. | string |
service | Service endpoint name. | string |
serviceResources | A list of service resources. | string[] |
ServiceEndpointPolicyPropertiesFormat
Name | Description | Value |
---|---|---|
serviceEndpointPolicyDefinitions | A collection of service endpoint policy definitions of the service endpoint policy. | ServiceEndpointPolicyDefinition[] |
ServiceEndpointPropertiesFormat
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string |
Subnet
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
properties | Properties of the subnet. | SubnetPropertiesFormat |
SubnetPropertiesFormat
Name | Description | Value |
---|---|---|
addressPrefix | The address prefix for the subnet. | string |
addressPrefixes | List of address prefixes for the subnet. | string[] |
delegations | An array of references to the delegations on the subnet. | Delegation[] |
natGateway | Nat gateway associated with this subnet. | SubResource |
networkSecurityGroup | The reference to the NetworkSecurityGroup resource. | NetworkSecurityGroup |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | string |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | string |
routeTable | The reference to the RouteTable resource. | RouteTable |
serviceEndpointPolicies | An array of service endpoint policies. | ServiceEndpointPolicy[] |
serviceEndpoints | An array of service endpoints. | ServiceEndpointPropertiesFormat[] |
SubResource
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
VirtualNetworkTap
Name | Description | Value |
---|---|---|
id | Resource ID. | string |
location | Resource location. | string |
properties | Virtual Network Tap Properties. | VirtualNetworkTapPropertiesFormat |
tags | Resource tags. | ResourceTags |
VirtualNetworkTapPropertiesFormat
Name | Description | Value |
---|---|---|
destinationLoadBalancerFrontEndIPConfiguration | The reference to the private IP address on the internal Load Balancer that will receive the tap. | FrontendIPConfiguration |
destinationNetworkInterfaceIPConfiguration | The reference to the private IP Address of the collector nic that will receive the tap. | NetworkInterfaceIPConfiguration |
destinationPort | The VXLAN destination port that will receive the tapped traffic. | int |