Load Balancer Backend Address Pools - Create Or Update

Creates or updates a load balancer backend address pool.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/loadBalancers/{loadBalancerName}/backendAddressPools/{backendAddressPoolName}?api-version=2024-05-01

URI Parameters

Name In Required Type Description
backendAddressPoolName
path True

string

The name of the backend address pool.

loadBalancerName
path True

string

The name of the load balancer.

resourceGroupName
path True

string

The name of the resource group.

subscriptionId
path True

string

The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

api-version
query True

string

Client API version.

Request Body

Name Type Description
id

string

Resource ID.

name

string

The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource.

properties.drainPeriodInSeconds

integer

Amount of seconds Load Balancer waits for before sending RESET to client and backend address.

properties.loadBalancerBackendAddresses

LoadBalancerBackendAddress[]

An array of backend addresses.

properties.location

string

The location of the backend address pool.

properties.syncMode

SyncMode

Backend address synchronous mode for the backend pool

properties.tunnelInterfaces

GatewayLoadBalancerTunnelInterface[]

An array of gateway load balancer tunnel interfaces.

properties.virtualNetwork

SubResource

A reference to a virtual network.

Responses

Name Type Description
200 OK

BackendAddressPool

Update successful. The operation returns the resulting BackendAddressPool resource.

201 Created

BackendAddressPool

Create successful. The operation returns the resulting BackendAddressPool resource.

Other Status Codes

CloudError

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Update load balancer backend pool with backend addresses containing virtual network and IP address.

Sample request

PUT https://management.azure.com/subscriptions/subid/resourceGroups/testrg/providers/Microsoft.Network/loadBalancers/lb/backendAddressPools/backend?api-version=2024-05-01

{
  "properties": {
    "loadBalancerBackendAddresses": [
      {
        "name": "address1",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.4"
        }
      },
      {
        "name": "address2",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.5"
        }
      }
    ]
  }
}

Sample response

{
  "name": "backend",
  "id": "/subscriptions/subid/resourceGroups/testrg/providers/Microsoft.Network/loadBalancers/lb/backendAddressPools/backend",
  "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
  "type": "Microsoft.Network/loadBalancers/backendAddressPools",
  "properties": {
    "provisioningState": "Succeeded",
    "loadBalancerBackendAddresses": [
      {
        "name": "address1",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.4"
        }
      },
      {
        "name": "address2",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.5"
        }
      }
    ],
    "loadBalancingRules": [
      {
        "id": "/subscriptions/subid/resourceGroups/testrg/providers/Microsoft.Network/loadBalancers/lb/loadBalancingRules/rulelb"
      }
    ]
  }
}
{
  "name": "backend",
  "id": "/subscriptions/subid/resourceGroups/testrg/providers/Microsoft.Network/loadBalancers/lb/backendAddressPools/backend",
  "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
  "type": "Microsoft.Network/loadBalancers/backendAddressPools",
  "properties": {
    "provisioningState": "Succeeded",
    "loadBalancerBackendAddresses": [
      {
        "name": "address1",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.4"
        }
      },
      {
        "name": "address2",
        "properties": {
          "virtualNetwork": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnetlb"
          },
          "ipAddress": "10.0.0.5"
        }
      }
    ],
    "loadBalancingRules": [
      {
        "id": "/subscriptions/subid/resourceGroups/testrg/providers/Microsoft.Network/loadBalancers/lb/loadBalancingRules/rulelb"
      }
    ]
  }
}

Definitions

Name Description
ApplicationGatewayBackendAddress

Backend address of an application gateway.

ApplicationGatewayBackendAddressPool

Backend Address Pool of an application gateway.

ApplicationGatewayIPConfiguration

IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed.

ApplicationSecurityGroup

An application security group in a resource group.

AutoApproval

The auto-approval list of the private link service.

BackendAddressPool

Pool of backend IP addresses.

CloudError

An error response from the service.

CloudErrorBody

An error response from the service.

CustomDnsConfigPropertiesFormat

Contains custom Dns resolution configuration from customer.

DdosSettings

Contains the DDoS protection settings of the public IP.

DdosSettingsProtectionMode

The DDoS protection mode of the public IP

Delegation

Details the service to which the subnet is delegated.

DeleteOptions

Specify what happens to the public IP address when the VM using it is deleted

ExtendedLocation

ExtendedLocation complex type.

ExtendedLocationTypes

The type of the extended location.

FlowLog

A flow log resource.

FlowLogFormatParameters

Parameters that define the flow log format.

FlowLogFormatType

The file type of flow log.

FrontendIPConfiguration

Frontend IP address of the load balancer.

GatewayLoadBalancerTunnelInterface

Gateway load balancer tunnel interface of a load balancer backend address pool.

GatewayLoadBalancerTunnelInterfaceType

Traffic type of gateway load balancer tunnel interface.

GatewayLoadBalancerTunnelProtocol

Protocol of gateway load balancer tunnel interface.

InboundNatRule

Inbound NAT rule of the load balancer.

IPAllocationMethod

IP address allocation method.

IpamPoolPrefixAllocation

IpamPool prefix allocation reference.

IPConfiguration

IP configuration.

IPConfigurationProfile

IP configuration profile child resource.

IpTag

Contains the IpTag associated with the object.

IPVersion

IP address version.

LoadBalancerBackendAddress

Load balancer backend addresses.

LoadBalancerBackendAddressAdminState

A list of administrative states which once set can override health probe so that Load Balancer will always forward new connections to backend, or deny new connections and reset existing connections.

ManagedServiceIdentity

Identity for the resource.

NatGateway

Nat Gateway resource.

NatGatewaySku

SKU of nat gateway.

NatGatewaySkuName

Name of Nat Gateway SKU.

NatRulePortMapping

Individual port mappings for inbound NAT rule created for backend pool.

NetworkInterface

A network interface in a resource group.

NetworkInterfaceAuxiliaryMode

Auxiliary mode of Network Interface resource.

NetworkInterfaceAuxiliarySku

Auxiliary sku of Network Interface resource.

NetworkInterfaceDnsSettings

DNS settings of a network interface.

NetworkInterfaceIPConfiguration

IPConfiguration in a network interface.

NetworkInterfaceIPConfigurationPrivateLinkConnectionProperties

PrivateLinkConnection properties for the network interface.

NetworkInterfaceMigrationPhase

Migration phase of Network Interface resource.

NetworkInterfaceNicType

Type of Network Interface resource.

NetworkInterfaceTapConfiguration

Tap configuration in a Network Interface.

NetworkSecurityGroup

NetworkSecurityGroup resource.

PrivateEndpoint

Private endpoint resource.

PrivateEndpointConnection

PrivateEndpointConnection resource.

PrivateEndpointIPConfiguration

An IP Configuration of the private endpoint.

PrivateLinkService

Private link service resource.

PrivateLinkServiceConnection

PrivateLinkServiceConnection resource.

PrivateLinkServiceConnectionState

A collection of information about the state of the connection between service consumer and provider.

PrivateLinkServiceIpConfiguration

The private link service ip configuration.

ProvisioningState

The current provisioning state.

PublicIPAddress

Public IP address resource.

PublicIPAddressDnsSettings

Contains FQDN of the DNS record associated with the public IP address.

PublicIpAddressDnsSettingsDomainNameLabelScope

The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN.

PublicIPAddressMigrationPhase

Migration phase of Public IP Address.

PublicIPAddressSku

SKU of a public IP address.

PublicIPAddressSkuName

Name of a public IP address SKU.

PublicIPAddressSkuTier

Tier of a public IP address SKU.

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

ResourceNavigationLink

ResourceNavigationLink resource.

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

Route

Route resource.

RouteNextHopType

The type of Azure hop the packet should be sent to.

RouteTable

Route table resource.

SecurityRule

Network security rule.

SecurityRuleAccess

Whether network traffic is allowed or denied.

SecurityRuleDirection

The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.

SecurityRuleProtocol

Network protocol this rule applies to.

ServiceAssociationLink

ServiceAssociationLink resource.

ServiceEndpointPolicy

Service End point policy resource.

ServiceEndpointPolicyDefinition

Service Endpoint policy definitions.

ServiceEndpointPropertiesFormat

The service endpoint properties.

SharingScope

Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.

Subnet

Subnet in a virtual network resource.

SubResource

Reference to another subresource.

SyncMode

Backend address synchronous mode for the backend pool

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

TransportProtocol

The transport protocol for the endpoint.

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

VirtualNetworkPrivateEndpointNetworkPolicies

Enable or Disable apply network policies on private end point in the subnet.

VirtualNetworkPrivateLinkServiceNetworkPolicies

Enable or Disable apply network policies on private link service in the subnet.

VirtualNetworkTap

Virtual Network Tap resource.

Visibility

The visibility list of the private link service.

ApplicationGatewayBackendAddress

Backend address of an application gateway.

Name Type Description
fqdn

string

Fully qualified domain name (FQDN).

ipAddress

string

IP address.

ApplicationGatewayBackendAddressPool

Backend Address Pool of an application gateway.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

Name of the backend address pool that is unique within an Application Gateway.

properties.backendAddresses

ApplicationGatewayBackendAddress[]

Backend addresses.

properties.backendIPConfigurations

NetworkInterfaceIPConfiguration[]

Collection of references to IPs defined in network interfaces.

properties.provisioningState

ProvisioningState

The provisioning state of the backend address pool resource.

type

string

Type of the resource.

ApplicationGatewayIPConfiguration

IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

Name of the IP configuration that is unique within an Application Gateway.

properties.provisioningState

ProvisioningState

The provisioning state of the application gateway IP configuration resource.

properties.subnet

SubResource

Reference to the subnet resource. A subnet from where application gateway gets its private address.

type

string

Type of the resource.

ApplicationSecurityGroup

An application security group in a resource group.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.provisioningState

ProvisioningState

The provisioning state of the application security group resource.

properties.resourceGuid

string

The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.

tags

object

Resource tags.

type

string

Resource type.

AutoApproval

The auto-approval list of the private link service.

Name Type Description
subscriptions

string[]

The list of subscriptions.

BackendAddressPool

Pool of backend IP addresses.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource.

properties.backendIPConfigurations

NetworkInterfaceIPConfiguration[]

An array of references to IP addresses defined in network interfaces.

properties.drainPeriodInSeconds

integer

Amount of seconds Load Balancer waits for before sending RESET to client and backend address.

properties.inboundNatRules

SubResource[]

An array of references to inbound NAT rules that use this backend address pool.

properties.loadBalancerBackendAddresses

LoadBalancerBackendAddress[]

An array of backend addresses.

properties.loadBalancingRules

SubResource[]

An array of references to load balancing rules that use this backend address pool.

properties.location

string

The location of the backend address pool.

properties.outboundRule

SubResource

A reference to an outbound rule that uses this backend address pool.

properties.outboundRules

SubResource[]

An array of references to outbound rules that use this backend address pool.

properties.provisioningState

ProvisioningState

The provisioning state of the backend address pool resource.

properties.syncMode

SyncMode

Backend address synchronous mode for the backend pool

properties.tunnelInterfaces

GatewayLoadBalancerTunnelInterface[]

An array of gateway load balancer tunnel interfaces.

properties.virtualNetwork

SubResource

A reference to a virtual network.

type

string

Type of the resource.

CloudError

An error response from the service.

Name Type Description
error

CloudErrorBody

Cloud error body.

CloudErrorBody

An error response from the service.

Name Type Description
code

string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

details

CloudErrorBody[]

A list of additional details about the error.

message

string

A message describing the error, intended to be suitable for display in a user interface.

target

string

The target of the particular error. For example, the name of the property in error.

CustomDnsConfigPropertiesFormat

Contains custom Dns resolution configuration from customer.

Name Type Description
fqdn

string

Fqdn that resolves to private endpoint ip address.

ipAddresses

string[]

A list of private ip addresses of the private endpoint.

DdosSettings

Contains the DDoS protection settings of the public IP.

Name Type Description
ddosProtectionPlan

SubResource

The DDoS protection plan associated with the public IP. Can only be set if ProtectionMode is Enabled

protectionMode

DdosSettingsProtectionMode

The DDoS protection mode of the public IP

DdosSettingsProtectionMode

The DDoS protection mode of the public IP

Name Type Description
Disabled

string

Enabled

string

VirtualNetworkInherited

string

Delegation

Details the service to which the subnet is delegated.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a subnet. This name can be used to access the resource.

properties.actions

string[]

The actions permitted to the service upon delegation.

properties.provisioningState

ProvisioningState

The provisioning state of the service delegation resource.

properties.serviceName

string

The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).

type

string

Resource type.

DeleteOptions

Specify what happens to the public IP address when the VM using it is deleted

Name Type Description
Delete

string

Detach

string

ExtendedLocation

ExtendedLocation complex type.

Name Type Description
name

string

The name of the extended location.

type

ExtendedLocationTypes

The type of the extended location.

ExtendedLocationTypes

The type of the extended location.

Name Type Description
EdgeZone

string

FlowLog

A flow log resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

identity

ManagedServiceIdentity

FlowLog resource Managed Identity

location

string

Resource location.

name

string

Resource name.

properties.enabled

boolean

Flag to enable/disable flow logging.

properties.enabledFilteringCriteria

string

Optional field to filter network traffic logs based on SrcIP, SrcPort, DstIP, DstPort, Protocol, Encryption, Direction and Action. If not specified, all network traffic will be logged.

properties.flowAnalyticsConfiguration

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

properties.format

FlowLogFormatParameters

Parameters that define the flow log format.

properties.provisioningState

ProvisioningState

The provisioning state of the flow log.

properties.retentionPolicy

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

properties.storageId

string

ID of the storage account which is used to store the flow log.

properties.targetResourceGuid

string

Guid of network security group to which flow log will be applied.

properties.targetResourceId

string

ID of network security group to which flow log will be applied.

tags

object

Resource tags.

type

string

Resource type.

FlowLogFormatParameters

Parameters that define the flow log format.

Name Type Default value Description
type

FlowLogFormatType

The file type of flow log.

version

integer

0

The version (revision) of the flow log.

FlowLogFormatType

The file type of flow log.

Name Type Description
JSON

string

FrontendIPConfiguration

Frontend IP address of the load balancer.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource.

properties.gatewayLoadBalancer

SubResource

The reference to gateway load balancer frontend IP.

properties.inboundNatPools

SubResource[]

An array of references to inbound pools that use this frontend IP.

properties.inboundNatRules

SubResource[]

An array of references to inbound rules that use this frontend IP.

properties.loadBalancingRules

SubResource[]

An array of references to load balancing rules that use this frontend IP.

properties.outboundRules

SubResource[]

An array of references to outbound rules that use this frontend IP.

properties.privateIPAddress

string

The private IP address of the IP configuration.

properties.privateIPAddressVersion

IPVersion

Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4.

properties.privateIPAllocationMethod

IPAllocationMethod

The Private IP allocation method.

properties.provisioningState

ProvisioningState

The provisioning state of the frontend IP configuration resource.

properties.publicIPAddress

PublicIPAddress

The reference to the Public IP resource.

properties.publicIPPrefix

SubResource

The reference to the Public IP Prefix resource.

properties.subnet

Subnet

The reference to the subnet resource.

type

string

Type of the resource.

zones

string[]

A list of availability zones denoting the IP allocated for the resource needs to come from.

GatewayLoadBalancerTunnelInterface

Gateway load balancer tunnel interface of a load balancer backend address pool.

Name Type Description
identifier

integer

Identifier of gateway load balancer tunnel interface.

port

integer

Port of gateway load balancer tunnel interface.

protocol

GatewayLoadBalancerTunnelProtocol

Protocol of gateway load balancer tunnel interface.

type

GatewayLoadBalancerTunnelInterfaceType

Traffic type of gateway load balancer tunnel interface.

GatewayLoadBalancerTunnelInterfaceType

Traffic type of gateway load balancer tunnel interface.

Name Type Description
External

string

Internal

string

None

string

GatewayLoadBalancerTunnelProtocol

Protocol of gateway load balancer tunnel interface.

Name Type Description
Native

string

None

string

VXLAN

string

InboundNatRule

Inbound NAT rule of the load balancer.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource.

properties.backendAddressPool

SubResource

A reference to backendAddressPool resource.

properties.backendIPConfiguration

NetworkInterfaceIPConfiguration

A reference to a private IP address defined on a network interface of a VM. Traffic sent to the frontend port of each of the frontend IP configurations is forwarded to the backend IP.

properties.backendPort

integer

The port used for the internal endpoint. Acceptable values range from 1 to 65535.

properties.enableFloatingIP

boolean

Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.

properties.enableTcpReset

boolean

Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.

properties.frontendIPConfiguration

SubResource

A reference to frontend IP addresses.

properties.frontendPort

integer

The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.

properties.frontendPortRangeEnd

integer

The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534.

properties.frontendPortRangeStart

integer

The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534.

properties.idleTimeoutInMinutes

integer

The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.

properties.protocol

TransportProtocol

The reference to the transport protocol used by the load balancing rule.

properties.provisioningState

ProvisioningState

The provisioning state of the inbound NAT rule resource.

type

string

Type of the resource.

IPAllocationMethod

IP address allocation method.

Name Type Description
Dynamic

string

Static

string

IpamPoolPrefixAllocation

IpamPool prefix allocation reference.

Name Type Description
allocatedAddressPrefixes

string[]

List of assigned IP address prefixes in the IpamPool of the associated resource.

numberOfIpAddresses

string

Number of IP addresses to allocate.

pool.id

string

Resource id of the associated Azure IpamPool resource.

IPConfiguration

IP configuration.

Name Type Default value Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.privateIPAddress

string

The private IP address of the IP configuration.

properties.privateIPAllocationMethod

IPAllocationMethod

Dynamic

The private IP address allocation method.

properties.provisioningState

ProvisioningState

The provisioning state of the IP configuration resource.

properties.publicIPAddress

PublicIPAddress

The reference to the public IP resource.

properties.subnet

Subnet

The reference to the subnet resource.

IPConfigurationProfile

IP configuration profile child resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource. This name can be used to access the resource.

properties.provisioningState

ProvisioningState

The provisioning state of the IP configuration profile resource.

properties.subnet

Subnet

The reference to the subnet resource to create a container network interface ip configuration.

type

string

Sub Resource type.

IpTag

Contains the IpTag associated with the object.

Name Type Description
ipTagType

string

The IP tag type. Example: FirstPartyUsage.

tag

string

The value of the IP tag associated with the public IP. Example: SQL.

IPVersion

IP address version.

Name Type Description
IPv4

string

IPv6

string

LoadBalancerBackendAddress

Load balancer backend addresses.

Name Type Description
name

string

Name of the backend address.

properties.adminState

LoadBalancerBackendAddressAdminState

A list of administrative states which once set can override health probe so that Load Balancer will always forward new connections to backend, or deny new connections and reset existing connections.

properties.inboundNatRulesPortMapping

NatRulePortMapping[]

Collection of inbound NAT rule port mappings.

properties.ipAddress

string

IP Address belonging to the referenced virtual network.

properties.loadBalancerFrontendIPConfiguration

SubResource

Reference to the frontend ip address configuration defined in regional loadbalancer.

properties.networkInterfaceIPConfiguration

SubResource

Reference to IP address defined in network interfaces.

properties.subnet

SubResource

Reference to an existing subnet.

properties.virtualNetwork

SubResource

Reference to an existing virtual network.

LoadBalancerBackendAddressAdminState

A list of administrative states which once set can override health probe so that Load Balancer will always forward new connections to backend, or deny new connections and reset existing connections.

Name Type Description
Down

string

None

string

Up

string

ManagedServiceIdentity

Identity for the resource.

Name Type Description
principalId

string

The principal id of the system assigned identity. This property will only be provided for a system assigned identity.

tenantId

string

The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.

type

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

userAssignedIdentities

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

NatGateway

Nat Gateway resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.idleTimeoutInMinutes

integer

The idle timeout of the nat gateway.

properties.provisioningState

ProvisioningState

The provisioning state of the NAT gateway resource.

properties.publicIpAddresses

SubResource[]

An array of public ip addresses associated with the nat gateway resource.

properties.publicIpPrefixes

SubResource[]

An array of public ip prefixes associated with the nat gateway resource.

properties.resourceGuid

string

The resource GUID property of the NAT gateway resource.

properties.subnets

SubResource[]

An array of references to the subnets using this nat gateway resource.

sku

NatGatewaySku

The nat gateway SKU.

tags

object

Resource tags.

type

string

Resource type.

zones

string[]

A list of availability zones denoting the zone in which Nat Gateway should be deployed.

NatGatewaySku

SKU of nat gateway.

Name Type Description
name

NatGatewaySkuName

Name of Nat Gateway SKU.

NatGatewaySkuName

Name of Nat Gateway SKU.

Name Type Description
Standard

string

NatRulePortMapping

Individual port mappings for inbound NAT rule created for backend pool.

Name Type Description
backendPort

integer

Backend port.

frontendPort

integer

Frontend port.

inboundNatRuleName

string

Name of inbound NAT rule.

NetworkInterface

A network interface in a resource group.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

extendedLocation

ExtendedLocation

The extended location of the network interface.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.auxiliaryMode

NetworkInterfaceAuxiliaryMode

Auxiliary mode of Network Interface resource.

properties.auxiliarySku

NetworkInterfaceAuxiliarySku

Auxiliary sku of Network Interface resource.

properties.defaultOutboundConnectivityEnabled

boolean

Whether default outbound connectivity for nic was configured or not.

properties.disableTcpStateTracking

boolean

Indicates whether to disable tcp state tracking.

properties.dnsSettings

NetworkInterfaceDnsSettings

The DNS settings in network interface.

properties.dscpConfiguration

SubResource

A reference to the dscp configuration to which the network interface is linked.

properties.enableAcceleratedNetworking

boolean

If the network interface is configured for accelerated networking. Not applicable to VM sizes which require accelerated networking.

properties.enableIPForwarding

boolean

Indicates whether IP forwarding is enabled on this network interface.

properties.hostedWorkloads

string[]

A list of references to linked BareMetal resources.

properties.ipConfigurations

NetworkInterfaceIPConfiguration[]

A list of IPConfigurations of the network interface.

properties.macAddress

string

The MAC address of the network interface.

properties.migrationPhase

NetworkInterfaceMigrationPhase

Migration phase of Network Interface resource.

properties.networkSecurityGroup

NetworkSecurityGroup

The reference to the NetworkSecurityGroup resource.

properties.nicType

NetworkInterfaceNicType

Type of Network Interface resource.

properties.primary

boolean

Whether this is a primary network interface on a virtual machine.

properties.privateEndpoint

PrivateEndpoint

A reference to the private endpoint to which the network interface is linked.

properties.privateLinkService

PrivateLinkService

Privatelinkservice of the network interface resource.

properties.provisioningState

ProvisioningState

The provisioning state of the network interface resource.

properties.resourceGuid

string

The resource GUID property of the network interface resource.

properties.tapConfigurations

NetworkInterfaceTapConfiguration[]

A list of TapConfigurations of the network interface.

properties.virtualMachine

SubResource

The reference to a virtual machine.

properties.vnetEncryptionSupported

boolean

Whether the virtual machine this nic is attached to supports encryption.

properties.workloadType

string

WorkloadType of the NetworkInterface for BareMetal resources

tags

object

Resource tags.

type

string

Resource type.

NetworkInterfaceAuxiliaryMode

Auxiliary mode of Network Interface resource.

Name Type Description
AcceleratedConnections

string

Floating

string

MaxConnections

string

None

string

NetworkInterfaceAuxiliarySku

Auxiliary sku of Network Interface resource.

Name Type Description
A1

string

A2

string

A4

string

A8

string

None

string

NetworkInterfaceDnsSettings

DNS settings of a network interface.

Name Type Description
appliedDnsServers

string[]

If the VM that uses this NIC is part of an Availability Set, then this list will have the union of all DNS servers from all NICs that are part of the Availability Set. This property is what is configured on each of those VMs.

dnsServers

string[]

List of DNS servers IP addresses. Use 'AzureProvidedDNS' to switch to azure provided DNS resolution. 'AzureProvidedDNS' value cannot be combined with other IPs, it must be the only value in dnsServers collection.

internalDnsNameLabel

string

Relative DNS name for this NIC used for internal communications between VMs in the same virtual network.

internalDomainNameSuffix

string

Even if internalDnsNameLabel is not specified, a DNS entry is created for the primary NIC of the VM. This DNS name can be constructed by concatenating the VM name with the value of internalDomainNameSuffix.

internalFqdn

string

Fully qualified DNS name supporting internal communications between VMs in the same virtual network.

NetworkInterfaceIPConfiguration

IPConfiguration in a network interface.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.applicationGatewayBackendAddressPools

ApplicationGatewayBackendAddressPool[]

The reference to ApplicationGatewayBackendAddressPool resource.

properties.applicationSecurityGroups

ApplicationSecurityGroup[]

Application security groups in which the IP configuration is included.

properties.gatewayLoadBalancer

SubResource

The reference to gateway load balancer frontend IP.

properties.loadBalancerBackendAddressPools

BackendAddressPool[]

The reference to LoadBalancerBackendAddressPool resource.

properties.loadBalancerInboundNatRules

InboundNatRule[]

A list of references of LoadBalancerInboundNatRules.

properties.primary

boolean

Whether this is a primary customer address on the network interface.

properties.privateIPAddress

string

Private IP address of the IP configuration. It can be a single IP address or a CIDR block in the format

/.

properties.privateIPAddressPrefixLength

integer

The private IP address prefix length. If specified and the allocation method is dynamic, the service will allocate a CIDR block instead of a single IP address.

properties.privateIPAddressVersion

IPVersion

Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4.

properties.privateIPAllocationMethod

IPAllocationMethod

The private IP address allocation method.

properties.privateLinkConnectionProperties

NetworkInterfaceIPConfigurationPrivateLinkConnectionProperties

PrivateLinkConnection properties for the network interface.

properties.provisioningState

ProvisioningState

The provisioning state of the network interface IP configuration.

properties.publicIPAddress

PublicIPAddress

Public IP address bound to the IP configuration.

properties.subnet

Subnet

Subnet bound to the IP configuration.

properties.virtualNetworkTaps

VirtualNetworkTap[]

The reference to Virtual Network Taps.

type

string

Resource type.

NetworkInterfaceIPConfigurationPrivateLinkConnectionProperties

PrivateLinkConnection properties for the network interface.

Name Type Description
fqdns

string[]

List of FQDNs for current private link connection.

groupId

string

The group ID for current private link connection.

requiredMemberName

string

The required member name for current private link connection.

NetworkInterfaceMigrationPhase

Migration phase of Network Interface resource.

Name Type Description
Abort

string

Commit

string

Committed

string

None

string

Prepare

string

NetworkInterfaceNicType

Type of Network Interface resource.

Name Type Description
Elastic

string

Standard

string

NetworkInterfaceTapConfiguration

Tap configuration in a Network Interface.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.provisioningState

ProvisioningState

The provisioning state of the network interface tap configuration resource.

properties.virtualNetworkTap

VirtualNetworkTap

The reference to the Virtual Network Tap resource.

type

string

Sub Resource type.

NetworkSecurityGroup

NetworkSecurityGroup resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.defaultSecurityRules

SecurityRule[]

The default security rules of network security group.

properties.flowLogs

FlowLog[]

A collection of references to flow log resources.

properties.flushConnection

boolean

When enabled, flows created from Network Security Group connections will be re-evaluated when rules are updates. Initial enablement will trigger re-evaluation.

properties.networkInterfaces

NetworkInterface[]

A collection of references to network interfaces.

properties.provisioningState

ProvisioningState

The provisioning state of the network security group resource.

properties.resourceGuid

string

The resource GUID property of the network security group resource.

properties.securityRules

SecurityRule[]

A collection of security rules of the network security group.

properties.subnets

Subnet[]

A collection of references to subnets.

tags

object

Resource tags.

type

string

Resource type.

PrivateEndpoint

Private endpoint resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

extendedLocation

ExtendedLocation

The extended location of the load balancer.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.applicationSecurityGroups

ApplicationSecurityGroup[]

Application security groups in which the private endpoint IP configuration is included.

properties.customDnsConfigs

CustomDnsConfigPropertiesFormat[]

An array of custom dns configurations.

properties.customNetworkInterfaceName

string

The custom name of the network interface attached to the private endpoint.

properties.ipConfigurations

PrivateEndpointIPConfiguration[]

A list of IP configurations of the private endpoint. This will be used to map to the First Party Service's endpoints.

properties.manualPrivateLinkServiceConnections

PrivateLinkServiceConnection[]

A grouping of information about the connection to the remote resource. Used when the network admin does not have access to approve connections to the remote resource.

properties.networkInterfaces

NetworkInterface[]

An array of references to the network interfaces created for this private endpoint.

properties.privateLinkServiceConnections

PrivateLinkServiceConnection[]

A grouping of information about the connection to the remote resource.

properties.provisioningState

ProvisioningState

The provisioning state of the private endpoint resource.

properties.subnet

Subnet

The ID of the subnet from which the private IP will be allocated.

tags

object

Resource tags.

type

string

Resource type.

PrivateEndpointConnection

PrivateEndpointConnection resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.linkIdentifier

string

The consumer link id.

properties.privateEndpoint

PrivateEndpoint

The resource of private end point.

properties.privateEndpointLocation

string

The location of the private endpoint.

properties.privateLinkServiceConnectionState

PrivateLinkServiceConnectionState

A collection of information about the state of the connection between service consumer and provider.

properties.provisioningState

ProvisioningState

The provisioning state of the private endpoint connection resource.

type

string

The resource type.

PrivateEndpointIPConfiguration

An IP Configuration of the private endpoint.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

name

string

The name of the resource that is unique within a resource group.

properties.groupId

string

The ID of a group obtained from the remote resource that this private endpoint should connect to.

properties.memberName

string

The member name of a group obtained from the remote resource that this private endpoint should connect to.

properties.privateIPAddress

string

A private ip address obtained from the private endpoint's subnet.

type

string

The resource type.

PrivateLinkService

Private link service resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

extendedLocation

ExtendedLocation

The extended location of the load balancer.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.alias

string

The alias of the private link service.

properties.autoApproval

AutoApproval

The auto-approval list of the private link service.

properties.destinationIPAddress

string

The destination IP address of the private link service.

properties.enableProxyProtocol

boolean

Whether the private link service is enabled for proxy protocol or not.

properties.fqdns

string[]

The list of Fqdn.

properties.ipConfigurations

PrivateLinkServiceIpConfiguration[]

An array of private link service IP configurations.

properties.loadBalancerFrontendIpConfigurations

FrontendIPConfiguration[]

An array of references to the load balancer IP configurations.

properties.networkInterfaces

NetworkInterface[]

An array of references to the network interfaces created for this private link service.

properties.privateEndpointConnections

PrivateEndpointConnection[]

An array of list about connections to the private endpoint.

properties.provisioningState

ProvisioningState

The provisioning state of the private link service resource.

properties.visibility

Visibility

The visibility list of the private link service.

tags

object

Resource tags.

type

string

Resource type.

PrivateLinkServiceConnection

PrivateLinkServiceConnection resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.groupIds

string[]

The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.

properties.privateLinkServiceConnectionState

PrivateLinkServiceConnectionState

A collection of read-only information about the state of the connection to the remote resource.

properties.privateLinkServiceId

string

The resource id of private link service.

properties.provisioningState

ProvisioningState

The provisioning state of the private link service connection resource.

properties.requestMessage

string

A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.

type

string

The resource type.

PrivateLinkServiceConnectionState

A collection of information about the state of the connection between service consumer and provider.

Name Type Description
actionsRequired

string

A message indicating if changes on the service provider require any updates on the consumer.

description

string

The reason for approval/rejection of the connection.

status

string

Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.

PrivateLinkServiceIpConfiguration

The private link service ip configuration.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of private link service ip configuration.

properties.primary

boolean

Whether the ip configuration is primary or not.

properties.privateIPAddress

string

The private IP address of the IP configuration.

properties.privateIPAddressVersion

IPVersion

Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4.

properties.privateIPAllocationMethod

IPAllocationMethod

The private IP address allocation method.

properties.provisioningState

ProvisioningState

The provisioning state of the private link service IP configuration resource.

properties.subnet

Subnet

The reference to the subnet resource.

type

string

The resource type.

ProvisioningState

The current provisioning state.

Name Type Description
Deleting

string

Failed

string

Succeeded

string

Updating

string

PublicIPAddress

Public IP address resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

extendedLocation

ExtendedLocation

The extended location of the public ip address.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.ddosSettings

DdosSettings

The DDoS protection custom policy associated with the public IP address.

properties.deleteOption

DeleteOptions

Specify what happens to the public IP address when the VM using it is deleted

properties.dnsSettings

PublicIPAddressDnsSettings

The FQDN of the DNS record associated with the public IP address.

properties.idleTimeoutInMinutes

integer

The idle timeout of the public IP address.

properties.ipAddress

string

The IP address associated with the public IP address resource.

properties.ipConfiguration

IPConfiguration

The IP configuration associated with the public IP address.

properties.ipTags

IpTag[]

The list of tags associated with the public IP address.

properties.linkedPublicIPAddress

PublicIPAddress

The linked public IP address of the public IP address resource.

properties.migrationPhase

PublicIPAddressMigrationPhase

Migration phase of Public IP Address.

properties.natGateway

NatGateway

The NatGateway for the Public IP address.

properties.provisioningState

ProvisioningState

The provisioning state of the public IP address resource.

properties.publicIPAddressVersion

IPVersion

The public IP address version.

properties.publicIPAllocationMethod

IPAllocationMethod

The public IP address allocation method.

properties.publicIPPrefix

SubResource

The Public IP Prefix this Public IP Address should be allocated from.

properties.resourceGuid

string

The resource GUID property of the public IP address resource.

properties.servicePublicIPAddress

PublicIPAddress

The service public IP address of the public IP address resource.

sku

PublicIPAddressSku

The public IP address SKU.

tags

object

Resource tags.

type

string

Resource type.

zones

string[]

A list of availability zones denoting the IP allocated for the resource needs to come from.

PublicIPAddressDnsSettings

Contains FQDN of the DNS record associated with the public IP address.

Name Type Description
domainNameLabel

string

The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.

domainNameLabelScope

PublicIpAddressDnsSettingsDomainNameLabelScope

The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN.

fqdn

string

The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.

reverseFqdn

string

The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

PublicIpAddressDnsSettingsDomainNameLabelScope

The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN.

Name Type Description
NoReuse

string

ResourceGroupReuse

string

SubscriptionReuse

string

TenantReuse

string

PublicIPAddressMigrationPhase

Migration phase of Public IP Address.

Name Type Description
Abort

string

Commit

string

Committed

string

None

string

Prepare

string

PublicIPAddressSku

SKU of a public IP address.

Name Type Description
name

PublicIPAddressSkuName

Name of a public IP address SKU.

tier

PublicIPAddressSkuTier

Tier of a public IP address SKU.

PublicIPAddressSkuName

Name of a public IP address SKU.

Name Type Description
Basic

string

Standard

string

PublicIPAddressSkuTier

Tier of a public IP address SKU.

Name Type Description
Global

string

Regional

string

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

Name Type Description
None

string

SystemAssigned

string

SystemAssigned, UserAssigned

string

UserAssigned

string

ResourceNavigationLink resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource navigation link identifier.

name

string

Name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.link

string

Link to the external resource.

properties.linkedResourceType

string

Resource type of the linked resource.

properties.provisioningState

ProvisioningState

The provisioning state of the resource navigation link resource.

type

string

Resource type.

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

Name Type Default value Description
days

integer

0

Number of days to retain flow log records.

enabled

boolean

False

Flag to enable/disable retention.

Route

Route resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.addressPrefix

string

The destination CIDR to which the route applies.

properties.hasBgpOverride

boolean

A value indicating whether this route overrides overlapping BGP routes regardless of LPM.

properties.nextHopIpAddress

string

The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

properties.nextHopType

RouteNextHopType

The type of Azure hop the packet should be sent to.

properties.provisioningState

ProvisioningState

The provisioning state of the route resource.

type

string

The type of the resource.

RouteNextHopType

The type of Azure hop the packet should be sent to.

Name Type Description
Internet

string

None

string

VirtualAppliance

string

VirtualNetworkGateway

string

VnetLocal

string

RouteTable

Route table resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.disableBgpRoutePropagation

boolean

Whether to disable the routes learned by BGP on that route table. True means disable.

properties.provisioningState

ProvisioningState

The provisioning state of the route table resource.

properties.resourceGuid

string

The resource GUID property of the route table.

properties.routes

Route[]

Collection of routes contained within a route table.

properties.subnets

Subnet[]

A collection of references to subnets.

tags

object

Resource tags.

type

string

Resource type.

SecurityRule

Network security rule.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.access

SecurityRuleAccess

The network traffic is allowed or denied.

properties.description

string

A description for this rule. Restricted to 140 chars.

properties.destinationAddressPrefix

string

The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.

properties.destinationAddressPrefixes

string[]

The destination address prefixes. CIDR or destination IP ranges.

properties.destinationApplicationSecurityGroups

ApplicationSecurityGroup[]

The application security group specified as destination.

properties.destinationPortRange

string

The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.

properties.destinationPortRanges

string[]

The destination port ranges.

properties.direction

SecurityRuleDirection

The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.

properties.priority

integer

The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

properties.protocol

SecurityRuleProtocol

Network protocol this rule applies to.

properties.provisioningState

ProvisioningState

The provisioning state of the security rule resource.

properties.sourceAddressPrefix

string

The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.

properties.sourceAddressPrefixes

string[]

The CIDR or source IP ranges.

properties.sourceApplicationSecurityGroups

ApplicationSecurityGroup[]

The application security group specified as source.

properties.sourcePortRange

string

The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.

properties.sourcePortRanges

string[]

The source port ranges.

type

string

The type of the resource.

SecurityRuleAccess

Whether network traffic is allowed or denied.

Name Type Description
Allow

string

Deny

string

SecurityRuleDirection

The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.

Name Type Description
Inbound

string

Outbound

string

SecurityRuleProtocol

Network protocol this rule applies to.

Name Type Description
*

string

Ah

string

Esp

string

Icmp

string

Tcp

string

Udp

string

ServiceAssociationLink resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

Name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.allowDelete

boolean

If true, the resource can be deleted.

properties.link

string

Link to the external resource.

properties.linkedResourceType

string

Resource type of the linked resource.

properties.locations

string[]

A list of locations.

properties.provisioningState

ProvisioningState

The provisioning state of the service association link resource.

type

string

Resource type.

ServiceEndpointPolicy

Service End point policy resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

kind

string

Kind of service endpoint policy. This is metadata used for the Azure portal experience.

location

string

Resource location.

name

string

Resource name.

properties.contextualServiceEndpointPolicies

string[]

A collection of contextual service endpoint policy.

properties.provisioningState

ProvisioningState

The provisioning state of the service endpoint policy resource.

properties.resourceGuid

string

The resource GUID property of the service endpoint policy resource.

properties.serviceAlias

string

The alias indicating if the policy belongs to a service

properties.serviceEndpointPolicyDefinitions

ServiceEndpointPolicyDefinition[]

A collection of service endpoint policy definitions of the service endpoint policy.

properties.subnets

Subnet[]

A collection of references to subnets.

tags

object

Resource tags.

type

string

Resource type.

ServiceEndpointPolicyDefinition

Service Endpoint policy definitions.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.description

string

A description for this rule. Restricted to 140 chars.

properties.provisioningState

ProvisioningState

The provisioning state of the service endpoint policy definition resource.

properties.service

string

Service endpoint name.

properties.serviceResources

string[]

A list of service resources.

type

string

The type of the resource.

ServiceEndpointPropertiesFormat

The service endpoint properties.

Name Type Description
locations

string[]

A list of locations.

networkIdentifier

SubResource

SubResource as network identifier.

provisioningState

ProvisioningState

The provisioning state of the service endpoint resource.

service

string

The type of the endpoint service.

SharingScope

Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.

Name Type Description
DelegatedServices

string

Tenant

string

Subnet

Subnet in a virtual network resource.

Name Type Default value Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

name

string

The name of the resource that is unique within a resource group. This name can be used to access the resource.

properties.addressPrefix

string

The address prefix for the subnet.

properties.addressPrefixes

string[]

List of address prefixes for the subnet.

properties.applicationGatewayIPConfigurations

ApplicationGatewayIPConfiguration[]

Application gateway IP configurations of virtual network resource.

properties.defaultOutboundAccess

boolean

Set this property to false to disable default outbound connectivity for all VMs in the subnet. This property can only be set at the time of subnet creation and cannot be updated for an existing subnet.

properties.delegations

Delegation[]

An array of references to the delegations on the subnet.

properties.ipAllocations

SubResource[]

Array of IpAllocation which reference this subnet.

properties.ipConfigurationProfiles

IPConfigurationProfile[]

Array of IP configuration profiles which reference this subnet.

properties.ipConfigurations

IPConfiguration[]

An array of references to the network interface IP configurations using subnet.

properties.ipamPoolPrefixAllocations

IpamPoolPrefixAllocation[]

A list of IPAM Pools for allocating IP address prefixes.

properties.natGateway

SubResource

Nat gateway associated with this subnet.

properties.networkSecurityGroup

NetworkSecurityGroup

The reference to the NetworkSecurityGroup resource.

properties.privateEndpointNetworkPolicies

VirtualNetworkPrivateEndpointNetworkPolicies

Disabled

Enable or Disable apply network policies on private end point in the subnet.

properties.privateEndpoints

PrivateEndpoint[]

An array of references to private endpoints.

properties.privateLinkServiceNetworkPolicies

VirtualNetworkPrivateLinkServiceNetworkPolicies

Enabled

Enable or Disable apply network policies on private link service in the subnet.

properties.provisioningState

ProvisioningState

The provisioning state of the subnet resource.

properties.purpose

string

A read-only string identifying the intention of use for this subnet based on delegations and other user-defined properties.

properties.resourceNavigationLinks

ResourceNavigationLink[]

An array of references to the external resources using subnet.

properties.routeTable

RouteTable

The reference to the RouteTable resource.

properties.serviceAssociationLinks

ServiceAssociationLink[]

An array of references to services injecting into this subnet.

properties.serviceEndpointPolicies

ServiceEndpointPolicy[]

An array of service endpoint policies.

properties.serviceEndpoints

ServiceEndpointPropertiesFormat[]

An array of service endpoints.

properties.sharingScope

SharingScope

Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.

type

string

Resource type.

SubResource

Reference to another subresource.

Name Type Description
id

string

Resource ID.

SyncMode

Backend address synchronous mode for the backend pool

Name Type Description
Automatic

string

Manual

string

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

Name Type Description
enabled

boolean

Flag to enable/disable traffic analytics.

trafficAnalyticsInterval

integer

The interval in minutes which would decide how frequently TA service should do flow analytics.

workspaceId

string

The resource guid of the attached workspace.

workspaceRegion

string

The location of the attached workspace.

workspaceResourceId

string

Resource Id of the attached workspace.

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

Name Type Description
networkWatcherFlowAnalyticsConfiguration

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

TransportProtocol

The transport protocol for the endpoint.

Name Type Description
All

string

Tcp

string

Udp

string

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name Type Description

VirtualNetworkPrivateEndpointNetworkPolicies

Enable or Disable apply network policies on private end point in the subnet.

Name Type Description
Disabled

string

Enabled

string

NetworkSecurityGroupEnabled

string

RouteTableEnabled

string

VirtualNetworkPrivateLinkServiceNetworkPolicies

Enable or Disable apply network policies on private link service in the subnet.

Name Type Description
Disabled

string

Enabled

string

VirtualNetworkTap

Virtual Network Tap resource.

Name Type Description
etag

string

A unique read-only string that changes whenever the resource is updated.

id

string

Resource ID.

location

string

Resource location.

name

string

Resource name.

properties.destinationLoadBalancerFrontEndIPConfiguration

FrontendIPConfiguration

The reference to the private IP address on the internal Load Balancer that will receive the tap.

properties.destinationNetworkInterfaceIPConfiguration

NetworkInterfaceIPConfiguration

The reference to the private IP Address of the collector nic that will receive the tap.

properties.destinationPort

integer

The VXLAN destination port that will receive the tapped traffic.

properties.networkInterfaceTapConfigurations

NetworkInterfaceTapConfiguration[]

Specifies the list of resource IDs for the network interface IP configuration that needs to be tapped.

properties.provisioningState

ProvisioningState

The provisioning state of the virtual network tap resource.

properties.resourceGuid

string

The resource GUID property of the virtual network tap resource.

tags

object

Resource tags.

type

string

Resource type.

Visibility

The visibility list of the private link service.

Name Type Description
subscriptions

string[]

The list of subscriptions.