From 9c5ded6cbfc4a2ae7042359456790dd36e49a7c5 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 21 Feb 2022 21:07:03 +0100 Subject: [PATCH 01/53] Update to latest --- .../vpnGateways/.bicep/nested_cuaId.bicep | 1 + .../vpnGateways/deploy.bicep | 30 +++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 arm/Microsoft.Network/vpnGateways/.bicep/nested_cuaId.bicep create mode 100644 arm/Microsoft.Network/vpnGateways/deploy.bicep diff --git a/arm/Microsoft.Network/vpnGateways/.bicep/nested_cuaId.bicep b/arm/Microsoft.Network/vpnGateways/.bicep/nested_cuaId.bicep new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/.bicep/nested_cuaId.bicep @@ -0,0 +1 @@ + diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep new file mode 100644 index 0000000000..8fdf236dc0 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -0,0 +1,30 @@ +@description('Required. Name of the VPN gateway') +param name string + +@description('Optional. Location where all resources will be created.') +param location string = resourceGroup().location + +@description('Optional. The connections to create in the VPN gateway') +param connections array = [] + +@description('Optional. The resource ID of a virtual Hub to connect to') +param virtualHubResourceId string = '' + +@description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') +param cuaId string = '' + +module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { + name: 'pid-${cuaId}' + params: {} +} + +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' = { + name: name + location: location + properties: { + connections: connections + virtualHub: !empty(virtualHubResourceId) ? { + id: virtualHubResourceId + } : null + } +} From 1fc5816303a9895c8e8431f4e2cd0371a4c0ddb3 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 21 Feb 2022 21:57:31 +0100 Subject: [PATCH 02/53] Update to latest --- .../connections/.bicep/nested_cuaId.bicep | 1 + .../vpnGateways/connections/deploy.bicep | 81 +++++++++++++++++++ .../vpnGateways/deploy.bicep | 24 ++++++ .../natRules/.bicep/nested_cuaId.bicep | 1 + .../vpnGateways/natRules/deploy.bicep | 61 ++++++++++++++ .../vpnGateways/version.json | 4 + 6 files changed, 172 insertions(+) create mode 100644 arm/Microsoft.Network/vpnGateways/connections/.bicep/nested_cuaId.bicep create mode 100644 arm/Microsoft.Network/vpnGateways/connections/deploy.bicep create mode 100644 arm/Microsoft.Network/vpnGateways/natRules/.bicep/nested_cuaId.bicep create mode 100644 arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep create mode 100644 arm/Microsoft.Network/vpnGateways/version.json diff --git a/arm/Microsoft.Network/vpnGateways/connections/.bicep/nested_cuaId.bicep b/arm/Microsoft.Network/vpnGateways/connections/.bicep/nested_cuaId.bicep new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/connections/.bicep/nested_cuaId.bicep @@ -0,0 +1 @@ + diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep new file mode 100644 index 0000000000..f846aea23e --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -0,0 +1,81 @@ +@description('Required. The name of the VPN connection.') +param name string + +@description('Required. The name of the VPN gateway this VPN connection is associated with.') +param vpnGatewayName string + +@description('Optional. ') +param ipsecPolicies array = [] + +param trafficSelectorPolicies array = [] + +param vpnLinkConnections array = [] + +param routingConfiguration object + +param usePolicyBasedTrafficSelectors bool + +param useLocalAzureIpAddress bool + +param enableRateLimiting bool + +param enableInternetSecurity bool + +param enableBgp bool + +param routingWeight int + +param dpdTimeoutSeconds int + +param connectionBandwidth int + +param vpnConnectionProtocolType string + +param sharedKey string + +param remoteVpnSiteResourceId string + +@description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') +param cuaId string = '' + +module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { + name: 'pid-${cuaId}' + params: {} +} + +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' existing = { + name: vpnGatewayName +} + +resource vpnConnection 'Microsoft.Network/vpnGateways/vpnConnections@2021-05-01' = { + name: name + parent: vpnGateway + properties: { + connectionBandwidth: connectionBandwidth + dpdTimeoutSeconds: dpdTimeoutSeconds + enableBgp: enableBgp + enableInternetSecurity: enableInternetSecurity + enableRateLimiting: enableRateLimiting + ipsecPolicies: ipsecPolicies + remoteVpnSite: !empty(remoteVpnSiteResourceId) ? { + id: remoteVpnSiteResourceId + } : null + routingConfiguration: routingConfiguration + routingWeight: routingWeight + sharedKey: sharedKey + trafficSelectorPolicies: trafficSelectorPolicies + useLocalAzureIpAddress: useLocalAzureIpAddress + usePolicyBasedTrafficSelectors: usePolicyBasedTrafficSelectors + vpnConnectionProtocolType: vpnConnectionProtocolType + vpnLinkConnections: vpnLinkConnections + } +} + +@description('The name of the VPN connection') +output name string = vpnConnection.name + +@description('The resource ID of the VPN connection') +output resourceId string = vpnConnection.id + +@description('The name of the resource group the VPN connection was deployed into') +output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 8fdf236dc0..67d36f461d 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -7,9 +7,27 @@ param location string = resourceGroup().location @description('Optional. The connections to create in the VPN gateway') param connections array = [] +@description('Optional. List of all the NAT Rules to associate with the gateway.') +param natRules array = [] + @description('Optional. The resource ID of a virtual Hub to connect to') param virtualHubResourceId string = '' +@description('Optional. BGP settings details.') +param bgpSettings object = {} + +@description('Optional. Enable BGP routes translation for NAT on this VpnGateway.') +param enableBgpRouteTranslationForNat bool + +@description('Optional. Enable Routing Preference property for the Public IP Interface of the VpnGateway.') +param isRoutingPreferenceInternet bool + +@description('Optional. The scale unit for this vpn gateway.') +param vpnGatewayScaleUnit int + +@description('Optional. Tags of the resource.') +param tags object = {} + @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') param cuaId string = '' @@ -21,8 +39,14 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' = { name: name location: location + tags: tags properties: { + bgpSettings: bgpSettings connections: connections + enableBgpRouteTranslationForNat: enableBgpRouteTranslationForNat + isRoutingPreferenceInternet: isRoutingPreferenceInternet + vpnGatewayScaleUnit: vpnGatewayScaleUnit + natRules: natRules virtualHub: !empty(virtualHubResourceId) ? { id: virtualHubResourceId } : null diff --git a/arm/Microsoft.Network/vpnGateways/natRules/.bicep/nested_cuaId.bicep b/arm/Microsoft.Network/vpnGateways/natRules/.bicep/nested_cuaId.bicep new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/natRules/.bicep/nested_cuaId.bicep @@ -0,0 +1 @@ + diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep new file mode 100644 index 0000000000..221a9d9cdf --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -0,0 +1,61 @@ +@description('Required. The name of the NAT rule.') +param name string + +@description('Required. The name of the VPN gateway this NAT rule is associated with.') +param vpnGatewayName string + +@description('Optional. The private IP address external mapping for NAT.') +param externalMappings array = [] + +@description('Optional. The private IP address external mapping for NAT.') +param internalMappings array = [] + +@description('Optional. The IP Configuration ID this NAT rule applies to.') +param ipConfigurationId string + +@description('Optional. The type of NAT rule for VPN NAT.') +@allowed([ + 'EgressSnat' + 'IngressSnat' +]) +param mode string + +@description('Optional. The type of NAT rule for VPN NAT.') +@allowed([ + 'Dynamic' + 'Static' +]) +param type string + +@description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') +param cuaId string = '' + +module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { + name: 'pid-${cuaId}' + params: {} +} + +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' existing = { + name: vpnGatewayName +} + +resource natRule 'Microsoft.Network/vpnGateways/natRules@2021-05-01' = { + name: name + parent: vpnGateway + properties: { + externalMappings: externalMappings + internalMappings: internalMappings + ipConfigurationId: ipConfigurationId + mode: mode + type: type + } +} + +@description('The name of the NAT rule') +output name string = natRule.name + +@description('The resource ID of the NAT rule') +output resourceId string = natRule.id + +@description('The name of the resource group the NAT rule was deployed into') +output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/version.json b/arm/Microsoft.Network/vpnGateways/version.json new file mode 100644 index 0000000000..41f66cc990 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.1" +} From 5722da0872ab808c26e60d9cd06d6131828aab8a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 21 Feb 2022 22:19:19 +0100 Subject: [PATCH 03/53] Update to latest --- .../vpnGateways/connections/deploy.bicep | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index f846aea23e..730c677b99 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -4,35 +4,53 @@ param name string @description('Required. The name of the VPN gateway this VPN connection is associated with.') param vpnGatewayName string -@description('Optional. ') +@description('Optional. The IPSec Policies to be considered by this connection.') param ipsecPolicies array = [] +@description('Optional. The Traffic Selector Policies to be considered by this connection.') param trafficSelectorPolicies array = [] +@description('Optional. List of all vpn site link connections to the gateway.') param vpnLinkConnections array = [] +@description('Optional. Routing Configuration indicating the associated and propagated route tables for this connection.') param routingConfiguration object +@description('Optional. Enable policy-based traffic selectors.') param usePolicyBasedTrafficSelectors bool +@description('Optional. Use local azure ip to initiate connection.') param useLocalAzureIpAddress bool +@description('Optional. EnableBgp flag.') param enableRateLimiting bool +@description('Optional. Enable internet security.') param enableInternetSecurity bool +@description('Optional. Enable internet security.') param enableBgp bool +@description('Optional. Routing weight for vpn connection.') param routingWeight int +@description('Optional. DPD timeout in seconds for vpn connection.') param dpdTimeoutSeconds int +@description('Optional. Expected bandwidth in MBPS.') param connectionBandwidth int +@description('Optional. Gateway connection protocol.') +@allowed([ + 'IKEv1' + 'IKEv2' +]) param vpnConnectionProtocolType string +@description('Optional. SharedKey for the vpn connection.') param sharedKey string +@description('Optional. Reference to a VPN site to link to') param remoteVpnSiteResourceId string @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') From 7659551e0484afbc2bb094eb7d6a01fb2eb67806 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 09:29:59 +0100 Subject: [PATCH 04/53] Update to latest --- .../vpnGateways/deploy.bicep | 47 ++++++++++++++++++- .../vpnGateways/natRules/deploy.bicep | 24 +++++----- 2 files changed, 58 insertions(+), 13 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 67d36f461d..31d4409f2a 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -42,13 +42,56 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' = { tags: tags properties: { bgpSettings: bgpSettings - connections: connections enableBgpRouteTranslationForNat: enableBgpRouteTranslationForNat isRoutingPreferenceInternet: isRoutingPreferenceInternet vpnGatewayScaleUnit: vpnGatewayScaleUnit - natRules: natRules virtualHub: !empty(virtualHubResourceId) ? { id: virtualHubResourceId } : null + // connections: connections + // natRules: natRules } } + +module vpnGateway_natRules 'natRules/deploy.bicep' = [for (natRule, index) in natRules: { + name: '${deployment().name}-NATRule-${index}' + params: { + name: natRule.name + vpnGatewayName: vpnGateway.name + externalMappings: contains(natRule, 'externalMappings') ? natRule.externalMappings : [] + internalMappings: contains(natRule, 'internalMappings') ? natRule.internalMappings : [] + ipConfigurationId: contains(natRule, 'ipConfigurationId') ? natRule.ipConfigurationId : '' + mode: contains(natRule, 'mode') ? natRule.mode : '' + type: contains(natRule, 'type') ? natRule.type : '' + } +}] + +module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, index) in connections: { + name: '${deployment().name}-Connection-${index}' + params: { + name: connection.name + vpnGatewayName: vpnGateway.name + connectionBandwidth: + dpdTimeoutSeconds: + enableBgp: + enableInternetSecurity: + enableRateLimiting: + remoteVpnSiteResourceId: + routingConfiguration: { + } + routingWeight: + sharedKey: + useLocalAzureIpAddress: + usePolicyBasedTrafficSelectors: + vpnConnectionProtocolType: + } +}] + +@description('The name of the VPN gateway') +output name string = vpnGateway.name + +@description('The resource ID of the VPN gateway') +output resourceId string = vpnGateway.id + +@description('The name of the resource group the VPN gateway was deployed into') +output resourceGroupName string = resourceGroup().name diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep index 221a9d9cdf..a0fd906564 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -4,28 +4,30 @@ param name string @description('Required. The name of the VPN gateway this NAT rule is associated with.') param vpnGatewayName string -@description('Optional. The private IP address external mapping for NAT.') +@description('Optional. An address prefix range of destination IPs on the outside network that source IPs will be mapped to. In other words, your post-NAT address prefix range.') param externalMappings array = [] -@description('Optional. The private IP address external mapping for NAT.') +@description('Optional. An address prefix range of source IPs on the inside network that will be mapped to a set of external IPs. In other words, your pre-NAT address prefix range.') param internalMappings array = [] -@description('Optional. The IP Configuration ID this NAT rule applies to.') -param ipConfigurationId string +@description('Optional. A NAT rule must be configured to a specific VPN Gateway instance. This is applicable to Dynamic NAT only. Static NAT rules are automatically applied to both VPN Gateway instances.') +param ipConfigurationId string = '' -@description('Optional. The type of NAT rule for VPN NAT.') +@description('Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub’s Site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub’s Site-to-site VPN gateway.') @allowed([ + '' 'EgressSnat' 'IngressSnat' ]) -param mode string +param mode string = '' -@description('Optional. The type of NAT rule for VPN NAT.') +@description('Optional. The type of NAT rule for VPN NAT. Static one-to-one NAT establishes a one-to-one relationship between an internal address and an external address while Dynamic NAT assigns an IP and port based on availability.') @allowed([ + '' 'Dynamic' 'Static' ]) -param type string +param type string = '' @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') param cuaId string = '' @@ -45,9 +47,9 @@ resource natRule 'Microsoft.Network/vpnGateways/natRules@2021-05-01' = { properties: { externalMappings: externalMappings internalMappings: internalMappings - ipConfigurationId: ipConfigurationId - mode: mode - type: type + ipConfigurationId: !empty(ipConfigurationId) ? ipConfigurationId : null + mode: !empty(mode) ? any(mode) : null + type: !empty(type) ? any(type) : null } } From 3bf52880c8a770604c920b51d502c2816e721aef Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 09:30:55 +0100 Subject: [PATCH 05/53] Update to latest --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 730c677b99..5b86aab174 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -17,7 +17,7 @@ param vpnLinkConnections array = [] param routingConfiguration object @description('Optional. Enable policy-based traffic selectors.') -param usePolicyBasedTrafficSelectors bool +param usePolicyBasedTrafficSelectors bool = false @description('Optional. Use local azure ip to initiate connection.') param useLocalAzureIpAddress bool From 9bcb2c4ffcf99116dbf181efd4bc70ec398dd012 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 19:47:51 +0100 Subject: [PATCH 06/53] Update to latest --- .../vpnGateways/connections/deploy.bicep | 2 +- .../vpnGateways/deploy.bicep | 25 +++++++++---------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 5b86aab174..730c677b99 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -17,7 +17,7 @@ param vpnLinkConnections array = [] param routingConfiguration object @description('Optional. Enable policy-based traffic selectors.') -param usePolicyBasedTrafficSelectors bool = false +param usePolicyBasedTrafficSelectors bool @description('Optional. Use local azure ip to initiate connection.') param useLocalAzureIpAddress bool diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 31d4409f2a..d5b4a9dba9 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -71,19 +71,18 @@ module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, ind params: { name: connection.name vpnGatewayName: vpnGateway.name - connectionBandwidth: - dpdTimeoutSeconds: - enableBgp: - enableInternetSecurity: - enableRateLimiting: - remoteVpnSiteResourceId: - routingConfiguration: { - } - routingWeight: - sharedKey: - useLocalAzureIpAddress: - usePolicyBasedTrafficSelectors: - vpnConnectionProtocolType: + connectionBandwidth: contains(connection, 'vpnGatewayName') ? connection.vpnGatewayName : + dpdTimeoutSeconds: contains(connection, 'dpdTimeoutSeconds') ? connection.dpdTimeoutSeconds : + enableBgp: contains(connection, 'enableBgp') ? connection.enableBgp : + enableInternetSecurity: contains(connection, 'enableInternetSecurity') ? connection.enableInternetSecurity : + enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : + remoteVpnSiteResourceId: contains(connection, 'remoteVpnSiteResourceId') ? connection.remoteVpnSiteResourceId : + routingConfiguration: contains(connection, 'routingConfiguration') ? connection.routingConfiguration : + routingWeight: contains(connection, 'routingWeight') ? connection.routingWeight : + sharedKey: contains(connection, 'sharedKey') ? connection.sharedKey : + useLocalAzureIpAddress: contains(connection, 'useLocalAzureIpAddress') ? connection.useLocalAzureIpAddress : + usePolicyBasedTrafficSelectors: contains(connection, 'usePolicyBasedTrafficSelectors') ? connection.usePolicyBasedTrafficSelectors : + vpnConnectionProtocolType: contains(connection, 'vpnConnectionProtocolType') ? connection.vpnConnectionProtocolType : } }] From cbdf97fcc3933b30a800458afc483ebc2154670a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 20:57:52 +0100 Subject: [PATCH 07/53] Update to latest --- .../.parameters/min.parameters.json | 9 ++++++ .../vpnGateways/.parameters/parameters.json | 29 ++++++++++++++++++ .../vpnGateways/connections/deploy.bicep | 24 +++++++-------- .../vpnGateways/deploy.bicep | 30 +++++++++---------- 4 files changed, 65 insertions(+), 27 deletions(-) create mode 100644 arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json create mode 100644 arm/Microsoft.Network/vpnGateways/.parameters/parameters.json diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json new file mode 100644 index 0000000000..bf3f0bce13 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -0,0 +1,9 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vpngw-x-001" + } + } +} diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json new file mode 100644 index 0000000000..f83e31ad4b --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -0,0 +1,29 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "name": { + "value": "<>-az-vpngw-x-001" + }, + "connections": { + "value": [ + { + "name": "SampleVpnsiteVpnGwConnection", + "properties": { + "connectionBandwidth": 10, + "enableBgp": true, + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + } + } + ] + }, + "natRules": { + "value": [] + }, + "bgpSettings": { + "value": { + "asn": 65515 + } + } + } +} diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 730c677b99..fe97bb1896 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -14,44 +14,44 @@ param trafficSelectorPolicies array = [] param vpnLinkConnections array = [] @description('Optional. Routing Configuration indicating the associated and propagated route tables for this connection.') -param routingConfiguration object +param routingConfiguration object = {} @description('Optional. Enable policy-based traffic selectors.') -param usePolicyBasedTrafficSelectors bool +param usePolicyBasedTrafficSelectors bool = false @description('Optional. Use local azure ip to initiate connection.') -param useLocalAzureIpAddress bool +param useLocalAzureIpAddress bool = false @description('Optional. EnableBgp flag.') -param enableRateLimiting bool +param enableRateLimiting bool = false @description('Optional. Enable internet security.') -param enableInternetSecurity bool +param enableInternetSecurity bool = false @description('Optional. Enable internet security.') -param enableBgp bool +param enableBgp bool = false @description('Optional. Routing weight for vpn connection.') -param routingWeight int +param routingWeight int = 0 @description('Optional. DPD timeout in seconds for vpn connection.') -param dpdTimeoutSeconds int +param dpdTimeoutSeconds int = 0 @description('Optional. Expected bandwidth in MBPS.') -param connectionBandwidth int +param connectionBandwidth int = 10 @description('Optional. Gateway connection protocol.') @allowed([ 'IKEv1' 'IKEv2' ]) -param vpnConnectionProtocolType string +param vpnConnectionProtocolType string = 'IKEv2' @description('Optional. SharedKey for the vpn connection.') -param sharedKey string +param sharedKey string = '' @description('Optional. Reference to a VPN site to link to') -param remoteVpnSiteResourceId string +param remoteVpnSiteResourceId string = '' @description('Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered') param cuaId string = '' diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index d5b4a9dba9..020cd47ed1 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -17,13 +17,13 @@ param virtualHubResourceId string = '' param bgpSettings object = {} @description('Optional. Enable BGP routes translation for NAT on this VpnGateway.') -param enableBgpRouteTranslationForNat bool +param enableBgpRouteTranslationForNat bool = false @description('Optional. Enable Routing Preference property for the Public IP Interface of the VpnGateway.') -param isRoutingPreferenceInternet bool +param isRoutingPreferenceInternet bool = false @description('Optional. The scale unit for this vpn gateway.') -param vpnGatewayScaleUnit int +param vpnGatewayScaleUnit int = 2 @description('Optional. Tags of the resource.') param tags object = {} @@ -71,18 +71,18 @@ module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, ind params: { name: connection.name vpnGatewayName: vpnGateway.name - connectionBandwidth: contains(connection, 'vpnGatewayName') ? connection.vpnGatewayName : - dpdTimeoutSeconds: contains(connection, 'dpdTimeoutSeconds') ? connection.dpdTimeoutSeconds : - enableBgp: contains(connection, 'enableBgp') ? connection.enableBgp : - enableInternetSecurity: contains(connection, 'enableInternetSecurity') ? connection.enableInternetSecurity : - enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : - remoteVpnSiteResourceId: contains(connection, 'remoteVpnSiteResourceId') ? connection.remoteVpnSiteResourceId : - routingConfiguration: contains(connection, 'routingConfiguration') ? connection.routingConfiguration : - routingWeight: contains(connection, 'routingWeight') ? connection.routingWeight : - sharedKey: contains(connection, 'sharedKey') ? connection.sharedKey : - useLocalAzureIpAddress: contains(connection, 'useLocalAzureIpAddress') ? connection.useLocalAzureIpAddress : - usePolicyBasedTrafficSelectors: contains(connection, 'usePolicyBasedTrafficSelectors') ? connection.usePolicyBasedTrafficSelectors : - vpnConnectionProtocolType: contains(connection, 'vpnConnectionProtocolType') ? connection.vpnConnectionProtocolType : + connectionBandwidth: contains(connection, 'connectionBandwidth') ? connection.connectionBandwidth : 10 + dpdTimeoutSeconds: contains(connection, 'dpdTimeoutSeconds') ? connection.dpdTimeoutSeconds : 0 + enableBgp: contains(connection, 'enableBgp') ? connection.enableBgp : false + enableInternetSecurity: contains(connection, 'enableInternetSecurity') ? connection.enableInternetSecurity : false + enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : false + remoteVpnSiteResourceId: contains(connection, 'remoteVpnSiteResourceId') ? connection.remoteVpnSiteResourceId : '' + routingConfiguration: contains(connection, 'routingConfiguration') ? connection.routingConfiguration : {} + routingWeight: contains(connection, 'routingWeight') ? connection.routingWeight : 0 + sharedKey: contains(connection, 'sharedKey') ? connection.sharedKey : '' + useLocalAzureIpAddress: contains(connection, 'useLocalAzureIpAddress') ? connection.useLocalAzureIpAddress : false + usePolicyBasedTrafficSelectors: contains(connection, 'usePolicyBasedTrafficSelectors') ? connection.usePolicyBasedTrafficSelectors : false + vpnConnectionProtocolType: contains(connection, 'vpnConnectionProtocolType') ? connection.vpnConnectionProtocolType : 'IKEv2' } }] From a3afeb9560c78fdee4eddc7a694309d1d62c1fd6 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 20:59:24 +0100 Subject: [PATCH 08/53] Update to latest --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index f83e31ad4b..94ce39b089 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -17,6 +17,9 @@ } ] }, + "virtualHubResourceId": { + "value": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" + }, "natRules": { "value": [] }, From 85ad499c85ac3b833eae0a896c35a3cd3fb46e11 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:02:13 +0100 Subject: [PATCH 09/53] Update to latest --- .../ms.network.vpnGateways.yml | 52 +++++++ .github/workflows/ms.network.vpngateways.yml | 135 ++++++++++++++++++ 2 files changed, 187 insertions(+) create mode 100644 .azuredevops/modulePipelines/ms.network.vpnGateways.yml create mode 100644 .github/workflows/ms.network.vpngateways.yml diff --git a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml new file mode 100644 index 0000000000..b58df91640 --- /dev/null +++ b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml @@ -0,0 +1,52 @@ +name: 'Network: VPN Gateway' + +parameters: + - name: removeDeployment + displayName: Remove deployed module + type: boolean + default: true + - name: prerelease + displayName: Publish prerelease module + type: boolean + default: false + +trigger: + batch: true + branches: + include: + - main + paths: + include: + - '/.azuredevops/modulePipelines/ms.network.vpnGateways.yml' + - '/.azuredevops/pipelineTemplates/module.*.yml' + - '/arm/Microsoft.Network/vpnGateways/*' + exclude: + - '/**/*.md' + +variables: + - template: '/.azuredevops/pipelineVariables/global.variables.yml' + - group: 'PLATFORM_VARIABLES' + - name: modulePath + value: '/arm/Microsoft.Network/vpnGateways' + +stages: + - stage: Validation + displayName: Pester tests + jobs: + - template: /.azuredevops/pipelineTemplates/jobs.validateModulePester.yml + + - stage: Deployment + displayName: Deployment tests + jobs: + - template: /.azuredevops/pipelineTemplates/jobs.validateModuleDeployment.yml + parameters: + removeDeployment: '${{ parameters.removeDeployment }}' + deploymentBlocks: + - path: $(modulePath)/.parameters/min.parameters.json + - path: $(modulePath)/.parameters/parameters.json + + - stage: Publishing + displayName: Publish module + condition: and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), eq(variables['Build.SourceBranch'], 'refs/heads/master'), eq('${{ parameters.prerelease }}', 'true'))) + jobs: + - template: /.azuredevops/pipelineTemplates/jobs.publishModule.yml diff --git a/.github/workflows/ms.network.vpngateways.yml b/.github/workflows/ms.network.vpngateways.yml new file mode 100644 index 0000000000..4c5b639ad7 --- /dev/null +++ b/.github/workflows/ms.network.vpngateways.yml @@ -0,0 +1,135 @@ +name: 'Network - VPN Gateway' + +on: + workflow_dispatch: + inputs: + removeDeployment: + type: boolean + description: 'Remove deployed module' + required: false + default: 'true' + prerelease: + type: boolean + description: 'Publish prerelease module' + required: false + default: 'false' + push: + branches: + - main + paths: + - '.github/actions/templates/**' + - '.github/workflows/ms.network.vpnGateways.yml' + - 'arm/Microsoft.Network/vpnGateways/**' + - '!*/**/readme.md' + - 'utilities/pipelines/**' + - '!utilities/pipelines/dependencies/**' + +env: + modulePath: 'arm/Microsoft.Network/vpnGateways' + workflowPath: '.github/workflows/ms.network.vpnGateways.yml' + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + ARM_SUBSCRIPTION_ID: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + ARM_MGMTGROUP_ID: '${{ secrets.ARM_MGMTGROUP_ID }}' + ARM_TENANT_ID: '${{ secrets.ARM_TENANT_ID }}' + DEPLOYMENT_SP_ID: '${{ secrets.DEPLOYMENT_SP_ID }}' + +jobs: + ############################ + # SET INPUT PARAMETERS # + ############################ + job_set_workflow_param: + runs-on: ubuntu-20.04 + name: 'Set input parameters to output variables' + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: 'Set input parameters' + id: get-workflow-param + uses: ./.github/actions/templates/getWorkflowInput + with: + workflowPath: '${{ env.workflowPath}}' + outputs: + removeDeployment: ${{ steps.get-workflow-param.outputs.removeDeployment }} + + #################### + # Pester Tests # + #################### + job_module_pester_validation: + runs-on: ubuntu-20.04 + name: 'Pester tests' + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: 'Run tests' + uses: ./.github/actions/templates/validateModulePester + with: + modulePath: '${{ env.modulePath }}' + + #################### + # Deployment tests # + #################### + job_module_deploy_validation: + runs-on: ubuntu-20.04 + name: 'Deployment tests' + needs: + - job_set_workflow_param + - job_module_pester_validation + strategy: + fail-fast: false + matrix: + parameterFilePaths: ['min.parameters.json', 'parameters.json'] + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + variableFileName: 'global.variables' + - name: 'Using parameter file [${{ matrix.parameterFilePaths }}]' + uses: ./.github/actions/templates/validateModuleDeployment + with: + templateFilePath: '${{ env.modulePath }}/deploy.bicep' + parameterFilePath: '${{ env.modulePath }}/.parameters/${{ matrix.parameterFilePaths }}' + location: '${{ env.defaultLocation }}' + resourceGroupName: '${{ env.resourceGroupName }}' + subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' + removeDeployment: '${{ needs.job_set_workflow_param.outputs.removeDeployment }}' + + ############### + # PUBLISH # + ############### + job_publish_module: + name: 'Publish module' + if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true' + runs-on: ubuntu-20.04 + needs: + - job_set_workflow_param + - job_module_deploy_validation + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + variableFileName: 'global.variables' + - name: 'Publish module' + uses: ./.github/actions/templates/publishModule + with: + templateFilePath: '${{ env.modulePath }}/deploy.bicep' + templateSpecsRGName: '${{ env.templateSpecsRGName }}' + templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}' + templateSpecsDescription: '${{ env.templateSpecsDescription }}' + templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}' + bicepRegistryName: '${{ env.bicepRegistryName }}' + bicepRegistryRGName: '${{ env.bicepRegistryRGName }}' + bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}' + bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}' From 677029c5c9aede3c5ba649d80b93e4b1aaccb4f4 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:04:32 +0100 Subject: [PATCH 10/53] Update to latest --- .azuredevops/modulePipelines/ms.network.vpnGateways.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml index b58df91640..ee7445ae29 100644 --- a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml +++ b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml @@ -1,4 +1,4 @@ -name: 'Network: VPN Gateway' +name: 'Network - VPN Gateway' parameters: - name: removeDeployment From 2b733a0e01f7030cc88c56ac541bad53dd19d9b1 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:12:05 +0100 Subject: [PATCH 11/53] Update to latest --- .../vpnGateways/connections/deploy.bicep | 10 ++-- .../vpnGateways/connections/readme.md | 44 ++++++++++++++ .../vpnGateways/deploy.bicep | 6 +- .../vpnGateways/natRules/deploy.bicep | 2 +- .../vpnGateways/natRules/readme.md | 34 +++++++++++ arm/Microsoft.Network/vpnGateways/readme.md | 59 +++++++++++++++++++ 6 files changed, 146 insertions(+), 9 deletions(-) create mode 100644 arm/Microsoft.Network/vpnGateways/connections/readme.md create mode 100644 arm/Microsoft.Network/vpnGateways/natRules/readme.md create mode 100644 arm/Microsoft.Network/vpnGateways/readme.md diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index fe97bb1896..c9db08b70a 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -10,7 +10,7 @@ param ipsecPolicies array = [] @description('Optional. The Traffic Selector Policies to be considered by this connection.') param trafficSelectorPolicies array = [] -@description('Optional. List of all vpn site link connections to the gateway.') +@description('Optional. List of all VPN site link connections to the gateway.') param vpnLinkConnections array = [] @description('Optional. Routing Configuration indicating the associated and propagated route tables for this connection.') @@ -19,7 +19,7 @@ param routingConfiguration object = {} @description('Optional. Enable policy-based traffic selectors.') param usePolicyBasedTrafficSelectors bool = false -@description('Optional. Use local azure ip to initiate connection.') +@description('Optional. Use local azure IP to initiate connection.') param useLocalAzureIpAddress bool = false @description('Optional. EnableBgp flag.') @@ -31,10 +31,10 @@ param enableInternetSecurity bool = false @description('Optional. Enable internet security.') param enableBgp bool = false -@description('Optional. Routing weight for vpn connection.') +@description('Optional. Routing weight for VPN connection.') param routingWeight int = 0 -@description('Optional. DPD timeout in seconds for vpn connection.') +@description('Optional. DPD timeout in seconds for VPN connection.') param dpdTimeoutSeconds int = 0 @description('Optional. Expected bandwidth in MBPS.') @@ -47,7 +47,7 @@ param connectionBandwidth int = 10 ]) param vpnConnectionProtocolType string = 'IKEv2' -@description('Optional. SharedKey for the vpn connection.') +@description('Optional. SharedKey for the VPN connection.') param sharedKey string = '' @description('Optional. Reference to a VPN site to link to') diff --git a/arm/Microsoft.Network/vpnGateways/connections/readme.md b/arm/Microsoft.Network/vpnGateways/connections/readme.md new file mode 100644 index 0000000000..2d79aeef12 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/connections/readme.md @@ -0,0 +1,44 @@ +# VPN Gateways Connections `[Microsoft.Network/vpnGateways/connections]` + +This module deploys VPN Gateways Connections. + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.Network/vpnGateways/vpnConnections` | 2021-05-01 | + +## Parameters + +| Parameter Name | Type | Default Value | Possible Values | Description | +| :-- | :-- | :-- | :-- | :-- | +| `connectionBandwidth` | int | `10` | | Optional. Expected bandwidth in MBPS. | +| `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | +| `dpdTimeoutSeconds` | int | | | Optional. DPD timeout in seconds for VPN connection. | +| `enableBgp` | bool | | | Optional. Enable internet security. | +| `enableInternetSecurity` | bool | | | Optional. Enable internet security. | +| `enableRateLimiting` | bool | | | Optional. EnableBgp flag. | +| `ipsecPolicies` | array | `[]` | | Optional. The IPSec Policies to be considered by this connection. | +| `name` | string | | | Required. The name of the VPN connection. | +| `remoteVpnSiteResourceId` | string | | | Optional. Reference to a VPN site to link to | +| `routingConfiguration` | object | `{object}` | | Optional. Routing Configuration indicating the associated and propagated route tables for this connection. | +| `routingWeight` | int | | | Optional. Routing weight for VPN connection. | +| `sharedKey` | string | | | Optional. SharedKey for the VPN connection. | +| `trafficSelectorPolicies` | array | `[]` | | Optional. The Traffic Selector Policies to be considered by this connection. | +| `useLocalAzureIpAddress` | bool | | | Optional. Use local azure IP to initiate connection. | +| `usePolicyBasedTrafficSelectors` | bool | | | Optional. Enable policy-based traffic selectors. | +| `vpnConnectionProtocolType` | string | `IKEv2` | `[IKEv1, IKEv2]` | Optional. Gateway connection protocol. | +| `vpnGatewayName` | string | | | Required. The name of the VPN gateway this VPN connection is associated with. | +| `vpnLinkConnections` | array | `[]` | | Optional. List of all VPN site link connections to the gateway. | + +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the VPN connection | +| `resourceGroupName` | string | The name of the resource group the VPN connection was deployed into | +| `resourceId` | string | The resource ID of the VPN connection | + +## Template references + +- [Vpngateways/Vpnconnections](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/vpnConnections) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 020cd47ed1..0114440f2d 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -16,13 +16,13 @@ param virtualHubResourceId string = '' @description('Optional. BGP settings details.') param bgpSettings object = {} -@description('Optional. Enable BGP routes translation for NAT on this VpnGateway.') +@description('Optional. Enable BGP routes translation for NAT on this VPNGateway.') param enableBgpRouteTranslationForNat bool = false -@description('Optional. Enable Routing Preference property for the Public IP Interface of the VpnGateway.') +@description('Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway.') param isRoutingPreferenceInternet bool = false -@description('Optional. The scale unit for this vpn gateway.') +@description('Optional. The scale unit for this VPN gateway.') param vpnGatewayScaleUnit int = 2 @description('Optional. Tags of the resource.') diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep index a0fd906564..ab08682e47 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -13,7 +13,7 @@ param internalMappings array = [] @description('Optional. A NAT rule must be configured to a specific VPN Gateway instance. This is applicable to Dynamic NAT only. Static NAT rules are automatically applied to both VPN Gateway instances.') param ipConfigurationId string = '' -@description('Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub’s Site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub’s Site-to-site VPN gateway.') +@description('Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub\'s Site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub\'s Site-to-site VPN gateway.') @allowed([ '' 'EgressSnat' diff --git a/arm/Microsoft.Network/vpnGateways/natRules/readme.md b/arm/Microsoft.Network/vpnGateways/natRules/readme.md new file mode 100644 index 0000000000..fb244edbdb --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/natRules/readme.md @@ -0,0 +1,34 @@ +# VPN Gateways NATRules `[Microsoft.Network/vpnGateways/natRules]` + +This module deploys VPN Gateways NATRules + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.Network/vpnGateways/natRules` | 2021-05-01 | + +## Parameters + +| Parameter Name | Type | Default Value | Possible Values | Description | +| :-- | :-- | :-- | :-- | :-- | +| `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | +| `externalMappings` | array | `[]` | | Optional. An address prefix range of destination IPs on the outside network that source IPs will be mapped to. In other words, your post-NAT address prefix range. | +| `internalMappings` | array | `[]` | | Optional. An address prefix range of source IPs on the inside network that will be mapped to a set of external IPs. In other words, your pre-NAT address prefix range. | +| `ipConfigurationId` | string | | | Optional. A NAT rule must be configured to a specific VPN Gateway instance. This is applicable to Dynamic NAT only. Static NAT rules are automatically applied to both VPN Gateway instances. | +| `mode` | string | | `[, EgressSnat, IngressSnat]` | Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub's Site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub's Site-to-site VPN gateway. | +| `name` | string | | | Required. The name of the NAT rule. | +| `type` | string | | `[, Dynamic, Static]` | Optional. The type of NAT rule for VPN NAT. Static one-to-one NAT establishes a one-to-one relationship between an internal address and an external address while Dynamic NAT assigns an IP and port based on availability. | +| `vpnGatewayName` | string | | | Required. The name of the VPN gateway this NAT rule is associated with. | + +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the NAT rule | +| `resourceGroupName` | string | The name of the resource group the NAT rule was deployed into | +| `resourceId` | string | The resource ID of the NAT rule | + +## Template references + +- [Vpngateways/Natrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/natRules) diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md new file mode 100644 index 0000000000..6562fcaed9 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -0,0 +1,59 @@ +# VPN Gateways `[Microsoft.Network/vpnGateways]` + +This module deploys VPN Gateways. + +## Resource Types + +| Resource Type | API Version | +| :-- | :-- | +| `Microsoft.Network/vpnGateways` | 2021-03-01 | +| `Microsoft.Network/vpnGateways/natRules` | 2021-05-01 | +| `Microsoft.Network/vpnGateways/vpnConnections` | 2021-05-01 | + +## Parameters + +| Parameter Name | Type | Default Value | Possible Values | Description | +| :-- | :-- | :-- | :-- | :-- | +| `bgpSettings` | object | `{object}` | | Optional. BGP settings details. | +| `connections` | _[connections](connections/readme.md)_ array | `[]` | | Optional. The connections to create in the VPN gateway | +| `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | +| `enableBgpRouteTranslationForNat` | bool | | | Optional. Enable BGP routes translation for NAT on this VPNGateway. | +| `isRoutingPreferenceInternet` | bool | | | Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway. | +| `location` | string | `[resourceGroup().location]` | | Optional. Location where all resources will be created. | +| `name` | string | | | Required. Name of the VPN gateway | +| `natRules` | _[natRules](natRules/readme.md)_ array | `[]` | | Optional. List of all the NAT Rules to associate with the gateway. | +| `tags` | object | `{object}` | | Optional. Tags of the resource. | +| `virtualHubResourceId` | string | | | Optional. The resource ID of a virtual Hub to connect to | +| `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | + + +### Parameter Usage: `tags` + +Tag names and tag values can be provided as needed. A tag can be left without a value. + +```json +"tags": { + "value": { + "Environment": "Non-Prod", + "Contact": "test.user@testcompany.com", + "PurchaseOrder": "1234", + "CostCenter": "7890", + "ServiceName": "DeploymentValidation", + "Role": "DeploymentValidation" + } +} +``` + +## Outputs + +| Output Name | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the VPN gateway | +| `resourceGroupName` | string | The name of the resource group the VPN gateway was deployed into | +| `resourceId` | string | The resource ID of the VPN gateway | + +## Template references + +- [Vpngateways](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-03-01/vpnGateways) +- [Vpngateways/Natrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/natRules) +- [Vpngateways/Vpnconnections](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/vpnConnections) From f7d95011f44eb6f91bc1a8485924c7de5755ffbe Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:17:36 +0100 Subject: [PATCH 12/53] Update to latest --- .azuredevops/pipelineTemplates/jobs.validateModulePester.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml b/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml index beb9661412..289dc57d3f 100644 --- a/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml +++ b/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml @@ -164,7 +164,7 @@ jobs: Verbosity = 'Detailed' } } -ErrorAction 'Stop' - errorActionPreference: continue + errorActionPreference: stop - task: PublishTestResults@2 displayName: Publish Test Results @@ -269,7 +269,7 @@ jobs: Verbosity = 'Detailed' } } -ErrorAction 'Stop' - errorActionPreference: continue + errorActionPreference: stop - task: PublishTestResults@2 displayName: Publish Test Results From 319bcd4c86b12092a1b7e607d751d2026ec760fd Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:20:22 +0100 Subject: [PATCH 13/53] Update to latest --- .../pipelineTemplates/jobs.validateModulePester.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml b/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml index 289dc57d3f..f946e0ef4f 100644 --- a/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml +++ b/.azuredevops/pipelineTemplates/jobs.validateModulePester.yml @@ -164,7 +164,7 @@ jobs: Verbosity = 'Detailed' } } -ErrorAction 'Stop' - errorActionPreference: stop + errorActionPreference: continue - task: PublishTestResults@2 displayName: Publish Test Results @@ -172,7 +172,7 @@ jobs: testRunTitle: 'Global Module Tests' testResultsFormat: NUnit testResultsFiles: global-testResults.xml - failTaskOnFailedTests: false + failTaskOnFailedTests: true searchFolder: 'arm/.global' continueOnError: false condition: succeededOrFailed() @@ -269,7 +269,7 @@ jobs: Verbosity = 'Detailed' } } -ErrorAction 'Stop' - errorActionPreference: stop + errorActionPreference: continue - task: PublishTestResults@2 displayName: Publish Test Results @@ -277,7 +277,7 @@ jobs: testRunTitle: 'Global Module API Tests' testResultsFormat: NUnit testResultsFiles: api-testResults.xml - failTaskOnFailedTests: false + failTaskOnFailedTests: true searchFolder: 'arm/.global' continueOnError: false condition: succeededOrFailed() From bdc1b85fb9d59f9c3945953b8b1f7abf8a9559ea Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:23:39 +0100 Subject: [PATCH 14/53] Added missing version file --- arm/Microsoft.Network/vpnGateways/connections/version.json | 4 ++++ arm/Microsoft.Network/vpnGateways/natRules/version.json | 4 ++++ 2 files changed, 8 insertions(+) create mode 100644 arm/Microsoft.Network/vpnGateways/connections/version.json create mode 100644 arm/Microsoft.Network/vpnGateways/natRules/version.json diff --git a/arm/Microsoft.Network/vpnGateways/connections/version.json b/arm/Microsoft.Network/vpnGateways/connections/version.json new file mode 100644 index 0000000000..41f66cc990 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/connections/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.1" +} diff --git a/arm/Microsoft.Network/vpnGateways/natRules/version.json b/arm/Microsoft.Network/vpnGateways/natRules/version.json new file mode 100644 index 0000000000..41f66cc990 --- /dev/null +++ b/arm/Microsoft.Network/vpnGateways/natRules/version.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", + "version": "0.1" +} From 5c962665cbaef3cefd6a6c73735b4036459f5c93 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:24:33 +0100 Subject: [PATCH 15/53] Update to latest --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 94ce39b089..23cfbd1f5f 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -18,7 +18,7 @@ ] }, "virtualHubResourceId": { - "value": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" }, "natRules": { "value": [] From 2ad0df2255e3408e5d2e0e343de77e22bdf93de3 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:28:32 +0100 Subject: [PATCH 16/53] Update to latest --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- arm/Microsoft.Network/vpnGateways/deploy.bicep | 2 +- arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep | 2 +- arm/Microsoft.Network/vpnGateways/readme.md | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index c9db08b70a..775413ae28 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -61,7 +61,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' existing = { +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' existing = { name: vpnGatewayName } diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 0114440f2d..8cc0d83ce6 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -36,7 +36,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' = { +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { name: name location: location tags: tags diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep index ab08682e47..268d5f6e78 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -37,7 +37,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource vpnGateway 'Microsoft.Network/vpnGateways@2021-03-01' existing = { +resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' existing = { name: vpnGatewayName } diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 6562fcaed9..ac93a3e258 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -6,7 +6,7 @@ This module deploys VPN Gateways. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Network/vpnGateways` | 2021-03-01 | +| `Microsoft.Network/vpnGateways` | 2021-05-01 | | `Microsoft.Network/vpnGateways/natRules` | 2021-05-01 | | `Microsoft.Network/vpnGateways/vpnConnections` | 2021-05-01 | @@ -54,6 +54,6 @@ Tag names and tag values can be provided as needed. A tag can be left without a ## Template references -- [Vpngateways](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-03-01/vpnGateways) +- [Vpngateways](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways) - [Vpngateways/Natrules](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/natRules) - [Vpngateways/Vpnconnections](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-05-01/vpnGateways/vpnConnections) From 38a7e3c7bff9244bef9b4a7d7b287004589d107d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 21:48:37 +0100 Subject: [PATCH 17/53] Update to latest --- .../vpnGateways/.parameters/min.parameters.json | 3 +++ arm/Microsoft.Network/vpnGateways/deploy.bicep | 4 ++-- arm/Microsoft.Network/vpnGateways/readme.md | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json index bf3f0bce13..140c395de8 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -4,6 +4,9 @@ "parameters": { "name": { "value": "<>-az-vpngw-x-001" + }, + "virtualHubResourceId": { + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" } } } diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 8cc0d83ce6..2ceb832208 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -10,8 +10,8 @@ param connections array = [] @description('Optional. List of all the NAT Rules to associate with the gateway.') param natRules array = [] -@description('Optional. The resource ID of a virtual Hub to connect to') -param virtualHubResourceId string = '' +@description('Required. The resource ID of a virtual Hub to connect to') +param virtualHubResourceId string @description('Optional. BGP settings details.') param bgpSettings object = {} diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index ac93a3e258..667849c1a7 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -23,7 +23,7 @@ This module deploys VPN Gateways. | `name` | string | | | Required. Name of the VPN gateway | | `natRules` | _[natRules](natRules/readme.md)_ array | `[]` | | Optional. List of all the NAT Rules to associate with the gateway. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | -| `virtualHubResourceId` | string | | | Optional. The resource ID of a virtual Hub to connect to | +| `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to | | `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | From b015c313507ae1e2ae4f24197d5d25527c55c836 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 22:24:06 +0100 Subject: [PATCH 18/53] Update to latest --- .../vpnGateways/deploy.bicep | 2 -- arm/Microsoft.Network/vpnGateways/readme.md | 33 +++++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 2ceb832208..7af41054d9 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -48,8 +48,6 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { virtualHub: !empty(virtualHubResourceId) ? { id: virtualHubResourceId } : null - // connections: connections - // natRules: natRules } } diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 667849c1a7..30d183fabb 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -27,6 +27,39 @@ This module deploys VPN Gateways. | `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | +### Parameter Usage: `bgpSettings` + +```json +"bgpSettings": { + "asn": 65515, + "peerWeight": 0, + "bgpPeeringAddresses": [ + { + "ipconfigurationId": "Instance0", + "defaultBgpIpAddresses": [ + "10.0.0.12" + ], + "customBgpIpAddresses": [], + "tunnelIpAddresses": [ + "20.84.35.53", + "10.0.0.4" + ] + }, + { + "ipconfigurationId": "Instance1", + "defaultBgpIpAddresses": [ + "10.0.0.13" + ], + "customBgpIpAddresses": [], + "tunnelIpAddresses": [ + "20.84.34.225", + "10.0.0.5" + ] + } + ] +} +``` + ### Parameter Usage: `tags` Tag names and tag values can be provided as needed. A tag can be left without a value. From 17bc29c30e6a79033bae687b70f54eef6d94ccae Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 22:33:59 +0100 Subject: [PATCH 19/53] Update to latest --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 7af41054d9..9c3f5d0bed 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -36,6 +36,11 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } +resource virtualHub 'Microsoft.Network/virtualHubs@2021-05-01' existing = { + scope: resourceGroup(split(virtualHubResourceId, '/')[4]) + name: last(split(virtualHubResourceId, '/')) +} + resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { name: name location: location @@ -45,9 +50,7 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { enableBgpRouteTranslationForNat: enableBgpRouteTranslationForNat isRoutingPreferenceInternet: isRoutingPreferenceInternet vpnGatewayScaleUnit: vpnGatewayScaleUnit - virtualHub: !empty(virtualHubResourceId) ? { - id: virtualHubResourceId - } : null + virtualHub: virtualHub } } From 836c3a510ddabd6028f7baefe2dde355cfce3743 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 22 Feb 2022 22:41:58 +0100 Subject: [PATCH 20/53] Update to latest --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 9c3f5d0bed..ba0fbc438f 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -50,7 +50,9 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { enableBgpRouteTranslationForNat: enableBgpRouteTranslationForNat isRoutingPreferenceInternet: isRoutingPreferenceInternet vpnGatewayScaleUnit: vpnGatewayScaleUnit - virtualHub: virtualHub + virtualHub: { + id: virtualHub.id + } } } From 6a201026a2b557878005c33dd32c3d86c723606a Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 11:47:09 +0100 Subject: [PATCH 21/53] Update to latest --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 7 +------ arm/Microsoft.Network/vpnGateways/readme.md | 1 + 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index ba0fbc438f..07bcc20594 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -36,11 +36,6 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource virtualHub 'Microsoft.Network/virtualHubs@2021-05-01' existing = { - scope: resourceGroup(split(virtualHubResourceId, '/')[4]) - name: last(split(virtualHubResourceId, '/')) -} - resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { name: name location: location @@ -51,7 +46,7 @@ resource vpnGateway 'Microsoft.Network/vpnGateways@2021-05-01' = { isRoutingPreferenceInternet: isRoutingPreferenceInternet vpnGatewayScaleUnit: vpnGatewayScaleUnit virtualHub: { - id: virtualHub.id + id: virtualHubResourceId } } } diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 30d183fabb..1a901c4e5c 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -26,6 +26,7 @@ This module deploys VPN Gateways. | `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to | | `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | +### Parameter Usage: ### Parameter Usage: `bgpSettings` From a225be2025e3b8851e34df0b7a0e16f38d877fb3 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 13:08:06 +0100 Subject: [PATCH 22/53] Update to latest --- .../vpnGateways/.parameters/min.parameters.json | 2 +- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- arm/Microsoft.Network/vpnGateways/readme.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json index 140c395de8..99cb254262 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -6,7 +6,7 @@ "value": "<>-az-vpngw-x-001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/weHub" } } } diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 23cfbd1f5f..3b0484ba63 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -18,7 +18,7 @@ ] }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/alsehrHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/weHub" }, "natRules": { "value": [] diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 1a901c4e5c..3526efd563 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -23,7 +23,7 @@ This module deploys VPN Gateways. | `name` | string | | | Required. Name of the VPN gateway | | `natRules` | _[natRules](natRules/readme.md)_ array | `[]` | | Optional. List of all the NAT Rules to associate with the gateway. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | -| `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to | +| `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to. MUST be in the same location. | | `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | ### Parameter Usage: From 88ca8dfa5205a8d64b611139f0b6c877f8afc34f Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 13:56:35 +0100 Subject: [PATCH 23/53] Update to latest --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 2 +- arm/Microsoft.Network/vpnGateways/readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 07bcc20594..2dbad050c8 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -10,7 +10,7 @@ param connections array = [] @description('Optional. List of all the NAT Rules to associate with the gateway.') param natRules array = [] -@description('Required. The resource ID of a virtual Hub to connect to') +@description('Required. The resource ID of a virtual Hub to connect to. Note: The virtual Hub and Gateway must be deployed into the same location.') param virtualHubResourceId string @description('Optional. BGP settings details.') diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 3526efd563..41cdb14482 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -23,7 +23,7 @@ This module deploys VPN Gateways. | `name` | string | | | Required. Name of the VPN gateway | | `natRules` | _[natRules](natRules/readme.md)_ array | `[]` | | Optional. List of all the NAT Rules to associate with the gateway. | | `tags` | object | `{object}` | | Optional. Tags of the resource. | -| `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to. MUST be in the same location. | +| `virtualHubResourceId` | string | | | Required. The resource ID of a virtual Hub to connect to. Note: The virtual Hub and Gateway must be deployed into the same location. | | `vpnGatewayScaleUnit` | int | `2` | | Optional. The scale unit for this VPN gateway. | ### Parameter Usage: From 765b582bc68dfa6fa35d9f7cc1a7bde286781c7d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 15:13:34 +0100 Subject: [PATCH 24/53] Update to latest --- .../vpnGateways/.parameters/min.parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json index 99cb254262..d5244560bc 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "name": { - "value": "<>-az-vpngw-x-001" + "value": "<>-az-vpngw-min-001" }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/weHub" From be06cb9242a5783d7a21de9a719cfe0add993fb4 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 15:15:04 +0100 Subject: [PATCH 25/53] Update to latest --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 4 ---- arm/Microsoft.Network/vpnGateways/deploy.bicep | 1 - 2 files changed, 5 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 775413ae28..4c0be336c7 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -34,9 +34,6 @@ param enableBgp bool = false @description('Optional. Routing weight for VPN connection.') param routingWeight int = 0 -@description('Optional. DPD timeout in seconds for VPN connection.') -param dpdTimeoutSeconds int = 0 - @description('Optional. Expected bandwidth in MBPS.') param connectionBandwidth int = 10 @@ -70,7 +67,6 @@ resource vpnConnection 'Microsoft.Network/vpnGateways/vpnConnections@2021-05-01' parent: vpnGateway properties: { connectionBandwidth: connectionBandwidth - dpdTimeoutSeconds: dpdTimeoutSeconds enableBgp: enableBgp enableInternetSecurity: enableInternetSecurity enableRateLimiting: enableRateLimiting diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 2dbad050c8..7fa8bddd30 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -70,7 +70,6 @@ module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, ind name: connection.name vpnGatewayName: vpnGateway.name connectionBandwidth: contains(connection, 'connectionBandwidth') ? connection.connectionBandwidth : 10 - dpdTimeoutSeconds: contains(connection, 'dpdTimeoutSeconds') ? connection.dpdTimeoutSeconds : 0 enableBgp: contains(connection, 'enableBgp') ? connection.enableBgp : false enableInternetSecurity: contains(connection, 'enableInternetSecurity') ? connection.enableInternetSecurity : false enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : false From 757d9f16c12294e8666dbfb2e2a43e0d96828742 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 15:15:38 +0100 Subject: [PATCH 26/53] Disabled jbos --- .../modulePipelines/ms.network.vpnGateways.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml index ee7445ae29..f40fbec40e 100644 --- a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml +++ b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml @@ -30,10 +30,10 @@ variables: value: '/arm/Microsoft.Network/vpnGateways' stages: - - stage: Validation - displayName: Pester tests - jobs: - - template: /.azuredevops/pipelineTemplates/jobs.validateModulePester.yml + # - stage: Validation + # displayName: Pester tests + # jobs: + # - template: /.azuredevops/pipelineTemplates/jobs.validateModulePester.yml - stage: Deployment displayName: Deployment tests @@ -45,8 +45,8 @@ stages: - path: $(modulePath)/.parameters/min.parameters.json - path: $(modulePath)/.parameters/parameters.json - - stage: Publishing - displayName: Publish module - condition: and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), eq(variables['Build.SourceBranch'], 'refs/heads/master'), eq('${{ parameters.prerelease }}', 'true'))) - jobs: - - template: /.azuredevops/pipelineTemplates/jobs.publishModule.yml + # - stage: Publishing + # displayName: Publish module + # condition: and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), eq(variables['Build.SourceBranch'], 'refs/heads/master'), eq('${{ parameters.prerelease }}', 'true'))) + # jobs: + # - template: /.azuredevops/pipelineTemplates/jobs.publishModule.yml From 6e6c389b2b3e4c5d5f32bc1eeb7b7d1456decf5f Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 16:26:47 +0100 Subject: [PATCH 27/53] Update to latest --- .../vpnGateways/.parameters/min.parameters.json | 2 +- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json index d5244560bc..fb138d7fd3 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -6,7 +6,7 @@ "value": "<>-az-vpngw-min-001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/weHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/minHub" } } } diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 3b0484ba63..4cd516deb1 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -18,7 +18,7 @@ ] }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/weHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/parHub" }, "natRules": { "value": [] From f3a7f53c42033f7fada199f705ef128db89203b9 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 17:56:27 +0100 Subject: [PATCH 28/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 8 +++----- arm/Microsoft.Network/vpnGateways/deploy.bicep | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 4cd516deb1..9d506aefd8 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -9,11 +9,9 @@ "value": [ { "name": "SampleVpnsiteVpnGwConnection", - "properties": { - "connectionBandwidth": 10, - "enableBgp": true, - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" - } + "connectionBandwidth": 10, + "enableBgp": true, + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" } ] }, diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 7fa8bddd30..3c35905d0c 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -72,8 +72,8 @@ module vpnGateway_connections 'connections/deploy.bicep' = [for (connection, ind connectionBandwidth: contains(connection, 'connectionBandwidth') ? connection.connectionBandwidth : 10 enableBgp: contains(connection, 'enableBgp') ? connection.enableBgp : false enableInternetSecurity: contains(connection, 'enableInternetSecurity') ? connection.enableInternetSecurity : false - enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : false remoteVpnSiteResourceId: contains(connection, 'remoteVpnSiteResourceId') ? connection.remoteVpnSiteResourceId : '' + enableRateLimiting: contains(connection, 'enableRateLimiting') ? connection.enableRateLimiting : false routingConfiguration: contains(connection, 'routingConfiguration') ? connection.routingConfiguration : {} routingWeight: contains(connection, 'routingWeight') ? connection.routingWeight : 0 sharedKey: contains(connection, 'sharedKey') ? connection.sharedKey : '' From a5a85f699eaa5a66ec740edf84c4d10c860359a7 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 18:19:35 +0100 Subject: [PATCH 29/53] Added NAT rules --- .../vpnGateways/.parameters/parameters.json | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 9d506aefd8..98870087ff 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -19,7 +19,24 @@ "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/parHub" }, "natRules": { - "value": [] + "value": [ + { + "name": "natRule1", + // "ipConfigurationId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/cloudnet1-VNG/ipConfigurations/default", + "internalMappings": [ + { + "addressSpace": "10.4.0.0/24" + } + ], + "externalMappings": [ + { + "addressSpace": "192.168.21.0/24" + } + ], + "type": "Static", + "mode": "EgressSnat" + } + ] }, "bgpSettings": { "value": { From 32370cf5fc3937431eaa3e4a5773d4d5b2b11ffb Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 18:46:36 +0100 Subject: [PATCH 30/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 98870087ff..5f388d9749 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -5,16 +5,16 @@ "name": { "value": "<>-az-vpngw-x-001" }, - "connections": { - "value": [ - { - "name": "SampleVpnsiteVpnGwConnection", - "connectionBandwidth": 10, - "enableBgp": true, - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" - } - ] - }, + // "connections": { + // "value": [ + // { + // "name": "SampleVpnsiteVpnGwConnection", + // "connectionBandwidth": 10, + // "enableBgp": true, + // "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + // } + // ] + // }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/parHub" }, From 1d0ef9bb1cb64712fa9f8d164f64efb4fb9ff5ee Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 23 Feb 2022 23:17:04 +0100 Subject: [PATCH 31/53] Update to latest --- .azuredevops/modulePipelines/ms.network.vpnGateways.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml index f40fbec40e..fe5a2e7099 100644 --- a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml +++ b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml @@ -42,7 +42,7 @@ stages: parameters: removeDeployment: '${{ parameters.removeDeployment }}' deploymentBlocks: - - path: $(modulePath)/.parameters/min.parameters.json + #- path: $(modulePath)/.parameters/min.parameters.json - path: $(modulePath)/.parameters/parameters.json # - stage: Publishing From f894559023ddb88c47663ee98de9273c8d9b7c7d Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 24 Feb 2022 00:44:41 +0100 Subject: [PATCH 32/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 5f388d9749..753a8e8797 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -5,19 +5,19 @@ "name": { "value": "<>-az-vpngw-x-001" }, - // "connections": { - // "value": [ - // { - // "name": "SampleVpnsiteVpnGwConnection", - // "connectionBandwidth": 10, - // "enableBgp": true, - // "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" - // } - // ] - // }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/parHub" }, + "connections": { + "value": [ + { + "name": "SampleVpnsiteVpnGwConnection", + "connectionBandwidth": 10, + "enableBgp": true, + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + } + ] + }, "natRules": { "value": [ { From 712f425120119b0b3a612266f4e51e334bc4b785 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 24 Feb 2022 00:46:54 +0100 Subject: [PATCH 33/53] Added vpn link config --- .../vpnGateways/.parameters/parameters.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 753a8e8797..9c5ba1c7dd 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -14,6 +14,20 @@ "name": "SampleVpnsiteVpnGwConnection", "connectionBandwidth": 10, "enableBgp": true, + "vpnLinkConnections": [ + { + "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link1", + "name": "link1", + "properties": { + "ipsecPolicies": [], + "vpnSiteLink": { + "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link1" + }, + "vpnConnectionProtocolType": "IKEv2", + "usePolicyBasedTrafficSelectors": false + } + } + ], "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" } ] From 6384bb72c06156d97d86ca9fa47fe301bd6e235e Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 24 Feb 2022 19:46:27 +0100 Subject: [PATCH 34/53] Update to latest --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 9c5ba1c7dd..57e16d1146 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -28,7 +28,7 @@ } } ], - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/spoke" } ] }, From 4a007b30306c59a53472a1bd27f2e5a8bd534245 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 28 Feb 2022 14:47:22 +0100 Subject: [PATCH 35/53] Updated Link --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 57e16d1146..fcb9c99ce9 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -16,12 +16,12 @@ "enableBgp": true, "vpnLinkConnections": [ { - "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link1", + "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link2", "name": "link1", "properties": { "ipsecPolicies": [], "vpnSiteLink": { - "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link1" + "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link2" }, "vpnConnectionProtocolType": "IKEv2", "usePolicyBasedTrafficSelectors": false From f58c41db4f03fdda7c387f30663250721b1b71d0 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 28 Feb 2022 16:31:13 +0100 Subject: [PATCH 36/53] Update to latest --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index fcb9c99ce9..04edddfba8 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -16,12 +16,12 @@ "enableBgp": true, "vpnLinkConnections": [ { - "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link2", + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/myspoke/vpnSiteLinks/Link1", "name": "link1", "properties": { "ipsecPolicies": [], "vpnSiteLink": { - "id": "/subscriptions//<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/link2" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/myspoke/vpnSiteLinks/Link1" }, "vpnConnectionProtocolType": "IKEv2", "usePolicyBasedTrafficSelectors": false From cb0572d21d8f3e8fde99d82ef58b8f392eb6d1fa Mon Sep 17 00:00:00 2001 From: MrMCake Date: Mon, 28 Feb 2022 19:22:30 +0100 Subject: [PATCH 37/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 04edddfba8..a6bb31b460 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -16,19 +16,19 @@ "enableBgp": true, "vpnLinkConnections": [ { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/myspoke/vpnSiteLinks/Link1", + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite/vpnSiteLinks/Link1", "name": "link1", "properties": { "ipsecPolicies": [], "vpnSiteLink": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/myspoke/vpnSiteLinks/Link1" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite/vpnSiteLinks/Link1" }, "vpnConnectionProtocolType": "IKEv2", "usePolicyBasedTrafficSelectors": false } } ], - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/spoke" + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite" } ] }, From 59a95a1d0e50c46db74c2bddcd9aada436d633ca Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 2 Mar 2022 08:39:38 +0100 Subject: [PATCH 38/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index a6bb31b460..db28da75cf 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -3,10 +3,10 @@ "contentVersion": "1.0.0.0", "parameters": { "name": { - "value": "<>-az-vpngw-x-001" + "value": "carml-az-vpngw-x-001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/parHub" + "value": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" }, "connections": { "value": [ @@ -16,19 +16,20 @@ "enableBgp": true, "vpnLinkConnections": [ { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite/vpnSiteLinks/Link1", - "name": "link1", + // "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/Link1", + // "name": "link1", + "name": "SampleVpnsiteVpnGwConnection", "properties": { "ipsecPolicies": [], "vpnSiteLink": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite/vpnSiteLinks/Link1" + "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/Link1" }, "vpnConnectionProtocolType": "IKEv2", "usePolicyBasedTrafficSelectors": false } } ], - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite" + "remoteVpnSiteResourceId": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite" } ] }, From 38f266fb3c3a5bbfeb32ca1847fea839c956174b Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 2 Mar 2022 21:56:06 +0100 Subject: [PATCH 39/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 47 ++++++++++--------- 1 file changed, 25 insertions(+), 22 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index db28da75cf..91ca766373 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -8,28 +8,37 @@ "virtualHubResourceId": { "value": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" }, + "bgpSettings": { + "value": { + "asn": 65515, + "peerWeight": 0 + } + }, "connections": { "value": [ { - "name": "SampleVpnsiteVpnGwConnection", + "name": "Connection-SampleVpnSite", "connectionBandwidth": 10, "enableBgp": true, - "vpnLinkConnections": [ - { - // "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/Link1", - // "name": "link1", - "name": "SampleVpnsiteVpnGwConnection", - "properties": { - "ipsecPolicies": [], - "vpnSiteLink": { - "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite/vpnSiteLinks/Link1" - }, - "vpnConnectionProtocolType": "IKEv2", - "usePolicyBasedTrafficSelectors": false - } + "routingConfiguration": { + "associatedRouteTable": { + "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + }, + "propagatedRouteTables": { + "labels": [ + "default" + ], + "ids": [ + { + "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + } + ] + }, + "vnetRoutes": { + "staticRoutes": [] } - ], - "remoteVpnSiteResourceId": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/vpnsite" + }, + "remoteVpnSiteResourceId": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" } ] }, @@ -37,7 +46,6 @@ "value": [ { "name": "natRule1", - // "ipConfigurationId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/cloudnet1-VNG/ipConfigurations/default", "internalMappings": [ { "addressSpace": "10.4.0.0/24" @@ -52,11 +60,6 @@ "mode": "EgressSnat" } ] - }, - "bgpSettings": { - "value": { - "asn": 65515 - } } } } From 67ca1998e4d19bd04d5f85c67d52837760879a9f Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 2 Mar 2022 22:04:31 +0100 Subject: [PATCH 40/53] Update to latest --- .../ms.network.vpnGateways.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml index fe5a2e7099..ee7445ae29 100644 --- a/.azuredevops/modulePipelines/ms.network.vpnGateways.yml +++ b/.azuredevops/modulePipelines/ms.network.vpnGateways.yml @@ -30,10 +30,10 @@ variables: value: '/arm/Microsoft.Network/vpnGateways' stages: - # - stage: Validation - # displayName: Pester tests - # jobs: - # - template: /.azuredevops/pipelineTemplates/jobs.validateModulePester.yml + - stage: Validation + displayName: Pester tests + jobs: + - template: /.azuredevops/pipelineTemplates/jobs.validateModulePester.yml - stage: Deployment displayName: Deployment tests @@ -42,11 +42,11 @@ stages: parameters: removeDeployment: '${{ parameters.removeDeployment }}' deploymentBlocks: - #- path: $(modulePath)/.parameters/min.parameters.json + - path: $(modulePath)/.parameters/min.parameters.json - path: $(modulePath)/.parameters/parameters.json - # - stage: Publishing - # displayName: Publish module - # condition: and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), eq(variables['Build.SourceBranch'], 'refs/heads/master'), eq('${{ parameters.prerelease }}', 'true'))) - # jobs: - # - template: /.azuredevops/pipelineTemplates/jobs.publishModule.yml + - stage: Publishing + displayName: Publish module + condition: and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), eq(variables['Build.SourceBranch'], 'refs/heads/master'), eq('${{ parameters.prerelease }}', 'true'))) + jobs: + - template: /.azuredevops/pipelineTemplates/jobs.publishModule.yml From 655d9a30326b1a9ac312c79dff0bfa63ac662627 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Wed, 2 Mar 2022 22:06:41 +0100 Subject: [PATCH 41/53] Update to latest --- .../vpnGateways/.parameters/parameters.json | 8 +++---- .../vpnGateways/connections/readme.md | 23 +++++++++++++++++++ 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 91ca766373..236821a959 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -6,7 +6,7 @@ "value": "carml-az-vpngw-x-001" }, "virtualHubResourceId": { - "value": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" }, "bgpSettings": { "value": { @@ -22,7 +22,7 @@ "enableBgp": true, "routingConfiguration": { "associatedRouteTable": { - "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" }, "propagatedRouteTables": { "labels": [ @@ -30,7 +30,7 @@ ], "ids": [ { - "id": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" } ] }, @@ -38,7 +38,7 @@ "staticRoutes": [] } }, - "remoteVpnSiteResourceId": "/subscriptions/a7439831-1cd9-435d-a091-4aa863c96556/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" } ] }, diff --git a/arm/Microsoft.Network/vpnGateways/connections/readme.md b/arm/Microsoft.Network/vpnGateways/connections/readme.md index 2d79aeef12..d5da39b5dd 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/readme.md +++ b/arm/Microsoft.Network/vpnGateways/connections/readme.md @@ -31,6 +31,29 @@ This module deploys VPN Gateways Connections. | `vpnGatewayName` | string | | | Required. The name of the VPN gateway this VPN connection is associated with. | | `vpnLinkConnections` | array | `[]` | | Optional. List of all VPN site link connections to the gateway. | +### Parameter Usage: `routingConfiguration` + +```json +"routingConfiguration": { + "associatedRouteTable": { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + }, + "propagatedRouteTables": { + "labels": [ + "default" + ], + "ids": [ + { + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + } + ] + }, + "vnetRoutes": { + "staticRoutes": [] + } +} +``` + ## Outputs | Output Name | Type | Description | From 24b54a97c348b48d85200e73b18a9d228506b619 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:45:28 +0000 Subject: [PATCH 42/53] Update arm/Microsoft.Network/vpnGateways/.parameters/parameters.json Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 236821a959..31dba671b2 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "name": { - "value": "carml-az-vpngw-x-001" + "value": "<>-az-vpngw-x-001" }, "virtualHubResourceId": { "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" From 2baaa7f2d896ef9e326c691979d20ba7706f7603 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:46:22 +0000 Subject: [PATCH 43/53] Update arm/Microsoft.Network/vpnGateways/.parameters/parameters.json Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/.parameters/parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 31dba671b2..0625a5537f 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -6,7 +6,7 @@ "value": "<>-az-vpngw-x-001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001" }, "bgpSettings": { "value": { From 5e4eebf64e9e6a5d1c71944ee20fa3df8b2207fd Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:47:21 +0000 Subject: [PATCH 44/53] Update arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- .../vpnGateways/.parameters/min.parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json index fb138d7fd3..4ed3a736e6 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/min.parameters.json @@ -6,7 +6,7 @@ "value": "<>-az-vpngw-min-001" }, "virtualHubResourceId": { - "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/minHub" + "value": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-min-001" } } } From 664edc73cc7ef7d2c87706f57642614a8eeb9efc Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:48:07 +0000 Subject: [PATCH 45/53] Update arm/Microsoft.Network/vpnGateways/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index 3c35905d0c..d56cf85d47 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -16,7 +16,7 @@ param virtualHubResourceId string @description('Optional. BGP settings details.') param bgpSettings object = {} -@description('Optional. Enable BGP routes translation for NAT on this VPNGateway.') +@description('Optional. Enable BGP routes translation for NAT on this VPN gateway.') param enableBgpRouteTranslationForNat bool = false @description('Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway.') From af075d3017538cd8bcc1c6ba76c11cee9382d86f Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:48:29 +0000 Subject: [PATCH 46/53] Update arm/Microsoft.Network/vpnGateways/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/deploy.bicep b/arm/Microsoft.Network/vpnGateways/deploy.bicep index d56cf85d47..72cdd9a388 100644 --- a/arm/Microsoft.Network/vpnGateways/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/deploy.bicep @@ -19,7 +19,7 @@ param bgpSettings object = {} @description('Optional. Enable BGP routes translation for NAT on this VPN gateway.') param enableBgpRouteTranslationForNat bool = false -@description('Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway.') +@description('Optional. Enable routing preference property for the public IP interface of the VPN gateway.') param isRoutingPreferenceInternet bool = false @description('Optional. The scale unit for this VPN gateway.') From 994bbb6fe3656580dedc6c8c2061725a228c7413 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:49:31 +0000 Subject: [PATCH 47/53] Update arm/Microsoft.Network/vpnGateways/connections/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 4c0be336c7..1d4c69fd04 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -4,7 +4,7 @@ param name string @description('Required. The name of the VPN gateway this VPN connection is associated with.') param vpnGatewayName string -@description('Optional. The IPSec Policies to be considered by this connection.') +@description('Optional. The IPSec policies to be considered by this connection.') param ipsecPolicies array = [] @description('Optional. The Traffic Selector Policies to be considered by this connection.') From 90419b80b1f83112b41a94ad3d256d9dc4d2fa8e Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:49:37 +0000 Subject: [PATCH 48/53] Update arm/Microsoft.Network/vpnGateways/connections/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 1d4c69fd04..d9a42bcdec 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -7,7 +7,7 @@ param vpnGatewayName string @description('Optional. The IPSec policies to be considered by this connection.') param ipsecPolicies array = [] -@description('Optional. The Traffic Selector Policies to be considered by this connection.') +@description('Optional. The traffic selector policies to be considered by this connection.') param trafficSelectorPolicies array = [] @description('Optional. List of all VPN site link connections to the gateway.') From 9027184e93f85ae81abf6e9cac453f608802d136 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:49:43 +0000 Subject: [PATCH 49/53] Update arm/Microsoft.Network/vpnGateways/connections/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index d9a42bcdec..3804460120 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -13,7 +13,7 @@ param trafficSelectorPolicies array = [] @description('Optional. List of all VPN site link connections to the gateway.') param vpnLinkConnections array = [] -@description('Optional. Routing Configuration indicating the associated and propagated route tables for this connection.') +@description('Optional. Routing configuration indicating the associated and propagated route tables for this connection.') param routingConfiguration object = {} @description('Optional. Enable policy-based traffic selectors.') From 10def834b9b43f100913e05dd138a0267d6b0f07 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:49:48 +0000 Subject: [PATCH 50/53] Update arm/Microsoft.Network/vpnGateways/connections/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/connections/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 3804460120..d1fdcf0f3b 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -19,7 +19,7 @@ param routingConfiguration object = {} @description('Optional. Enable policy-based traffic selectors.') param usePolicyBasedTrafficSelectors bool = false -@description('Optional. Use local azure IP to initiate connection.') +@description('Optional. Use local Azure IP to initiate connection.') param useLocalAzureIpAddress bool = false @description('Optional. EnableBgp flag.') From 9ba3c32fc9bbf25e9fe948e501141b629a215a20 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Fri, 4 Mar 2022 11:50:05 +0000 Subject: [PATCH 51/53] Update arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep index 268d5f6e78..678d803487 100644 --- a/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/natRules/deploy.bicep @@ -13,7 +13,7 @@ param internalMappings array = [] @description('Optional. A NAT rule must be configured to a specific VPN Gateway instance. This is applicable to Dynamic NAT only. Static NAT rules are automatically applied to both VPN Gateway instances.') param ipConfigurationId string = '' -@description('Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub\'s Site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub\'s Site-to-site VPN gateway.') +@description('Optional. The type of NAT rule for VPN NAT. IngressSnat mode (also known as Ingress Source NAT) is applicable to traffic entering the Azure hub\'s site-to-site VPN gateway. EgressSnat mode (also known as Egress Source NAT) is applicable to traffic leaving the Azure hub\'s Site-to-site VPN gateway.') @allowed([ '' 'EgressSnat' From 52c68b64fc27f526e270cab55edfdd8aa07a7f7c Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Mar 2022 12:58:36 +0100 Subject: [PATCH 52/53] Update to latest --- .../vpnGateways/connections/deploy.bicep | 4 ++-- .../vpnGateways/connections/readme.md | 13 ++++++------- arm/Microsoft.Network/vpnGateways/readme.md | 4 ++-- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep index 4c0be336c7..b6ed3193a5 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep +++ b/arm/Microsoft.Network/vpnGateways/connections/deploy.bicep @@ -22,13 +22,13 @@ param usePolicyBasedTrafficSelectors bool = false @description('Optional. Use local azure IP to initiate connection.') param useLocalAzureIpAddress bool = false -@description('Optional. EnableBgp flag.') +@description('Optional. Enable rate limiting.') param enableRateLimiting bool = false @description('Optional. Enable internet security.') param enableInternetSecurity bool = false -@description('Optional. Enable internet security.') +@description('Optional. Enable BGP flag.') param enableBgp bool = false @description('Optional. Routing weight for VPN connection.') diff --git a/arm/Microsoft.Network/vpnGateways/connections/readme.md b/arm/Microsoft.Network/vpnGateways/connections/readme.md index d5da39b5dd..407b36df3d 100644 --- a/arm/Microsoft.Network/vpnGateways/connections/readme.md +++ b/arm/Microsoft.Network/vpnGateways/connections/readme.md @@ -14,19 +14,18 @@ This module deploys VPN Gateways Connections. | :-- | :-- | :-- | :-- | :-- | | `connectionBandwidth` | int | `10` | | Optional. Expected bandwidth in MBPS. | | `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | -| `dpdTimeoutSeconds` | int | | | Optional. DPD timeout in seconds for VPN connection. | -| `enableBgp` | bool | | | Optional. Enable internet security. | -| `enableInternetSecurity` | bool | | | Optional. Enable internet security. | -| `enableRateLimiting` | bool | | | Optional. EnableBgp flag. | +| `enableBgp` | bool | `False` | | Optional. Enable BGP flag. | +| `enableInternetSecurity` | bool | `False` | | Optional. Enable internet security. | +| `enableRateLimiting` | bool | `False` | | Optional. Enable rate limiting. | | `ipsecPolicies` | array | `[]` | | Optional. The IPSec Policies to be considered by this connection. | | `name` | string | | | Required. The name of the VPN connection. | | `remoteVpnSiteResourceId` | string | | | Optional. Reference to a VPN site to link to | | `routingConfiguration` | object | `{object}` | | Optional. Routing Configuration indicating the associated and propagated route tables for this connection. | -| `routingWeight` | int | | | Optional. Routing weight for VPN connection. | +| `routingWeight` | int | `0` | | Optional. Routing weight for VPN connection. | | `sharedKey` | string | | | Optional. SharedKey for the VPN connection. | | `trafficSelectorPolicies` | array | `[]` | | Optional. The Traffic Selector Policies to be considered by this connection. | -| `useLocalAzureIpAddress` | bool | | | Optional. Use local azure IP to initiate connection. | -| `usePolicyBasedTrafficSelectors` | bool | | | Optional. Enable policy-based traffic selectors. | +| `useLocalAzureIpAddress` | bool | `False` | | Optional. Use local azure IP to initiate connection. | +| `usePolicyBasedTrafficSelectors` | bool | `False` | | Optional. Enable policy-based traffic selectors. | | `vpnConnectionProtocolType` | string | `IKEv2` | `[IKEv1, IKEv2]` | Optional. Gateway connection protocol. | | `vpnGatewayName` | string | | | Required. The name of the VPN gateway this VPN connection is associated with. | | `vpnLinkConnections` | array | `[]` | | Optional. List of all VPN site link connections to the gateway. | diff --git a/arm/Microsoft.Network/vpnGateways/readme.md b/arm/Microsoft.Network/vpnGateways/readme.md index 41cdb14482..8b4cabcd31 100644 --- a/arm/Microsoft.Network/vpnGateways/readme.md +++ b/arm/Microsoft.Network/vpnGateways/readme.md @@ -17,8 +17,8 @@ This module deploys VPN Gateways. | `bgpSettings` | object | `{object}` | | Optional. BGP settings details. | | `connections` | _[connections](connections/readme.md)_ array | `[]` | | Optional. The connections to create in the VPN gateway | | `cuaId` | string | | | Optional. Customer Usage Attribution ID (GUID). This GUID must be previously registered | -| `enableBgpRouteTranslationForNat` | bool | | | Optional. Enable BGP routes translation for NAT on this VPNGateway. | -| `isRoutingPreferenceInternet` | bool | | | Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway. | +| `enableBgpRouteTranslationForNat` | bool | `False` | | Optional. Enable BGP routes translation for NAT on this VPNGateway. | +| `isRoutingPreferenceInternet` | bool | `False` | | Optional. Enable Routing Preference property for the Public IP Interface of the VPNGateway. | | `location` | string | `[resourceGroup().location]` | | Optional. Location where all resources will be created. | | `name` | string | | | Required. Name of the VPN gateway | | `natRules` | _[natRules](natRules/readme.md)_ array | `[]` | | Optional. List of all the NAT Rules to associate with the gateway. | From f83d774c67a0e9e21cd848bbbb2809981bd6f88b Mon Sep 17 00:00:00 2001 From: MrMCake Date: Fri, 4 Mar 2022 13:17:41 +0100 Subject: [PATCH 53/53] rename --- .../vpnGateways/.parameters/parameters.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json index 0625a5537f..af4f1eca8f 100644 --- a/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json +++ b/arm/Microsoft.Network/vpnGateways/.parameters/parameters.json @@ -17,12 +17,12 @@ "connections": { "value": [ { - "name": "Connection-SampleVpnSite", + "name": "Connection-<>-az-vsite-x-001", "connectionBandwidth": 10, "enableBgp": true, "routingConfiguration": { "associatedRouteTable": { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" }, "propagatedRouteTables": { "labels": [ @@ -30,7 +30,7 @@ ], "ids": [ { - "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/SampleVirtualHub/hubRouteTables/defaultRouteTable" + "id": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualHubs/<>-az-vhub-x-001/hubRouteTables/defaultRouteTable" } ] }, @@ -38,7 +38,7 @@ "staticRoutes": [] } }, - "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/SampleVpnSite" + "remoteVpnSiteResourceId": "/subscriptions/<>/resourceGroups/validation-rg/providers/Microsoft.Network/vpnSites/<>-az-vsite-x-001" } ] },