This page documents the language specification for the azure package. If you're looking for help working with the inputs, outputs, or functions of azure resources in a Pulumi program, please see the resource documentation for examples and API reference.

network

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-azure repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-azurerm repo.

class pulumi_azure.network.ApplicationGateway(resource_name, opts=None, authentication_certificates=None, autoscale_configuration=None, backend_address_pools=None, backend_http_settings=None, custom_error_configurations=None, enable_http2=None, firewall_policy_id=None, frontend_ip_configurations=None, frontend_ports=None, gateway_ip_configurations=None, http_listeners=None, identity=None, location=None, name=None, probes=None, redirect_configurations=None, request_routing_rules=None, resource_group_name=None, rewrite_rule_sets=None, sku=None, ssl_certificates=None, ssl_policies=None, tags=None, trusted_root_certificates=None, url_path_maps=None, waf_configuration=None, zones=None, __props__=None, __name__=None, __opts__=None)

Manages an Application Gateway.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    address_spaces=["10.254.0.0/16"])
frontend = azure.network.Subnet("frontend",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.254.0.0/24"])
backend = azure.network.Subnet("backend",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.254.2.0/24"])
example_public_ip = azure.network.PublicIp("examplePublicIp",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    allocation_method="Dynamic")
backend_address_pool_name = example_virtual_network.name.apply(lambda name: f"{name}-beap")
frontend_port_name = example_virtual_network.name.apply(lambda name: f"{name}-feport")
frontend_ip_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-feip")
http_setting_name = example_virtual_network.name.apply(lambda name: f"{name}-be-htst")
listener_name = example_virtual_network.name.apply(lambda name: f"{name}-httplstn")
request_routing_rule_name = example_virtual_network.name.apply(lambda name: f"{name}-rqrt")
redirect_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-rdrcfg")
network = azure.network.ApplicationGateway("network",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    sku={
        "name": "Standard_Small",
        "tier": "Standard",
        "capacity": 2,
    },
    gateway_ip_configuration=[{
        "name": "my-gateway-ip-configuration",
        "subnet_id": frontend.id,
    }],
    frontend_port=[{
        "name": frontend_port_name,
        "port": 80,
    }],
    frontend_ip_configuration=[{
        "name": frontend_ip_configuration_name,
        "public_ip_address_id": example_public_ip.id,
    }],
    backend_address_pool=[{
        "name": backend_address_pool_name,
    }],
    backend_http_settings=[{
        "name": http_setting_name,
        "cookieBasedAffinity": "Disabled",
        "path": "/path1/",
        "port": 80,
        "protocol": "Http",
        "requestTimeout": 1,
    }],
    http_listener=[{
        "name": listener_name,
        "frontend_ip_configuration_name": frontend_ip_configuration_name,
        "frontendPortName": frontend_port_name,
        "protocol": "Http",
    }],
    request_routing_rule=[{
        "name": request_routing_rule_name,
        "ruleType": "Basic",
        "httpListenerName": listener_name,
        "backendAddressPoolName": backend_address_pool_name,
        "backendHttpSettingsName": http_setting_name,
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • authentication_certificates (pulumi.Input[list]) – One or more authentication_certificate blocks as defined below.

  • autoscale_configuration (pulumi.Input[dict]) – A autoscale_configuration block as defined below.

  • backend_address_pools (pulumi.Input[list]) – One or more backend_address_pool blocks as defined below.

  • backend_http_settings (pulumi.Input[list]) – One or more backend_http_settings blocks as defined below.

  • custom_error_configurations (pulumi.Input[list]) – One or more custom_error_configuration blocks as defined below.

  • enable_http2 (pulumi.Input[bool]) – Is HTTP2 enabled on the application gateway resource? Defaults to false.

  • firewall_policy_id (pulumi.Input[str]) – The resource ID of a firewall policy.

  • frontend_ip_configurations (pulumi.Input[list]) – One or more frontend_ip_configuration blocks as defined below.

  • frontend_ports (pulumi.Input[list]) – One or more frontend_port blocks as defined below.

  • gateway_ip_configurations (pulumi.Input[list]) – One or more gateway_ip_configuration blocks as defined below.

  • http_listeners (pulumi.Input[list]) – One or more http_listener blocks as defined below.

  • identity (pulumi.Input[dict]) – A identity block.

  • location (pulumi.Input[str]) – The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Application Gateway. Changing this forces a new resource to be created.

  • probes (pulumi.Input[list]) – One or more probe blocks as defined below.

  • redirect_configurations (pulumi.Input[list]) – A redirect_configuration block as defined below.

  • request_routing_rules (pulumi.Input[list]) – One or more request_routing_rule blocks as defined below.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

  • rewrite_rule_sets (pulumi.Input[list]) – One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

  • sku (pulumi.Input[dict]) – A sku block as defined below.

  • ssl_certificates (pulumi.Input[list]) – One or more ssl_certificate blocks as defined below.

  • ssl_policies (pulumi.Input[list]) – a ssl policy block as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • trusted_root_certificates (pulumi.Input[list]) – One or more trusted_root_certificate blocks as defined below.

  • url_path_maps (pulumi.Input[list]) – One or more url_path_map blocks as defined below.

  • waf_configuration (pulumi.Input[dict]) – A waf_configuration block as defined below.

  • zones (pulumi.Input[list]) – A collection of availability zones to spread the Application Gateway over.

The authentication_certificates object supports the following:

  • data (pulumi.Input[str]) - The contents of the Authentication Certificate which should be used.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Authentication Certificate.

The autoscale_configuration object supports the following:

  • maxCapacity (pulumi.Input[float]) - Maximum capacity for autoscaling. Accepted values are in the range 2 to 125.

  • min_capacity (pulumi.Input[float]) - Minimum capacity for autoscaling. Accepted values are in the range 0 to 100.

The backend_address_pools object supports the following:

  • fqdns (pulumi.Input[list]) - A list of FQDN’s which should be part of the Backend Address Pool.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • ipAddresses (pulumi.Input[list]) - A list of IP Addresses which should be part of the Backend Address Pool.

  • name (pulumi.Input[str]) - The name of the Backend Address Pool.

The backend_http_settings object supports the following:

  • affinityCookieName (pulumi.Input[str]) - The name of the affinity cookie.

  • authentication_certificates (pulumi.Input[list]) - One or more authentication_certificate blocks.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • name (pulumi.Input[str]) - The name of the Authentication Certificate.

  • connectionDraining (pulumi.Input[dict]) - A connection_draining block as defined below.

    • drainTimeoutSec (pulumi.Input[float]) - The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

    • enabled (pulumi.Input[bool]) - If connection draining is enabled or not.

  • cookieBasedAffinity (pulumi.Input[str]) - Is Cookie-Based Affinity enabled? Possible values are Enabled and Disabled.

  • host_name (pulumi.Input[str]) - Host header to be sent to the backend servers. Cannot be set if pick_host_name_from_backend_address is set to true.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Backend HTTP Settings Collection.

  • path (pulumi.Input[str]) - The Path which should be used as a prefix for all HTTP requests.

  • pickHostNameFromBackendAddress (pulumi.Input[bool]) - Whether host header should be picked from the host name of the backend server. Defaults to false.

  • port (pulumi.Input[float]) - The port which should be used for this Backend HTTP Settings Collection.

  • probe_id (pulumi.Input[str]) - The ID of the associated Probe.

  • probeName (pulumi.Input[str]) - The name of an associated HTTP Probe.

  • protocol (pulumi.Input[str]) - The Protocol which should be used. Possible values are Http and Https.

  • requestTimeout (pulumi.Input[float]) - The request timeout in seconds, which must be between 1 and 86400 seconds.

  • trustedRootCertificateNames (pulumi.Input[list]) - A list of trusted_root_certificate names.

The custom_error_configurations object supports the following:

  • customErrorPageUrl (pulumi.Input[str]) - Error page URL of the application gateway customer error.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • statusCode (pulumi.Input[str]) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

The frontend_ip_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Frontend IP Configuration.

  • private_ip_address (pulumi.Input[str]) - The Private IP Address to use for the Application Gateway.

  • privateIpAddressAllocation (pulumi.Input[str]) - The Allocation Method for the Private IP Address. Possible values are Dynamic and Static.

  • public_ip_address_id (pulumi.Input[str]) - The ID of a Public IP Address which the Application Gateway should use.

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet.

The frontend_ports object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Frontend Port.

  • port (pulumi.Input[float]) - The port used for this Frontend Port.

The gateway_ip_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of this Gateway IP Configuration.

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet which the Application Gateway should be connected to.

The http_listeners object supports the following:

  • custom_error_configurations (pulumi.Input[list]) - One or more custom_error_configuration blocks as defined below.

    • customErrorPageUrl (pulumi.Input[str]) - Error page URL of the application gateway customer error.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • statusCode (pulumi.Input[str]) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

  • frontend_ip_configuration_id (pulumi.Input[str]) - The ID of the associated Frontend Configuration.

  • frontend_ip_configuration_name (pulumi.Input[str]) - The Name of the Frontend IP Configuration used for this HTTP Listener.

  • frontendPortId (pulumi.Input[str]) - The ID of the associated Frontend Port.

  • frontendPortName (pulumi.Input[str]) - The Name of the Frontend Port use for this HTTP Listener.

  • host_name (pulumi.Input[str]) - The Hostname which should be used for this HTTP Listener.

  • host_names (pulumi.Input[list]) - A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the HTTP Listener.

  • protocol (pulumi.Input[str]) - The Protocol to use for this HTTP Listener. Possible values are Http and Https.

  • requireSni (pulumi.Input[bool]) - Should Server Name Indication be Required? Defaults to false.

  • sslCertificateId (pulumi.Input[str]) - The ID of the associated SSL Certificate.

  • sslCertificateName (pulumi.Input[str]) - The name of the associated SSL Certificate which should be used for this HTTP Listener.

The identity object supports the following:

  • identityIds (pulumi.Input[str]) - Specifies a list with a single user managed identity id to be assigned to the Application Gateway.

  • type (pulumi.Input[str]) - The Managed Service Identity Type of this Application Gateway. The only possible value is UserAssigned. Defaults to UserAssigned.

The probes object supports the following:

  • host (pulumi.Input[str]) - The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • interval (pulumi.Input[float]) - The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.

  • match (pulumi.Input[dict]) - A match block as defined above.

    • body (pulumi.Input[str]) - A snippet from the Response Body which must be present in the Response..

    • statusCodes (pulumi.Input[list]) - A list of allowed status codes for this Health Probe.

  • minimumServers (pulumi.Input[float]) - The minimum number of servers that are always marked as healthy. Defaults to 0.

  • name (pulumi.Input[str]) - The Name of the Probe.

  • path (pulumi.Input[str]) - The Path used for this Probe.

  • pickHostNameFromBackendHttpSettings (pulumi.Input[bool]) - Whether the host header should be picked from the backend http settings. Defaults to false.

  • protocol (pulumi.Input[str]) - The Protocol used for this Probe. Possible values are Http and Https.

  • timeout (pulumi.Input[float]) - The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.

  • unhealthyThreshold (pulumi.Input[float]) - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds.

The redirect_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • includePath (pulumi.Input[bool]) - Whether or not to include the path in the redirected Url. Defaults to false

  • includeQueryString (pulumi.Input[bool]) - Whether or not to include the query string in the redirected Url. Default to false

  • name (pulumi.Input[str]) - Unique name of the redirect configuration block

  • redirectType (pulumi.Input[str]) - The type of redirect. Possible values are Permanent, Temporary, Found and SeeOther

  • targetListenerId (pulumi.Input[str])

  • targetListenerName (pulumi.Input[str]) - The name of the listener to redirect to. Cannot be set if target_url is set.

  • targetUrl (pulumi.Input[str]) - The Url to redirect the request to. Cannot be set if target_listener_name is set.

The request_routing_rules object supports the following:

  • backend_address_pool_id (pulumi.Input[str]) - The ID of the associated Backend Address Pool.

  • backendAddressPoolName (pulumi.Input[str]) - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • backendHttpSettingsId (pulumi.Input[str]) - The ID of the associated Backend HTTP Settings Configuration.

  • backendHttpSettingsName (pulumi.Input[str]) - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • httpListenerId (pulumi.Input[str]) - The ID of the associated HTTP Listener.

  • httpListenerName (pulumi.Input[str]) - The Name of the HTTP Listener which should be used for this Routing Rule.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of this Request Routing Rule.

  • redirectConfigurationId (pulumi.Input[str]) - The ID of the associated Redirect Configuration.

  • redirectConfigurationName (pulumi.Input[str]) - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either backend_address_pool_name or backend_http_settings_name is set.

  • rewriteRuleSetId (pulumi.Input[str]) - The ID of the associated Rewrite Rule Set.

  • rewriteRuleSetName (pulumi.Input[str]) - The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.

  • ruleType (pulumi.Input[str]) - The Type of Routing that should be used for this Rule. Possible values are Basic and PathBasedRouting.

  • urlPathMapId (pulumi.Input[str]) - The ID of the associated URL Path Map.

  • urlPathMapName (pulumi.Input[str]) - The Name of the URL Path Map which should be associated with this Routing Rule.

The rewrite_rule_sets object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - Unique name of the rewrite rule set block

  • rewriteRules (pulumi.Input[list]) - One or more rewrite_rule blocks as defined above.

    • conditions (pulumi.Input[list]) - One or more condition blocks as defined above.

      • ignoreCase (pulumi.Input[bool]) - Perform a case in-sensitive comparison. Defaults to false

      • negate (pulumi.Input[bool]) - Negate the result of the condition evaluation. Defaults to false

      • pattern (pulumi.Input[str]) - The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.

      • variable (pulumi.Input[str]) - The variable of the condition.

    • name (pulumi.Input[str]) - Unique name of the rewrite rule block

    • requestHeaderConfigurations (pulumi.Input[list]) - One or more request_header_configuration blocks as defined above.

      • headerName (pulumi.Input[str]) - Header name of the header configuration.

      • headerValue (pulumi.Input[str]) - Header value of the header configuration. To delete a request header set this property to an empty string.

    • responseHeaderConfigurations (pulumi.Input[list]) - One or more response_header_configuration blocks as defined above.

      • headerName (pulumi.Input[str]) - Header name of the header configuration.

      • headerValue (pulumi.Input[str]) - Header value of the header configuration. To delete a response header set this property to an empty string.

    • ruleSequence (pulumi.Input[float]) - Rule sequence of the rewrite rule that determines the order of execution in a set.

The sku object supports the following:

  • capacity (pulumi.Input[float]) - The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if autoscale_configuration is set.

  • name (pulumi.Input[str]) - The Name of the SKU to use for this Application Gateway. Possible values are Standard_Small, Standard_Medium, Standard_Large, Standard_v2, WAF_Medium, WAF_Large, and WAF_v2.

  • tier (pulumi.Input[str]) - The Tier of the SKU to use for this Application Gateway. Possible values are Standard, Standard_v2, WAF and WAF_v2.

The ssl_certificates object supports the following:

  • data (pulumi.Input[str]) - PFX certificate. Required if key_vault_secret_id is not set.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • key_vault_secret_id (pulumi.Input[str]) - Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.

  • name (pulumi.Input[str]) - The Name of the SSL certificate that is unique within this Application Gateway

  • password (pulumi.Input[str]) - Password for the pfx file specified in data. Required if data is set.

  • publicCertData (pulumi.Input[str]) - The Public Certificate Data associated with the SSL Certificate.

The ssl_policies object supports the following:

  • cipherSuites (pulumi.Input[list]) - A List of accepted cipher suites. Possible values are: TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256 and TLS_RSA_WITH_AES_256_GCM_SHA384.

  • disabledProtocols (pulumi.Input[list]) - A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • minProtocolVersion (pulumi.Input[str]) - The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • policyName (pulumi.Input[str]) - The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.

  • policy_type (pulumi.Input[str]) - The Type of the Policy. Possible values are Predefined and Custom.

The trusted_root_certificates object supports the following:

  • data (pulumi.Input[str]) - The contents of the Trusted Root Certificate which should be used.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the Trusted Root Certificate to use.

The url_path_maps object supports the following:

  • defaultBackendAddressPoolId (pulumi.Input[str]) - The ID of the Default Backend Address Pool.

  • defaultBackendAddressPoolName (pulumi.Input[str]) - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultBackendHttpSettingsId (pulumi.Input[str]) - The ID of the Default Backend HTTP Settings Collection.

  • defaultBackendHttpSettingsName (pulumi.Input[str]) - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultRedirectConfigurationId (pulumi.Input[str]) - The ID of the Default Redirect Configuration.

  • defaultRedirectConfigurationName (pulumi.Input[str]) - The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either default_backend_address_pool_name or default_backend_http_settings_name is set.

  • defaultRewriteRuleSetId (pulumi.Input[str])

  • defaultRewriteRuleSetName (pulumi.Input[str]) - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the URL Path Map.

  • pathRules (pulumi.Input[list]) - One or more path_rule blocks as defined above.

    • backend_address_pool_id (pulumi.Input[str]) - The ID of the associated Backend Address Pool.

    • backendAddressPoolName (pulumi.Input[str]) - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • backendHttpSettingsId (pulumi.Input[str]) - The ID of the associated Backend HTTP Settings Configuration.

    • backendHttpSettingsName (pulumi.Input[str]) - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • name (pulumi.Input[str]) - The Name of the Path Rule.

    • paths (pulumi.Input[list]) - A list of Paths used in this Path Rule.

    • redirectConfigurationId (pulumi.Input[str]) - The ID of the associated Redirect Configuration.

    • redirectConfigurationName (pulumi.Input[str]) - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if backend_address_pool_name or backend_http_settings_name is set.

    • rewriteRuleSetId (pulumi.Input[str]) - The ID of the associated Rewrite Rule Set.

    • rewriteRuleSetName (pulumi.Input[str]) - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

The waf_configuration object supports the following:

  • disabledRuleGroups (pulumi.Input[list]) - one or more disabled_rule_group blocks as defined below.

    • ruleGroupName (pulumi.Input[str]) - The rule group where specific rules should be disabled. Accepted values are: crs_20_protocol_violations, crs_21_protocol_anomalies, crs_23_request_limits, crs_30_http_policy, crs_35_bad_robots, crs_40_generic_attacks, crs_41_sql_injection_attacks, crs_41_xss_attacks, crs_42_tight_security, crs_45_trojans, General, REQUEST-911-METHOD-ENFORCEMENT, REQUEST-913-SCANNER-DETECTION, REQUEST-920-PROTOCOL-ENFORCEMENT, REQUEST-921-PROTOCOL-ATTACK, REQUEST-930-APPLICATION-ATTACK-LFI, REQUEST-931-APPLICATION-ATTACK-RFI, REQUEST-932-APPLICATION-ATTACK-RCE, REQUEST-933-APPLICATION-ATTACK-PHP, REQUEST-941-APPLICATION-ATTACK-XSS, REQUEST-942-APPLICATION-ATTACK-SQLI, REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION

    • rules (pulumi.Input[list]) - A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.

  • enabled (pulumi.Input[bool]) - Is the Web Application Firewall be enabled?

  • exclusions (pulumi.Input[list]) - one or more exclusion blocks as defined below.

    • matchVariable (pulumi.Input[str]) - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are RequestHeaderNames, RequestArgNames and RequestCookieNames

    • selector (pulumi.Input[str]) - String value which will be used for the filter operation. If empty will exclude all traffic on this match_variable

    • selectorMatchOperator (pulumi.Input[str]) - Operator which will be used to search in the variable content. Possible values are Equals, StartsWith, EndsWith, Contains. If empty will exclude all traffic on this match_variable

  • fileUploadLimitMb (pulumi.Input[float]) - The File Upload Limit in MB. Accepted values are in the range 1MB to 500MB. Defaults to 100MB.

  • firewallMode (pulumi.Input[str]) - The Web Application Firewall Mode. Possible values are Detection and Prevention.

  • maxRequestBodySizeKb (pulumi.Input[float]) - The Maximum Request Body Size in KB. Accepted values are in the range 1KB to 128KB. Defaults to 128KB.

  • requestBodyCheck (pulumi.Input[bool]) - Is Request Body Inspection enabled? Defaults to true.

  • ruleSetType (pulumi.Input[str]) - The Type of the Rule Set used for this Web Application Firewall. Currently, only OWASP is supported.

  • ruleSetVersion (pulumi.Input[str]) - The Version of the Rule Set used for this Web Application Firewall. Possible values are 2.2.9, 3.0, and 3.1.

authentication_certificates: pulumi.Output[list] = None

One or more authentication_certificate blocks as defined below.

  • data (str) - The contents of the Authentication Certificate which should be used.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The name of the Authentication Certificate.

autoscale_configuration: pulumi.Output[dict] = None

A autoscale_configuration block as defined below.

  • maxCapacity (float) - Maximum capacity for autoscaling. Accepted values are in the range 2 to 125.

  • min_capacity (float) - Minimum capacity for autoscaling. Accepted values are in the range 0 to 100.

backend_address_pools: pulumi.Output[list] = None

One or more backend_address_pool blocks as defined below.

  • fqdns (list) - A list of FQDN’s which should be part of the Backend Address Pool.

  • id (str) - The ID of the Rewrite Rule Set

  • ipAddresses (list) - A list of IP Addresses which should be part of the Backend Address Pool.

  • name (str) - The name of the Backend Address Pool.

backend_http_settings: pulumi.Output[list] = None

One or more backend_http_settings blocks as defined below.

  • affinityCookieName (str) - The name of the affinity cookie.

  • authentication_certificates (list) - One or more authentication_certificate blocks.

    • id (str) - The ID of the Rewrite Rule Set

    • name (str) - The name of the Authentication Certificate.

  • connectionDraining (dict) - A connection_draining block as defined below.

    • drainTimeoutSec (float) - The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

    • enabled (bool) - If connection draining is enabled or not.

  • cookieBasedAffinity (str) - Is Cookie-Based Affinity enabled? Possible values are Enabled and Disabled.

  • host_name (str) - Host header to be sent to the backend servers. Cannot be set if pick_host_name_from_backend_address is set to true.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The name of the Backend HTTP Settings Collection.

  • path (str) - The Path which should be used as a prefix for all HTTP requests.

  • pickHostNameFromBackendAddress (bool) - Whether host header should be picked from the host name of the backend server. Defaults to false.

  • port (float) - The port which should be used for this Backend HTTP Settings Collection.

  • probe_id (str) - The ID of the associated Probe.

  • probeName (str) - The name of an associated HTTP Probe.

  • protocol (str) - The Protocol which should be used. Possible values are Http and Https.

  • requestTimeout (float) - The request timeout in seconds, which must be between 1 and 86400 seconds.

  • trustedRootCertificateNames (list) - A list of trusted_root_certificate names.

custom_error_configurations: pulumi.Output[list] = None

One or more custom_error_configuration blocks as defined below.

  • customErrorPageUrl (str) - Error page URL of the application gateway customer error.

  • id (str) - The ID of the Rewrite Rule Set

  • statusCode (str) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

enable_http2: pulumi.Output[bool] = None

Is HTTP2 enabled on the application gateway resource? Defaults to false.

firewall_policy_id: pulumi.Output[str] = None

The resource ID of a firewall policy.

frontend_ip_configurations: pulumi.Output[list] = None

One or more frontend_ip_configuration blocks as defined below.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The name of the Frontend IP Configuration.

  • private_ip_address (str) - The Private IP Address to use for the Application Gateway.

  • privateIpAddressAllocation (str) - The Allocation Method for the Private IP Address. Possible values are Dynamic and Static.

  • public_ip_address_id (str) - The ID of a Public IP Address which the Application Gateway should use.

  • subnet_id (str) - The ID of the Subnet.

frontend_ports: pulumi.Output[list] = None

One or more frontend_port blocks as defined below.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The name of the Frontend Port.

  • port (float) - The port used for this Frontend Port.

gateway_ip_configurations: pulumi.Output[list] = None

One or more gateway_ip_configuration blocks as defined below.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The Name of this Gateway IP Configuration.

  • subnet_id (str) - The ID of the Subnet which the Application Gateway should be connected to.

http_listeners: pulumi.Output[list] = None

One or more http_listener blocks as defined below.

  • custom_error_configurations (list) - One or more custom_error_configuration blocks as defined below.

    • customErrorPageUrl (str) - Error page URL of the application gateway customer error.

    • id (str) - The ID of the Rewrite Rule Set

    • statusCode (str) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

  • frontend_ip_configuration_id (str) - The ID of the associated Frontend Configuration.

  • frontend_ip_configuration_name (str) - The Name of the Frontend IP Configuration used for this HTTP Listener.

  • frontendPortId (str) - The ID of the associated Frontend Port.

  • frontendPortName (str) - The Name of the Frontend Port use for this HTTP Listener.

  • host_name (str) - The Hostname which should be used for this HTTP Listener.

  • host_names (list) - A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The Name of the HTTP Listener.

  • protocol (str) - The Protocol to use for this HTTP Listener. Possible values are Http and Https.

  • requireSni (bool) - Should Server Name Indication be Required? Defaults to false.

  • sslCertificateId (str) - The ID of the associated SSL Certificate.

  • sslCertificateName (str) - The name of the associated SSL Certificate which should be used for this HTTP Listener.

identity: pulumi.Output[dict] = None

A identity block.

  • identityIds (str) - Specifies a list with a single user managed identity id to be assigned to the Application Gateway.

  • type (str) - The Managed Service Identity Type of this Application Gateway. The only possible value is UserAssigned. Defaults to UserAssigned.

location: pulumi.Output[str] = None

The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the Application Gateway. Changing this forces a new resource to be created.

probes: pulumi.Output[list] = None

One or more probe blocks as defined below.

  • host (str) - The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true.

  • id (str) - The ID of the Rewrite Rule Set

  • interval (float) - The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.

  • match (dict) - A match block as defined above.

    • body (str) - A snippet from the Response Body which must be present in the Response..

    • statusCodes (list) - A list of allowed status codes for this Health Probe.

  • minimumServers (float) - The minimum number of servers that are always marked as healthy. Defaults to 0.

  • name (str) - The Name of the Probe.

  • path (str) - The Path used for this Probe.

  • pickHostNameFromBackendHttpSettings (bool) - Whether the host header should be picked from the backend http settings. Defaults to false.

  • protocol (str) - The Protocol used for this Probe. Possible values are Http and Https.

  • timeout (float) - The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.

  • unhealthyThreshold (float) - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds.

redirect_configurations: pulumi.Output[list] = None

A redirect_configuration block as defined below.

  • id (str) - The ID of the Rewrite Rule Set

  • includePath (bool) - Whether or not to include the path in the redirected Url. Defaults to false

  • includeQueryString (bool) - Whether or not to include the query string in the redirected Url. Default to false

  • name (str) - Unique name of the redirect configuration block

  • redirectType (str) - The type of redirect. Possible values are Permanent, Temporary, Found and SeeOther

  • targetListenerId (str)

  • targetListenerName (str) - The name of the listener to redirect to. Cannot be set if target_url is set.

  • targetUrl (str) - The Url to redirect the request to. Cannot be set if target_listener_name is set.

request_routing_rules: pulumi.Output[list] = None

One or more request_routing_rule blocks as defined below.

  • backend_address_pool_id (str) - The ID of the associated Backend Address Pool.

  • backendAddressPoolName (str) - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • backendHttpSettingsId (str) - The ID of the associated Backend HTTP Settings Configuration.

  • backendHttpSettingsName (str) - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • httpListenerId (str) - The ID of the associated HTTP Listener.

  • httpListenerName (str) - The Name of the HTTP Listener which should be used for this Routing Rule.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The Name of this Request Routing Rule.

  • redirectConfigurationId (str) - The ID of the associated Redirect Configuration.

  • redirectConfigurationName (str) - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either backend_address_pool_name or backend_http_settings_name is set.

  • rewriteRuleSetId (str) - The ID of the associated Rewrite Rule Set.

  • rewriteRuleSetName (str) - The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.

  • ruleType (str) - The Type of Routing that should be used for this Rule. Possible values are Basic and PathBasedRouting.

  • urlPathMapId (str) - The ID of the associated URL Path Map.

  • urlPathMapName (str) - The Name of the URL Path Map which should be associated with this Routing Rule.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

rewrite_rule_sets: pulumi.Output[list] = None

One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - Unique name of the rewrite rule set block

  • rewriteRules (list) - One or more rewrite_rule blocks as defined above.

    • conditions (list) - One or more condition blocks as defined above.

      • ignoreCase (bool) - Perform a case in-sensitive comparison. Defaults to false

      • negate (bool) - Negate the result of the condition evaluation. Defaults to false

      • pattern (str) - The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.

      • variable (str) - The variable of the condition.

    • name (str) - Unique name of the rewrite rule block

    • requestHeaderConfigurations (list) - One or more request_header_configuration blocks as defined above.

      • headerName (str) - Header name of the header configuration.

      • headerValue (str) - Header value of the header configuration. To delete a request header set this property to an empty string.

    • responseHeaderConfigurations (list) - One or more response_header_configuration blocks as defined above.

      • headerName (str) - Header name of the header configuration.

      • headerValue (str) - Header value of the header configuration. To delete a response header set this property to an empty string.

    • ruleSequence (float) - Rule sequence of the rewrite rule that determines the order of execution in a set.

sku: pulumi.Output[dict] = None

A sku block as defined below.

  • capacity (float) - The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if autoscale_configuration is set.

  • name (str) - The Name of the SKU to use for this Application Gateway. Possible values are Standard_Small, Standard_Medium, Standard_Large, Standard_v2, WAF_Medium, WAF_Large, and WAF_v2.

  • tier (str) - The Tier of the SKU to use for this Application Gateway. Possible values are Standard, Standard_v2, WAF and WAF_v2.

ssl_certificates: pulumi.Output[list] = None

One or more ssl_certificate blocks as defined below.

  • data (str) - PFX certificate. Required if key_vault_secret_id is not set.

  • id (str) - The ID of the Rewrite Rule Set

  • key_vault_secret_id (str) - Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.

  • name (str) - The Name of the SSL certificate that is unique within this Application Gateway

  • password (str) - Password for the pfx file specified in data. Required if data is set.

  • publicCertData (str) - The Public Certificate Data associated with the SSL Certificate.

ssl_policies: pulumi.Output[list] = None

a ssl policy block as defined below.

  • cipherSuites (list) - A List of accepted cipher suites. Possible values are: TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256 and TLS_RSA_WITH_AES_256_GCM_SHA384.

  • disabledProtocols (list) - A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • minProtocolVersion (str) - The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • policyName (str) - The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.

  • policy_type (str) - The Type of the Policy. Possible values are Predefined and Custom.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

trusted_root_certificates: pulumi.Output[list] = None

One or more trusted_root_certificate blocks as defined below.

  • data (str) - The contents of the Trusted Root Certificate which should be used.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The Name of the Trusted Root Certificate to use.

url_path_maps: pulumi.Output[list] = None

One or more url_path_map blocks as defined below.

  • defaultBackendAddressPoolId (str) - The ID of the Default Backend Address Pool.

  • defaultBackendAddressPoolName (str) - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultBackendHttpSettingsId (str) - The ID of the Default Backend HTTP Settings Collection.

  • defaultBackendHttpSettingsName (str) - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultRedirectConfigurationId (str) - The ID of the Default Redirect Configuration.

  • defaultRedirectConfigurationName (str) - The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either default_backend_address_pool_name or default_backend_http_settings_name is set.

  • defaultRewriteRuleSetId (str)

  • defaultRewriteRuleSetName (str) - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

  • id (str) - The ID of the Rewrite Rule Set

  • name (str) - The Name of the URL Path Map.

  • pathRules (list) - One or more path_rule blocks as defined above.

    • backend_address_pool_id (str) - The ID of the associated Backend Address Pool.

    • backendAddressPoolName (str) - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • backendHttpSettingsId (str) - The ID of the associated Backend HTTP Settings Configuration.

    • backendHttpSettingsName (str) - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • id (str) - The ID of the Rewrite Rule Set

    • name (str) - The Name of the Path Rule.

    • paths (list) - A list of Paths used in this Path Rule.

    • redirectConfigurationId (str) - The ID of the associated Redirect Configuration.

    • redirectConfigurationName (str) - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if backend_address_pool_name or backend_http_settings_name is set.

    • rewriteRuleSetId (str) - The ID of the associated Rewrite Rule Set.

    • rewriteRuleSetName (str) - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

waf_configuration: pulumi.Output[dict] = None

A waf_configuration block as defined below.

  • disabledRuleGroups (list) - one or more disabled_rule_group blocks as defined below.

    • ruleGroupName (str) - The rule group where specific rules should be disabled. Accepted values are: crs_20_protocol_violations, crs_21_protocol_anomalies, crs_23_request_limits, crs_30_http_policy, crs_35_bad_robots, crs_40_generic_attacks, crs_41_sql_injection_attacks, crs_41_xss_attacks, crs_42_tight_security, crs_45_trojans, General, REQUEST-911-METHOD-ENFORCEMENT, REQUEST-913-SCANNER-DETECTION, REQUEST-920-PROTOCOL-ENFORCEMENT, REQUEST-921-PROTOCOL-ATTACK, REQUEST-930-APPLICATION-ATTACK-LFI, REQUEST-931-APPLICATION-ATTACK-RFI, REQUEST-932-APPLICATION-ATTACK-RCE, REQUEST-933-APPLICATION-ATTACK-PHP, REQUEST-941-APPLICATION-ATTACK-XSS, REQUEST-942-APPLICATION-ATTACK-SQLI, REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION

    • rules (list) - A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.

  • enabled (bool) - Is the Web Application Firewall be enabled?

  • exclusions (list) - one or more exclusion blocks as defined below.

    • matchVariable (str) - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are RequestHeaderNames, RequestArgNames and RequestCookieNames

    • selector (str) - String value which will be used for the filter operation. If empty will exclude all traffic on this match_variable

    • selectorMatchOperator (str) - Operator which will be used to search in the variable content. Possible values are Equals, StartsWith, EndsWith, Contains. If empty will exclude all traffic on this match_variable

  • fileUploadLimitMb (float) - The File Upload Limit in MB. Accepted values are in the range 1MB to 500MB. Defaults to 100MB.

  • firewallMode (str) - The Web Application Firewall Mode. Possible values are Detection and Prevention.

  • maxRequestBodySizeKb (float) - The Maximum Request Body Size in KB. Accepted values are in the range 1KB to 128KB. Defaults to 128KB.

  • requestBodyCheck (bool) - Is Request Body Inspection enabled? Defaults to true.

  • ruleSetType (str) - The Type of the Rule Set used for this Web Application Firewall. Currently, only OWASP is supported.

  • ruleSetVersion (str) - The Version of the Rule Set used for this Web Application Firewall. Possible values are 2.2.9, 3.0, and 3.1.

zones: pulumi.Output[list] = None

A collection of availability zones to spread the Application Gateway over.

static get(resource_name, id, opts=None, authentication_certificates=None, autoscale_configuration=None, backend_address_pools=None, backend_http_settings=None, custom_error_configurations=None, enable_http2=None, firewall_policy_id=None, frontend_ip_configurations=None, frontend_ports=None, gateway_ip_configurations=None, http_listeners=None, identity=None, location=None, name=None, probes=None, redirect_configurations=None, request_routing_rules=None, resource_group_name=None, rewrite_rule_sets=None, sku=None, ssl_certificates=None, ssl_policies=None, tags=None, trusted_root_certificates=None, url_path_maps=None, waf_configuration=None, zones=None)

Get an existing ApplicationGateway resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • authentication_certificates (pulumi.Input[list]) – One or more authentication_certificate blocks as defined below.

  • autoscale_configuration (pulumi.Input[dict]) – A autoscale_configuration block as defined below.

  • backend_address_pools (pulumi.Input[list]) – One or more backend_address_pool blocks as defined below.

  • backend_http_settings (pulumi.Input[list]) – One or more backend_http_settings blocks as defined below.

  • custom_error_configurations (pulumi.Input[list]) – One or more custom_error_configuration blocks as defined below.

  • enable_http2 (pulumi.Input[bool]) – Is HTTP2 enabled on the application gateway resource? Defaults to false.

  • firewall_policy_id (pulumi.Input[str]) – The resource ID of a firewall policy.

  • frontend_ip_configurations (pulumi.Input[list]) – One or more frontend_ip_configuration blocks as defined below.

  • frontend_ports (pulumi.Input[list]) – One or more frontend_port blocks as defined below.

  • gateway_ip_configurations (pulumi.Input[list]) – One or more gateway_ip_configuration blocks as defined below.

  • http_listeners (pulumi.Input[list]) – One or more http_listener blocks as defined below.

  • identity (pulumi.Input[dict]) – A identity block.

  • location (pulumi.Input[str]) – The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Application Gateway. Changing this forces a new resource to be created.

  • probes (pulumi.Input[list]) – One or more probe blocks as defined below.

  • redirect_configurations (pulumi.Input[list]) – A redirect_configuration block as defined below.

  • request_routing_rules (pulumi.Input[list]) – One or more request_routing_rule blocks as defined below.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.

  • rewrite_rule_sets (pulumi.Input[list]) – One or more rewrite_rule_set blocks as defined below. Only valid for v2 SKUs.

  • sku (pulumi.Input[dict]) – A sku block as defined below.

  • ssl_certificates (pulumi.Input[list]) – One or more ssl_certificate blocks as defined below.

  • ssl_policies (pulumi.Input[list]) – a ssl policy block as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • trusted_root_certificates (pulumi.Input[list]) – One or more trusted_root_certificate blocks as defined below.

  • url_path_maps (pulumi.Input[list]) – One or more url_path_map blocks as defined below.

  • waf_configuration (pulumi.Input[dict]) – A waf_configuration block as defined below.

  • zones (pulumi.Input[list]) – A collection of availability zones to spread the Application Gateway over.

The authentication_certificates object supports the following:

  • data (pulumi.Input[str]) - The contents of the Authentication Certificate which should be used.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Authentication Certificate.

The autoscale_configuration object supports the following:

  • maxCapacity (pulumi.Input[float]) - Maximum capacity for autoscaling. Accepted values are in the range 2 to 125.

  • min_capacity (pulumi.Input[float]) - Minimum capacity for autoscaling. Accepted values are in the range 0 to 100.

The backend_address_pools object supports the following:

  • fqdns (pulumi.Input[list]) - A list of FQDN’s which should be part of the Backend Address Pool.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • ipAddresses (pulumi.Input[list]) - A list of IP Addresses which should be part of the Backend Address Pool.

  • name (pulumi.Input[str]) - The name of the Backend Address Pool.

The backend_http_settings object supports the following:

  • affinityCookieName (pulumi.Input[str]) - The name of the affinity cookie.

  • authentication_certificates (pulumi.Input[list]) - One or more authentication_certificate blocks.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • name (pulumi.Input[str]) - The name of the Authentication Certificate.

  • connectionDraining (pulumi.Input[dict]) - A connection_draining block as defined below.

    • drainTimeoutSec (pulumi.Input[float]) - The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

    • enabled (pulumi.Input[bool]) - If connection draining is enabled or not.

  • cookieBasedAffinity (pulumi.Input[str]) - Is Cookie-Based Affinity enabled? Possible values are Enabled and Disabled.

  • host_name (pulumi.Input[str]) - Host header to be sent to the backend servers. Cannot be set if pick_host_name_from_backend_address is set to true.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Backend HTTP Settings Collection.

  • path (pulumi.Input[str]) - The Path which should be used as a prefix for all HTTP requests.

  • pickHostNameFromBackendAddress (pulumi.Input[bool]) - Whether host header should be picked from the host name of the backend server. Defaults to false.

  • port (pulumi.Input[float]) - The port which should be used for this Backend HTTP Settings Collection.

  • probe_id (pulumi.Input[str]) - The ID of the associated Probe.

  • probeName (pulumi.Input[str]) - The name of an associated HTTP Probe.

  • protocol (pulumi.Input[str]) - The Protocol which should be used. Possible values are Http and Https.

  • requestTimeout (pulumi.Input[float]) - The request timeout in seconds, which must be between 1 and 86400 seconds.

  • trustedRootCertificateNames (pulumi.Input[list]) - A list of trusted_root_certificate names.

The custom_error_configurations object supports the following:

  • customErrorPageUrl (pulumi.Input[str]) - Error page URL of the application gateway customer error.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • statusCode (pulumi.Input[str]) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

The frontend_ip_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Frontend IP Configuration.

  • private_ip_address (pulumi.Input[str]) - The Private IP Address to use for the Application Gateway.

  • privateIpAddressAllocation (pulumi.Input[str]) - The Allocation Method for the Private IP Address. Possible values are Dynamic and Static.

  • public_ip_address_id (pulumi.Input[str]) - The ID of a Public IP Address which the Application Gateway should use.

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet.

The frontend_ports object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The name of the Frontend Port.

  • port (pulumi.Input[float]) - The port used for this Frontend Port.

The gateway_ip_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of this Gateway IP Configuration.

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet which the Application Gateway should be connected to.

The http_listeners object supports the following:

  • custom_error_configurations (pulumi.Input[list]) - One or more custom_error_configuration blocks as defined below.

    • customErrorPageUrl (pulumi.Input[str]) - Error page URL of the application gateway customer error.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • statusCode (pulumi.Input[str]) - Status code of the application gateway customer error. Possible values are HttpStatus403 and HttpStatus502

  • frontend_ip_configuration_id (pulumi.Input[str]) - The ID of the associated Frontend Configuration.

  • frontend_ip_configuration_name (pulumi.Input[str]) - The Name of the Frontend IP Configuration used for this HTTP Listener.

  • frontendPortId (pulumi.Input[str]) - The ID of the associated Frontend Port.

  • frontendPortName (pulumi.Input[str]) - The Name of the Frontend Port use for this HTTP Listener.

  • host_name (pulumi.Input[str]) - The Hostname which should be used for this HTTP Listener.

  • host_names (pulumi.Input[list]) - A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the HTTP Listener.

  • protocol (pulumi.Input[str]) - The Protocol to use for this HTTP Listener. Possible values are Http and Https.

  • requireSni (pulumi.Input[bool]) - Should Server Name Indication be Required? Defaults to false.

  • sslCertificateId (pulumi.Input[str]) - The ID of the associated SSL Certificate.

  • sslCertificateName (pulumi.Input[str]) - The name of the associated SSL Certificate which should be used for this HTTP Listener.

The identity object supports the following:

  • identityIds (pulumi.Input[str]) - Specifies a list with a single user managed identity id to be assigned to the Application Gateway.

  • type (pulumi.Input[str]) - The Managed Service Identity Type of this Application Gateway. The only possible value is UserAssigned. Defaults to UserAssigned.

The probes object supports the following:

  • host (pulumi.Input[str]) - The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • interval (pulumi.Input[float]) - The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.

  • match (pulumi.Input[dict]) - A match block as defined above.

    • body (pulumi.Input[str]) - A snippet from the Response Body which must be present in the Response..

    • statusCodes (pulumi.Input[list]) - A list of allowed status codes for this Health Probe.

  • minimumServers (pulumi.Input[float]) - The minimum number of servers that are always marked as healthy. Defaults to 0.

  • name (pulumi.Input[str]) - The Name of the Probe.

  • path (pulumi.Input[str]) - The Path used for this Probe.

  • pickHostNameFromBackendHttpSettings (pulumi.Input[bool]) - Whether the host header should be picked from the backend http settings. Defaults to false.

  • protocol (pulumi.Input[str]) - The Protocol used for this Probe. Possible values are Http and Https.

  • timeout (pulumi.Input[float]) - The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.

  • unhealthyThreshold (pulumi.Input[float]) - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 - 20 seconds.

The redirect_configurations object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • includePath (pulumi.Input[bool]) - Whether or not to include the path in the redirected Url. Defaults to false

  • includeQueryString (pulumi.Input[bool]) - Whether or not to include the query string in the redirected Url. Default to false

  • name (pulumi.Input[str]) - Unique name of the redirect configuration block

  • redirectType (pulumi.Input[str]) - The type of redirect. Possible values are Permanent, Temporary, Found and SeeOther

  • targetListenerId (pulumi.Input[str])

  • targetListenerName (pulumi.Input[str]) - The name of the listener to redirect to. Cannot be set if target_url is set.

  • targetUrl (pulumi.Input[str]) - The Url to redirect the request to. Cannot be set if target_listener_name is set.

The request_routing_rules object supports the following:

  • backend_address_pool_id (pulumi.Input[str]) - The ID of the associated Backend Address Pool.

  • backendAddressPoolName (pulumi.Input[str]) - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • backendHttpSettingsId (pulumi.Input[str]) - The ID of the associated Backend HTTP Settings Configuration.

  • backendHttpSettingsName (pulumi.Input[str]) - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if redirect_configuration_name is set.

  • httpListenerId (pulumi.Input[str]) - The ID of the associated HTTP Listener.

  • httpListenerName (pulumi.Input[str]) - The Name of the HTTP Listener which should be used for this Routing Rule.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of this Request Routing Rule.

  • redirectConfigurationId (pulumi.Input[str]) - The ID of the associated Redirect Configuration.

  • redirectConfigurationName (pulumi.Input[str]) - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either backend_address_pool_name or backend_http_settings_name is set.

  • rewriteRuleSetId (pulumi.Input[str]) - The ID of the associated Rewrite Rule Set.

  • rewriteRuleSetName (pulumi.Input[str]) - The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.

  • ruleType (pulumi.Input[str]) - The Type of Routing that should be used for this Rule. Possible values are Basic and PathBasedRouting.

  • urlPathMapId (pulumi.Input[str]) - The ID of the associated URL Path Map.

  • urlPathMapName (pulumi.Input[str]) - The Name of the URL Path Map which should be associated with this Routing Rule.

The rewrite_rule_sets object supports the following:

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - Unique name of the rewrite rule set block

  • rewriteRules (pulumi.Input[list]) - One or more rewrite_rule blocks as defined above.

    • conditions (pulumi.Input[list]) - One or more condition blocks as defined above.

      • ignoreCase (pulumi.Input[bool]) - Perform a case in-sensitive comparison. Defaults to false

      • negate (pulumi.Input[bool]) - Negate the result of the condition evaluation. Defaults to false

      • pattern (pulumi.Input[str]) - The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.

      • variable (pulumi.Input[str]) - The variable of the condition.

    • name (pulumi.Input[str]) - Unique name of the rewrite rule block

    • requestHeaderConfigurations (pulumi.Input[list]) - One or more request_header_configuration blocks as defined above.

      • headerName (pulumi.Input[str]) - Header name of the header configuration.

      • headerValue (pulumi.Input[str]) - Header value of the header configuration. To delete a request header set this property to an empty string.

    • responseHeaderConfigurations (pulumi.Input[list]) - One or more response_header_configuration blocks as defined above.

      • headerName (pulumi.Input[str]) - Header name of the header configuration.

      • headerValue (pulumi.Input[str]) - Header value of the header configuration. To delete a response header set this property to an empty string.

    • ruleSequence (pulumi.Input[float]) - Rule sequence of the rewrite rule that determines the order of execution in a set.

The sku object supports the following:

  • capacity (pulumi.Input[float]) - The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if autoscale_configuration is set.

  • name (pulumi.Input[str]) - The Name of the SKU to use for this Application Gateway. Possible values are Standard_Small, Standard_Medium, Standard_Large, Standard_v2, WAF_Medium, WAF_Large, and WAF_v2.

  • tier (pulumi.Input[str]) - The Tier of the SKU to use for this Application Gateway. Possible values are Standard, Standard_v2, WAF and WAF_v2.

The ssl_certificates object supports the following:

  • data (pulumi.Input[str]) - PFX certificate. Required if key_vault_secret_id is not set.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • key_vault_secret_id (pulumi.Input[str]) - Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.

  • name (pulumi.Input[str]) - The Name of the SSL certificate that is unique within this Application Gateway

  • password (pulumi.Input[str]) - Password for the pfx file specified in data. Required if data is set.

  • publicCertData (pulumi.Input[str]) - The Public Certificate Data associated with the SSL Certificate.

The ssl_policies object supports the following:

  • cipherSuites (pulumi.Input[list]) - A List of accepted cipher suites. Possible values are: TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256 and TLS_RSA_WITH_AES_256_GCM_SHA384.

  • disabledProtocols (pulumi.Input[list]) - A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • minProtocolVersion (pulumi.Input[str]) - The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.

  • policyName (pulumi.Input[str]) - The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.

  • policy_type (pulumi.Input[str]) - The Type of the Policy. Possible values are Predefined and Custom.

The trusted_root_certificates object supports the following:

  • data (pulumi.Input[str]) - The contents of the Trusted Root Certificate which should be used.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the Trusted Root Certificate to use.

The url_path_maps object supports the following:

  • defaultBackendAddressPoolId (pulumi.Input[str]) - The ID of the Default Backend Address Pool.

  • defaultBackendAddressPoolName (pulumi.Input[str]) - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultBackendHttpSettingsId (pulumi.Input[str]) - The ID of the Default Backend HTTP Settings Collection.

  • defaultBackendHttpSettingsName (pulumi.Input[str]) - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if default_redirect_configuration_name is set.

  • defaultRedirectConfigurationId (pulumi.Input[str]) - The ID of the Default Redirect Configuration.

  • defaultRedirectConfigurationName (pulumi.Input[str]) - The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either default_backend_address_pool_name or default_backend_http_settings_name is set.

  • defaultRewriteRuleSetId (pulumi.Input[str])

  • defaultRewriteRuleSetName (pulumi.Input[str]) - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

  • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

  • name (pulumi.Input[str]) - The Name of the URL Path Map.

  • pathRules (pulumi.Input[list]) - One or more path_rule blocks as defined above.

    • backend_address_pool_id (pulumi.Input[str]) - The ID of the associated Backend Address Pool.

    • backendAddressPoolName (pulumi.Input[str]) - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • backendHttpSettingsId (pulumi.Input[str]) - The ID of the associated Backend HTTP Settings Configuration.

    • backendHttpSettingsName (pulumi.Input[str]) - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if redirect_configuration_name is set.

    • id (pulumi.Input[str]) - The ID of the Rewrite Rule Set

    • name (pulumi.Input[str]) - The Name of the Path Rule.

    • paths (pulumi.Input[list]) - A list of Paths used in this Path Rule.

    • redirectConfigurationId (pulumi.Input[str]) - The ID of the associated Redirect Configuration.

    • redirectConfigurationName (pulumi.Input[str]) - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if backend_address_pool_name or backend_http_settings_name is set.

    • rewriteRuleSetId (pulumi.Input[str]) - The ID of the associated Rewrite Rule Set.

    • rewriteRuleSetName (pulumi.Input[str]) - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.

The waf_configuration object supports the following:

  • disabledRuleGroups (pulumi.Input[list]) - one or more disabled_rule_group blocks as defined below.

    • ruleGroupName (pulumi.Input[str]) - The rule group where specific rules should be disabled. Accepted values are: crs_20_protocol_violations, crs_21_protocol_anomalies, crs_23_request_limits, crs_30_http_policy, crs_35_bad_robots, crs_40_generic_attacks, crs_41_sql_injection_attacks, crs_41_xss_attacks, crs_42_tight_security, crs_45_trojans, General, REQUEST-911-METHOD-ENFORCEMENT, REQUEST-913-SCANNER-DETECTION, REQUEST-920-PROTOCOL-ENFORCEMENT, REQUEST-921-PROTOCOL-ATTACK, REQUEST-930-APPLICATION-ATTACK-LFI, REQUEST-931-APPLICATION-ATTACK-RFI, REQUEST-932-APPLICATION-ATTACK-RCE, REQUEST-933-APPLICATION-ATTACK-PHP, REQUEST-941-APPLICATION-ATTACK-XSS, REQUEST-942-APPLICATION-ATTACK-SQLI, REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION

    • rules (pulumi.Input[list]) - A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.

  • enabled (pulumi.Input[bool]) - Is the Web Application Firewall be enabled?

  • exclusions (pulumi.Input[list]) - one or more exclusion blocks as defined below.

    • matchVariable (pulumi.Input[str]) - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are RequestHeaderNames, RequestArgNames and RequestCookieNames

    • selector (pulumi.Input[str]) - String value which will be used for the filter operation. If empty will exclude all traffic on this match_variable

    • selectorMatchOperator (pulumi.Input[str]) - Operator which will be used to search in the variable content. Possible values are Equals, StartsWith, EndsWith, Contains. If empty will exclude all traffic on this match_variable

  • fileUploadLimitMb (pulumi.Input[float]) - The File Upload Limit in MB. Accepted values are in the range 1MB to 500MB. Defaults to 100MB.

  • firewallMode (pulumi.Input[str]) - The Web Application Firewall Mode. Possible values are Detection and Prevention.

  • maxRequestBodySizeKb (pulumi.Input[float]) - The Maximum Request Body Size in KB. Accepted values are in the range 1KB to 128KB. Defaults to 128KB.

  • requestBodyCheck (pulumi.Input[bool]) - Is Request Body Inspection enabled? Defaults to true.

  • ruleSetType (pulumi.Input[str]) - The Type of the Rule Set used for this Web Application Firewall. Currently, only OWASP is supported.

  • ruleSetVersion (pulumi.Input[str]) - The Version of the Rule Set used for this Web Application Firewall. Possible values are 2.2.9, 3.0, and 3.1.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.ApplicationSecurityGroup(resource_name, opts=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages an Application Security Group.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_application_security_group = azure.network.ApplicationSecurityGroup("exampleApplicationSecurityGroup",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    tags={
        "Hello": "World",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Application Security Group.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Application Security Group.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, location=None, name=None, resource_group_name=None, tags=None)

Get an existing ApplicationSecurityGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Application Security Group. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Application Security Group.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.AwaitableGetApplicationSecurityGroupResult(id=None, location=None, name=None, resource_group_name=None, tags=None)
class pulumi_azure.network.AwaitableGetExpressRouteCircuitResult(id=None, location=None, name=None, peerings=None, resource_group_name=None, service_key=None, service_provider_properties=None, service_provider_provisioning_state=None, sku=None)
class pulumi_azure.network.AwaitableGetFirewallResult(id=None, ip_configurations=None, location=None, name=None, resource_group_name=None, tags=None)
class pulumi_azure.network.AwaitableGetGatewayConnectionResult(authorization_key=None, connection_protocol=None, egress_bytes_transferred=None, enable_bgp=None, express_route_circuit_id=None, express_route_gateway_bypass=None, id=None, ingress_bytes_transferred=None, ipsec_policies=None, local_network_gateway_id=None, location=None, name=None, peer_virtual_network_gateway_id=None, resource_group_name=None, resource_guid=None, routing_weight=None, shared_key=None, tags=None, type=None, use_policy_based_traffic_selectors=None, virtual_network_gateway_id=None)
class pulumi_azure.network.AwaitableGetNatGatewayResult(id=None, idle_timeout_in_minutes=None, location=None, name=None, public_ip_address_ids=None, public_ip_prefix_ids=None, resource_group_name=None, resource_guid=None, sku_name=None, tags=None, zones=None)
class pulumi_azure.network.AwaitableGetNetworkDdosProtectionPlanResult(id=None, location=None, name=None, resource_group_name=None, tags=None, virtual_network_ids=None)
class pulumi_azure.network.AwaitableGetNetworkInterfaceResult(applied_dns_servers=None, dns_servers=None, enable_accelerated_networking=None, enable_ip_forwarding=None, id=None, internal_dns_name_label=None, ip_configurations=None, location=None, mac_address=None, name=None, network_security_group_id=None, private_ip_address=None, private_ip_addresses=None, resource_group_name=None, tags=None, virtual_machine_id=None)
class pulumi_azure.network.AwaitableGetNetworkSecurityGroupResult(id=None, location=None, name=None, resource_group_name=None, security_rules=None, tags=None)
class pulumi_azure.network.AwaitableGetNetworkWatcherResult(id=None, location=None, name=None, resource_group_name=None, tags=None)
class pulumi_azure.network.AwaitableGetPublicIPResult(allocation_method=None, domain_name_label=None, fqdn=None, id=None, idle_timeout_in_minutes=None, ip_address=None, ip_version=None, location=None, name=None, resource_group_name=None, reverse_fqdn=None, sku=None, tags=None, zones=None)
class pulumi_azure.network.AwaitableGetPublicIPsResult(allocation_type=None, attached=None, id=None, name_prefix=None, public_ips=None, resource_group_name=None)
class pulumi_azure.network.AwaitableGetPublicIpPrefixResult(id=None, ip_prefix=None, location=None, name=None, prefix_length=None, resource_group_name=None, sku=None, tags=None, zones=None)
class pulumi_azure.network.AwaitableGetRouteTableResult(id=None, location=None, name=None, resource_group_name=None, routes=None, subnets=None, tags=None)
class pulumi_azure.network.AwaitableGetServiceTagsResult(address_prefixes=None, id=None, location=None, location_filter=None, service=None)
class pulumi_azure.network.AwaitableGetSubnetResult(address_prefix=None, address_prefixes=None, enforce_private_link_endpoint_network_policies=None, enforce_private_link_service_network_policies=None, id=None, name=None, network_security_group_id=None, resource_group_name=None, route_table_id=None, service_endpoints=None, virtual_network_name=None)
class pulumi_azure.network.AwaitableGetTrafficManagerResult(id=None, name=None)
class pulumi_azure.network.AwaitableGetVirtualHubResult(address_prefix=None, id=None, location=None, name=None, resource_group_name=None, tags=None, virtual_wan_id=None)
class pulumi_azure.network.AwaitableGetVirtualNetworkGatewayResult(active_active=None, bgp_settings=None, default_local_network_gateway_id=None, enable_bgp=None, generation=None, id=None, ip_configurations=None, location=None, name=None, resource_group_name=None, sku=None, tags=None, type=None, vpn_client_configurations=None, vpn_type=None)
class pulumi_azure.network.AwaitableGetVirtualNetworkResult(address_spaces=None, dns_servers=None, guid=None, id=None, location=None, name=None, resource_group_name=None, subnets=None, vnet_peerings=None)
class pulumi_azure.network.DdosProtectionPlan(resource_name, opts=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages an AzureNetwork DDoS Protection Plan.

NOTE Azure only allows one DDoS Protection Plan per region.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_ddos_protection_plan = azure.network.DdosProtectionPlan("exampleDdosProtectionPlan",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

virtual_network_ids: pulumi.Output[list] = None

A list of Virtual Network ID’s associated with the DDoS Protection Plan.

static get(resource_name, id, opts=None, location=None, name=None, resource_group_name=None, tags=None, virtual_network_ids=None)

Get an existing DdosProtectionPlan resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network DDoS Protection Plan. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • virtual_network_ids (pulumi.Input[list]) – A list of Virtual Network ID’s associated with the DDoS Protection Plan.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.ExpressRouteCircuit(resource_name, opts=None, allow_classic_operations=None, bandwidth_in_mbps=None, location=None, name=None, peering_location=None, resource_group_name=None, service_provider_name=None, sku=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages an ExpressRoute circuit.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_express_route_circuit = azure.network.ExpressRouteCircuit("exampleExpressRouteCircuit",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    service_provider_name="Equinix",
    peering_location="Silicon Valley",
    bandwidth_in_mbps=50,
    sku={
        "tier": "Standard",
        "family": "MeteredData",
    },
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allow_classic_operations (pulumi.Input[bool]) – Allow the circuit to interact with classic (RDFE) resources. The default value is false.

  • bandwidth_in_mbps (pulumi.Input[float]) – The bandwidth in Mbps of the circuit being created.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

  • peering_location (pulumi.Input[str]) – The name of the peering location and not the Azure resource location.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

  • service_provider_name (pulumi.Input[str]) – The name of the ExpressRoute Service Provider.

  • sku (pulumi.Input[dict]) – A sku block for the ExpressRoute circuit as documented below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The sku object supports the following:

  • family (pulumi.Input[str]) - The billing mode for bandwidth. Possible values are MeteredData or UnlimitedData.

  • tier (pulumi.Input[str]) - The service tier. Possible values are Basic, Local, Standard or Premium.

allow_classic_operations: pulumi.Output[bool] = None

Allow the circuit to interact with classic (RDFE) resources. The default value is false.

bandwidth_in_mbps: pulumi.Output[float] = None

The bandwidth in Mbps of the circuit being created.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

peering_location: pulumi.Output[str] = None

The name of the peering location and not the Azure resource location.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

service_key: pulumi.Output[str] = None

The string needed by the service provider to provision the ExpressRoute circuit.

service_provider_name: pulumi.Output[str] = None

The name of the ExpressRoute Service Provider.

service_provider_provisioning_state: pulumi.Output[str] = None

The ExpressRoute circuit provisioning state from your chosen service provider. Possible values are “NotProvisioned”, “Provisioning”, “Provisioned”, and “Deprovisioning”.

sku: pulumi.Output[dict] = None

A sku block for the ExpressRoute circuit as documented below.

  • family (str) - The billing mode for bandwidth. Possible values are MeteredData or UnlimitedData.

  • tier (str) - The service tier. Possible values are Basic, Local, Standard or Premium.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, allow_classic_operations=None, bandwidth_in_mbps=None, location=None, name=None, peering_location=None, resource_group_name=None, service_key=None, service_provider_name=None, service_provider_provisioning_state=None, sku=None, tags=None)

Get an existing ExpressRouteCircuit resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allow_classic_operations (pulumi.Input[bool]) – Allow the circuit to interact with classic (RDFE) resources. The default value is false.

  • bandwidth_in_mbps (pulumi.Input[float]) – The bandwidth in Mbps of the circuit being created.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

  • peering_location (pulumi.Input[str]) – The name of the peering location and not the Azure resource location.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

  • service_key (pulumi.Input[str]) – The string needed by the service provider to provision the ExpressRoute circuit.

  • service_provider_name (pulumi.Input[str]) – The name of the ExpressRoute Service Provider.

  • service_provider_provisioning_state (pulumi.Input[str]) – The ExpressRoute circuit provisioning state from your chosen service provider. Possible values are “NotProvisioned”, “Provisioning”, “Provisioned”, and “Deprovisioning”.

  • sku (pulumi.Input[dict]) – A sku block for the ExpressRoute circuit as documented below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The sku object supports the following:

  • family (pulumi.Input[str]) - The billing mode for bandwidth. Possible values are MeteredData or UnlimitedData.

  • tier (pulumi.Input[str]) - The service tier. Possible values are Basic, Local, Standard or Premium.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.ExpressRouteCircuitAuthorization(resource_name, opts=None, express_route_circuit_name=None, name=None, resource_group_name=None, __props__=None, __name__=None, __opts__=None)

Manages an ExpressRoute Circuit Authorization.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_express_route_circuit = azure.network.ExpressRouteCircuit("exampleExpressRouteCircuit",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    service_provider_name="Equinix",
    peering_location="Silicon Valley",
    bandwidth_in_mbps=50,
    sku={
        "tier": "Standard",
        "family": "MeteredData",
    },
    allow_classic_operations=False,
    tags={
        "environment": "Production",
    })
example_express_route_circuit_authorization = azure.network.ExpressRouteCircuitAuthorization("exampleExpressRouteCircuitAuthorization",
    express_route_circuit_name=example_express_route_circuit.name,
    resource_group_name=example_resource_group.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • express_route_circuit_name (pulumi.Input[str]) – The name of the Express Route Circuit in which to create the Authorization.

  • name (pulumi.Input[str]) – The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

authorization_key: pulumi.Output[str] = None

The Authorization Key.

authorization_use_status: pulumi.Output[str] = None

The authorization use status.

express_route_circuit_name: pulumi.Output[str] = None

The name of the Express Route Circuit in which to create the Authorization.

name: pulumi.Output[str] = None

The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, authorization_key=None, authorization_use_status=None, express_route_circuit_name=None, name=None, resource_group_name=None)

Get an existing ExpressRouteCircuitAuthorization resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • authorization_key (pulumi.Input[str]) – The Authorization Key.

  • authorization_use_status (pulumi.Input[str]) – The authorization use status.

  • express_route_circuit_name (pulumi.Input[str]) – The name of the Express Route Circuit in which to create the Authorization.

  • name (pulumi.Input[str]) – The name of the ExpressRoute circuit. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute circuit. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.ExpressRouteCircuitPeering(resource_name, opts=None, express_route_circuit_name=None, microsoft_peering_config=None, peer_asn=None, peering_type=None, primary_peer_address_prefix=None, resource_group_name=None, secondary_peer_address_prefix=None, shared_key=None, vlan_id=None, __props__=None, __name__=None, __opts__=None)

Manages an ExpressRoute Circuit Peering.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_express_route_circuit = azure.network.ExpressRouteCircuit("exampleExpressRouteCircuit",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    service_provider_name="Equinix",
    peering_location="Silicon Valley",
    bandwidth_in_mbps=50,
    sku={
        "tier": "Standard",
        "family": "MeteredData",
    },
    allow_classic_operations=False,
    tags={
        "environment": "Production",
    })
example_express_route_circuit_peering = azure.network.ExpressRouteCircuitPeering("exampleExpressRouteCircuitPeering",
    peering_type="MicrosoftPeering",
    express_route_circuit_name=example_express_route_circuit.name,
    resource_group_name=example_resource_group.name,
    peer_asn=100,
    primary_peer_address_prefix="123.0.0.0/30",
    secondary_peer_address_prefix="123.0.0.4/30",
    vlan_id=300,
    microsoft_peering_config={
        "advertisedPublicPrefixes": ["123.1.0.0/24"],
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • express_route_circuit_name (pulumi.Input[str]) – The name of the ExpressRoute Circuit in which to create the Peering.

  • microsoft_peering_config (pulumi.Input[dict]) – A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

  • peer_asn (pulumi.Input[float]) – The Either a 16-bit or a 32-bit ASN. Can either be public or private..

  • peering_type (pulumi.Input[str]) – The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

  • primary_peer_address_prefix (pulumi.Input[str]) – A /30 subnet for the primary link.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

  • secondary_peer_address_prefix (pulumi.Input[str]) – A /30 subnet for the secondary link.

  • shared_key (pulumi.Input[str]) – The shared key. Can be a maximum of 25 characters.

  • vlan_id (pulumi.Input[float]) – A valid VLAN ID to establish this peering on.

The microsoft_peering_config object supports the following:

  • advertisedPublicPrefixes (pulumi.Input[list]) - A list of Advertised Public Prefixes

  • customerAsn (pulumi.Input[float]) - The CustomerASN of the peering

  • routingRegistryName (pulumi.Input[str]) - The RoutingRegistryName of the configuration

azure_asn: pulumi.Output[float] = None

The ASN used by Azure.

express_route_circuit_name: pulumi.Output[str] = None

The name of the ExpressRoute Circuit in which to create the Peering.

microsoft_peering_config: pulumi.Output[dict] = None

A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

  • advertisedPublicPrefixes (list) - A list of Advertised Public Prefixes

  • customerAsn (float) - The CustomerASN of the peering

  • routingRegistryName (str) - The RoutingRegistryName of the configuration

peer_asn: pulumi.Output[float] = None

The Either a 16-bit or a 32-bit ASN. Can either be public or private..

peering_type: pulumi.Output[str] = None

The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

primary_azure_port: pulumi.Output[str] = None

The Primary Port used by Azure for this Peering.

primary_peer_address_prefix: pulumi.Output[str] = None

A /30 subnet for the primary link.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

secondary_azure_port: pulumi.Output[str] = None

The Secondary Port used by Azure for this Peering.

secondary_peer_address_prefix: pulumi.Output[str] = None

A /30 subnet for the secondary link.

shared_key: pulumi.Output[str] = None

The shared key. Can be a maximum of 25 characters.

vlan_id: pulumi.Output[float] = None

A valid VLAN ID to establish this peering on.

static get(resource_name, id, opts=None, azure_asn=None, express_route_circuit_name=None, microsoft_peering_config=None, peer_asn=None, peering_type=None, primary_azure_port=None, primary_peer_address_prefix=None, resource_group_name=None, secondary_azure_port=None, secondary_peer_address_prefix=None, shared_key=None, vlan_id=None)

Get an existing ExpressRouteCircuitPeering resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • azure_asn (pulumi.Input[float]) – The ASN used by Azure.

  • express_route_circuit_name (pulumi.Input[str]) – The name of the ExpressRoute Circuit in which to create the Peering.

  • microsoft_peering_config (pulumi.Input[dict]) – A microsoft_peering_config block as defined below. Required when peering_type is set to MicrosoftPeering.

  • peer_asn (pulumi.Input[float]) – The Either a 16-bit or a 32-bit ASN. Can either be public or private..

  • peering_type (pulumi.Input[str]) – The type of the ExpressRoute Circuit Peering. Acceptable values include AzurePrivatePeering, AzurePublicPeering and MicrosoftPeering. Changing this forces a new resource to be created.

  • primary_azure_port (pulumi.Input[str]) – The Primary Port used by Azure for this Peering.

  • primary_peer_address_prefix (pulumi.Input[str]) – A /30 subnet for the primary link.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Express Route Circuit Peering. Changing this forces a new resource to be created.

  • secondary_azure_port (pulumi.Input[str]) – The Secondary Port used by Azure for this Peering.

  • secondary_peer_address_prefix (pulumi.Input[str]) – A /30 subnet for the secondary link.

  • shared_key (pulumi.Input[str]) – The shared key. Can be a maximum of 25 characters.

  • vlan_id (pulumi.Input[float]) – A valid VLAN ID to establish this peering on.

The microsoft_peering_config object supports the following:

  • advertisedPublicPrefixes (pulumi.Input[list]) - A list of Advertised Public Prefixes

  • customerAsn (pulumi.Input[float]) - The CustomerASN of the peering

  • routingRegistryName (pulumi.Input[str]) - The RoutingRegistryName of the configuration

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.ExpressRouteGateway(resource_name, opts=None, location=None, name=None, resource_group_name=None, scale_units=None, tags=None, virtual_hub_id=None, __props__=None, __name__=None, __opts__=None)

Manages an ExpressRoute gateway.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_wan = azure.network.VirtualWan("exampleVirtualWan",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location)
example_virtual_hub = azure.network.VirtualHub("exampleVirtualHub",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    virtual_wan_id=example_virtual_wan.id,
    address_prefix="10.0.1.0/24")
example_express_route_gateway = azure.network.ExpressRouteGateway("exampleExpressRouteGateway",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    virtual_hub_id=example_virtual_hub.id,
    scale_units=1,
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the ExpressRoute gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute gateway. Changing this forces a new resource to be created.

  • scale_units (pulumi.Input[float]) – The number of scale units with which to provision the ExpressRoute gateway. Each scale unit is equal to 2Gbps, with support for up to 10 scale units (20Gbps).

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • virtual_hub_id (pulumi.Input[str]) – The ID of a Virtual HUB within which the ExpressRoute gateway should be created.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the ExpressRoute gateway. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the ExpressRoute gateway. Changing this forces a new resource to be created.

scale_units: pulumi.Output[float] = None

The number of scale units with which to provision the ExpressRoute gateway. Each scale unit is equal to 2Gbps, with support for up to 10 scale units (20Gbps).

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

virtual_hub_id: pulumi.Output[str] = None

The ID of a Virtual HUB within which the ExpressRoute gateway should be created.

static get(resource_name, id, opts=None, location=None, name=None, resource_group_name=None, scale_units=None, tags=None, virtual_hub_id=None)

Get an existing ExpressRouteGateway resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the ExpressRoute gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the ExpressRoute gateway. Changing this forces a new resource to be created.

  • scale_units (pulumi.Input[float]) – The number of scale units with which to provision the ExpressRoute gateway. Each scale unit is equal to 2Gbps, with support for up to 10 scale units (20Gbps).

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • virtual_hub_id (pulumi.Input[str]) – The ID of a Virtual HUB within which the ExpressRoute gateway should be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.Firewall(resource_name, opts=None, ip_configurations=None, location=None, name=None, resource_group_name=None, tags=None, zones=None, __props__=None, __name__=None, __opts__=None)

Manages an Azure Firewall.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="North Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard")
example_firewall = azure.network.Firewall("exampleFirewall",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "configuration",
        "subnet_id": example_subnet.id,
        "public_ip_address_id": example_public_ip.id,
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • ip_configurations (pulumi.Input[list]) – A ip_configuration block as documented below.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Firewall. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[list]) – Specifies the availability zones in which the Azure Firewall should be created.

The ip_configurations object supports the following:

  • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

  • private_ip_address (pulumi.Input[str]) - The private IP address of the Azure Firewall.

  • public_ip_address_id (pulumi.Input[str]) - The Resource ID of the Public IP Address associated with the firewall.

  • subnet_id (pulumi.Input[str]) - Reference to the subnet associated with the IP Configuration.

ip_configurations: pulumi.Output[list] = None

A ip_configuration block as documented below.

  • name (str) - Specifies the name of the IP Configuration.

  • private_ip_address (str) - The private IP address of the Azure Firewall.

  • public_ip_address_id (str) - The Resource ID of the Public IP Address associated with the firewall.

  • subnet_id (str) - Reference to the subnet associated with the IP Configuration.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Firewall. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

zones: pulumi.Output[list] = None

Specifies the availability zones in which the Azure Firewall should be created.

static get(resource_name, id, opts=None, ip_configurations=None, location=None, name=None, resource_group_name=None, tags=None, zones=None)

Get an existing Firewall resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • ip_configurations (pulumi.Input[list]) – A ip_configuration block as documented below.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Firewall. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[list]) – Specifies the availability zones in which the Azure Firewall should be created.

The ip_configurations object supports the following:

  • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

  • private_ip_address (pulumi.Input[str]) - The private IP address of the Azure Firewall.

  • public_ip_address_id (pulumi.Input[str]) - The Resource ID of the Public IP Address associated with the firewall.

  • subnet_id (pulumi.Input[str]) - Reference to the subnet associated with the IP Configuration.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.FirewallApplicationRuleCollection(resource_name, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None, __props__=None, __name__=None, __opts__=None)

Manages an Application Rule Collection within an Azure Firewall.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="North Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard")
example_firewall = azure.network.Firewall("exampleFirewall",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "configuration",
        "subnet_id": example_subnet.id,
        "public_ip_address_id": example_public_ip.id,
    }])
example_firewall_application_rule_collection = azure.network.FirewallApplicationRuleCollection("exampleFirewallApplicationRuleCollection",
    azure_firewall_name=example_firewall.name,
    resource_group_name=example_resource_group.name,
    priority=100,
    action="Allow",
    rule=[{
        "name": "testrule",
        "sourceAddresses": ["10.0.0.0/16"],
        "targetFqdns": ["*.google.com"],
        "protocol": [{
            "port": "443",
            "type": "Https",
        }],
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • fqdnTags (pulumi.Input[list]) - A list of FQDN tags. Possible values are AppServiceEnvironment, AzureBackup, MicrosoftActiveProtectionService, WindowsDiagnostics and WindowsUpdate

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - One or more protocol blocks as defined below.

    • port (pulumi.Input[float]) - Specify a port for the connection.

    • type (pulumi.Input[str]) - Specifies the type of connection. Possible values are Http, Https and Mssql.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

  • targetFqdns (pulumi.Input[list]) - A list of FQDNs.

action: pulumi.Output[str] = None

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

azure_firewall_name: pulumi.Output[str] = None

Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

priority: pulumi.Output[float] = None

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

resource_group_name: pulumi.Output[str] = None

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

rules: pulumi.Output[list] = None

One or more rule blocks as defined below.

  • description (str) - Specifies a description for the rule.

  • fqdnTags (list) - A list of FQDN tags. Possible values are AppServiceEnvironment, AzureBackup, MicrosoftActiveProtectionService, WindowsDiagnostics and WindowsUpdate

  • name (str) - Specifies the name of the rule.

  • protocols (list) - One or more protocol blocks as defined below.

    • port (float) - Specify a port for the connection.

    • type (str) - Specifies the type of connection. Possible values are Http, Https and Mssql.

  • sourceAddresses (list) - A list of source IP addresses and/or IP ranges.

  • targetFqdns (list) - A list of FQDNs.

static get(resource_name, id, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None)

Get an existing FirewallApplicationRuleCollection resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the Application Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Application Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • fqdnTags (pulumi.Input[list]) - A list of FQDN tags. Possible values are AppServiceEnvironment, AzureBackup, MicrosoftActiveProtectionService, WindowsDiagnostics and WindowsUpdate

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - One or more protocol blocks as defined below.

    • port (pulumi.Input[float]) - Specify a port for the connection.

    • type (pulumi.Input[str]) - Specifies the type of connection. Possible values are Http, Https and Mssql.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

  • targetFqdns (pulumi.Input[list]) - A list of FQDNs.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.FirewallNatRuleCollection(resource_name, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None, __props__=None, __name__=None, __opts__=None)

Manages a NAT Rule Collection within an Azure Firewall.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="North Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard")
example_firewall = azure.network.Firewall("exampleFirewall",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "configuration",
        "subnet_id": example_subnet.id,
        "public_ip_address_id": example_public_ip.id,
    }])
example_firewall_nat_rule_collection = azure.network.FirewallNatRuleCollection("exampleFirewallNatRuleCollection",
    azure_firewall_name=example_firewall.name,
    resource_group_name=example_resource_group.name,
    priority=100,
    action="Dnat",
    rule=[{
        "name": "testrule",
        "sourceAddresses": ["10.0.0.0/16"],
        "destinationPorts": ["53"],
        "destinationAddresses": [example_public_ip.ip_address],
        "translatedPort": 53,
        "translatedAddress": "8.8.8.8",
        "protocols": [
            "TCP",
            "UDP",
        ],
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Dnat and Snat.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the NAT Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the NAT Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • destinationAddresses (pulumi.Input[list]) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (pulumi.Input[list]) - A list of destination ports.

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - A list of protocols. Possible values are Any, ICMP, TCP and UDP. If action is Dnat, protocols can only be TCP and UDP.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

  • translatedAddress (pulumi.Input[str]) - The address of the service behind the Firewall.

  • translatedPort (pulumi.Input[str]) - The port of the service behind the Firewall.

action: pulumi.Output[str] = None

Specifies the action the rule will apply to matching traffic. Possible values are Dnat and Snat.

azure_firewall_name: pulumi.Output[str] = None

Specifies the name of the Firewall in which the NAT Rule Collection should be created. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the NAT Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

priority: pulumi.Output[float] = None

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

resource_group_name: pulumi.Output[str] = None

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

rules: pulumi.Output[list] = None

One or more rule blocks as defined below.

  • description (str) - Specifies a description for the rule.

  • destinationAddresses (list) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (list) - A list of destination ports.

  • name (str) - Specifies the name of the rule.

  • protocols (list) - A list of protocols. Possible values are Any, ICMP, TCP and UDP. If action is Dnat, protocols can only be TCP and UDP.

  • sourceAddresses (list) - A list of source IP addresses and/or IP ranges.

  • translatedAddress (str) - The address of the service behind the Firewall.

  • translatedPort (str) - The port of the service behind the Firewall.

static get(resource_name, id, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None)

Get an existing FirewallNatRuleCollection resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Dnat and Snat.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the NAT Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the NAT Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • destinationAddresses (pulumi.Input[list]) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (pulumi.Input[list]) - A list of destination ports.

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - A list of protocols. Possible values are Any, ICMP, TCP and UDP. If action is Dnat, protocols can only be TCP and UDP.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

  • translatedAddress (pulumi.Input[str]) - The address of the service behind the Firewall.

  • translatedPort (pulumi.Input[str]) - The port of the service behind the Firewall.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.FirewallNetworkRuleCollection(resource_name, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Rule Collection within an Azure Firewall.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="North Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard")
example_firewall = azure.network.Firewall("exampleFirewall",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "configuration",
        "subnet_id": example_subnet.id,
        "public_ip_address_id": example_public_ip.id,
    }])
example_firewall_network_rule_collection = azure.network.FirewallNetworkRuleCollection("exampleFirewallNetworkRuleCollection",
    azure_firewall_name=example_firewall.name,
    resource_group_name=example_resource_group.name,
    priority=100,
    action="Allow",
    rule=[{
        "name": "testrule",
        "sourceAddresses": ["10.0.0.0/16"],
        "destinationPorts": ["53"],
        "destinationAddresses": [
            "8.8.8.8",
            "8.8.4.4",
        ],
        "protocols": [
            "TCP",
            "UDP",
        ],
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the Network Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • destinationAddresses (pulumi.Input[list]) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (pulumi.Input[list]) - A list of destination ports.

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - A list of protocols. Possible values are Any, ICMP, TCP and UDP.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

action: pulumi.Output[str] = None

Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

azure_firewall_name: pulumi.Output[str] = None

Specifies the name of the Firewall in which the Network Rule Collection should be created. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Network Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

priority: pulumi.Output[float] = None

Specifies the priority of the rule collection. Possible values are between 100 - 65000.

resource_group_name: pulumi.Output[str] = None

Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

rules: pulumi.Output[list] = None

One or more rule blocks as defined below.

  • description (str) - Specifies a description for the rule.

  • destinationAddresses (list) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (list) - A list of destination ports.

  • name (str) - Specifies the name of the rule.

  • protocols (list) - A list of protocols. Possible values are Any, ICMP, TCP and UDP.

  • sourceAddresses (list) - A list of source IP addresses and/or IP ranges.

static get(resource_name, id, opts=None, action=None, azure_firewall_name=None, name=None, priority=None, resource_group_name=None, rules=None)

Get an existing FirewallNetworkRuleCollection resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • action (pulumi.Input[str]) – Specifies the action the rule will apply to matching traffic. Possible values are Allow and Deny.

  • azure_firewall_name (pulumi.Input[str]) – Specifies the name of the Firewall in which the Network Rule Collection should be created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network Rule Collection which must be unique within the Firewall. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule collection. Possible values are between 100 - 65000.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Firewall exists. Changing this forces a new resource to be created.

  • rules (pulumi.Input[list]) – One or more rule blocks as defined below.

The rules object supports the following:

  • description (pulumi.Input[str]) - Specifies a description for the rule.

  • destinationAddresses (pulumi.Input[list]) - A list of destination IP addresses and/or IP ranges.

  • destinationPorts (pulumi.Input[list]) - A list of destination ports.

  • name (pulumi.Input[str]) - Specifies the name of the rule.

  • protocols (pulumi.Input[list]) - A list of protocols. Possible values are Any, ICMP, TCP and UDP.

  • sourceAddresses (pulumi.Input[list]) - A list of source IP addresses and/or IP ranges.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.GetApplicationSecurityGroupResult(id=None, location=None, name=None, resource_group_name=None, tags=None)

A collection of values returned by getApplicationSecurityGroup.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The supported Azure location where the Application Security Group exists.

tags = None

A mapping of tags assigned to the resource.

class pulumi_azure.network.GetExpressRouteCircuitResult(id=None, location=None, name=None, peerings=None, resource_group_name=None, service_key=None, service_provider_properties=None, service_provider_provisioning_state=None, sku=None)

A collection of values returned by getExpressRouteCircuit.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The Azure location where the ExpressRoute circuit exists

peerings = None

A peerings block for the ExpressRoute circuit as documented below

service_key = None

The string needed by the service provider to provision the ExpressRoute circuit.

service_provider_properties = None

A service_provider_properties block for the ExpressRoute circuit as documented below

service_provider_provisioning_state = None

The ExpressRoute circuit provisioning state from your chosen service provider. Possible values are “NotProvisioned”, “Provisioning”, “Provisioned”, and “Deprovisioning”.

sku = None

A sku block for the ExpressRoute circuit as documented below.

class pulumi_azure.network.GetFirewallResult(id=None, ip_configurations=None, location=None, name=None, resource_group_name=None, tags=None)

A collection of values returned by getFirewall.

id = None

The provider-assigned unique ID for this managed resource.

ip_configurations = None

A ip_configuration block as defined below.

class pulumi_azure.network.GetGatewayConnectionResult(authorization_key=None, connection_protocol=None, egress_bytes_transferred=None, enable_bgp=None, express_route_circuit_id=None, express_route_gateway_bypass=None, id=None, ingress_bytes_transferred=None, ipsec_policies=None, local_network_gateway_id=None, location=None, name=None, peer_virtual_network_gateway_id=None, resource_group_name=None, resource_guid=None, routing_weight=None, shared_key=None, tags=None, type=None, use_policy_based_traffic_selectors=None, virtual_network_gateway_id=None)

A collection of values returned by getGatewayConnection.

authorization_key = None

The authorization key associated with the Express Route Circuit. This field is present only if the type is an ExpressRoute connection.

enable_bgp = None

If true, BGP (Border Gateway Protocol) is enabled for this connection.

express_route_circuit_id = None

The ID of the Express Route Circuit (i.e. when type is ExpressRoute).

express_route_gateway_bypass = None

If true, data packets will bypass ExpressRoute Gateway for data forwarding. This is only valid for ExpressRoute connections.

id = None

The provider-assigned unique ID for this managed resource.

local_network_gateway_id = None

The ID of the local network gateway when a Site-to-Site connection (i.e. when type is IPsec).

location = None

The location/region where the connection is located.

peer_virtual_network_gateway_id = None

The ID of the peer virtual network gateway when a VNet-to-VNet connection (i.e. when type is Vnet2Vnet).

routing_weight = None

The routing weight.

shared_key = None

The shared IPSec key.

tags = None

A mapping of tags to assign to the resource.

type = None

The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet).

use_policy_based_traffic_selectors = None

If true, policy-based traffic selectors are enabled for this connection. Enabling policy-based traffic selectors requires an ipsec_policy block.

virtual_network_gateway_id = None

The ID of the Virtual Network Gateway in which the connection is created.

class pulumi_azure.network.GetNatGatewayResult(id=None, idle_timeout_in_minutes=None, location=None, name=None, public_ip_address_ids=None, public_ip_prefix_ids=None, resource_group_name=None, resource_guid=None, sku_name=None, tags=None, zones=None)

A collection of values returned by getNatGateway.

id = None

The provider-assigned unique ID for this managed resource.

idle_timeout_in_minutes = None

The idle timeout in minutes which is used for the NAT Gateway.

location = None

The location where the NAT Gateway exists.

public_ip_address_ids = None

A list of existing Public IP Address resource IDs which the NAT Gateway is using.

public_ip_prefix_ids = None

A list of existing Public IP Prefix resource IDs which the NAT Gateway is using.

resource_guid = None

The Resource GUID of the NAT Gateway.

sku_name = None

The SKU used by the NAT Gateway.

tags = None

A mapping of tags assigned to the resource.

zones = None

A list of Availability Zones which the NAT Gateway exists in.

class pulumi_azure.network.GetNetworkDdosProtectionPlanResult(id=None, location=None, name=None, resource_group_name=None, tags=None, virtual_network_ids=None)

A collection of values returned by getNetworkDdosProtectionPlan.

id = None

The provider-assigned unique ID for this managed resource.

location = None

Specifies the supported Azure location where the resource exists.

tags = None

A mapping of tags assigned to the resource.

virtual_network_ids = None

The Resource ID list of the Virtual Networks associated with DDoS Protection Plan.

class pulumi_azure.network.GetNetworkInterfaceResult(applied_dns_servers=None, dns_servers=None, enable_accelerated_networking=None, enable_ip_forwarding=None, id=None, internal_dns_name_label=None, ip_configurations=None, location=None, mac_address=None, name=None, network_security_group_id=None, private_ip_address=None, private_ip_addresses=None, resource_group_name=None, tags=None, virtual_machine_id=None)

A collection of values returned by getNetworkInterface.

applied_dns_servers = None

List of DNS servers applied to the specified Network Interface.

dns_servers = None

The list of DNS servers used by the specified Network Interface.

enable_accelerated_networking = None

Indicates if accelerated networking is set on the specified Network Interface.

enable_ip_forwarding = None

Indicate if IP forwarding is set on the specified Network Interface.

id = None

The provider-assigned unique ID for this managed resource.

internal_dns_name_label = None

The internal dns name label of the specified Network Interface.

ip_configurations = None

One or more ip_configuration blocks as defined below.

location = None

The location of the specified Network Interface.

mac_address = None

The MAC address used by the specified Network Interface.

name = None

The name of the IP Configuration.

network_security_group_id = None

The ID of the network security group associated to the specified Network Interface.

private_ip_address = None

The Private IP Address assigned to this Network Interface.

private_ip_addresses = None

The list of private ip addresses associates to the specified Network Interface.

tags = None

List the tags associated to the specified Network Interface.

virtual_machine_id = None

The ID of the virtual machine that the specified Network Interface is attached to.

class pulumi_azure.network.GetNetworkSecurityGroupResult(id=None, location=None, name=None, resource_group_name=None, security_rules=None, tags=None)

A collection of values returned by getNetworkSecurityGroup.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The supported Azure location where the resource exists.

name = None

The name of the security rule.

security_rules = None

One or more security_rule blocks as defined below.

tags = None

A mapping of tags assigned to the resource.

class pulumi_azure.network.GetNetworkWatcherResult(id=None, location=None, name=None, resource_group_name=None, tags=None)

A collection of values returned by getNetworkWatcher.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The supported Azure location where the resource exists.

tags = None

A mapping of tags assigned to the resource.

class pulumi_azure.network.GetPublicIPResult(allocation_method=None, domain_name_label=None, fqdn=None, id=None, idle_timeout_in_minutes=None, ip_address=None, ip_version=None, location=None, name=None, resource_group_name=None, reverse_fqdn=None, sku=None, tags=None, zones=None)

A collection of values returned by getPublicIP.

domain_name_label = None

The label for the Domain Name.

fqdn = None

Fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.

id = None

The provider-assigned unique ID for this managed resource.

idle_timeout_in_minutes = None

Specifies the timeout for the TCP idle connection.

ip_address = None

The IP address value that was allocated.

ip_version = None

The IP version being used, for example IPv4 or IPv6.

tags = None

A mapping of tags to assigned to the resource.

class pulumi_azure.network.GetPublicIPsResult(allocation_type=None, attached=None, id=None, name_prefix=None, public_ips=None, resource_group_name=None)

A collection of values returned by getPublicIPs.

id = None

The provider-assigned unique ID for this managed resource.

public_ips = None

A List of public_ips blocks as defined below filtered by the criteria above.

class pulumi_azure.network.GetPublicIpPrefixResult(id=None, ip_prefix=None, location=None, name=None, prefix_length=None, resource_group_name=None, sku=None, tags=None, zones=None)

A collection of values returned by getPublicIpPrefix.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The supported Azure location where the resource exists.

name = None

The name of the Public IP prefix resource.

prefix_length = None

The number of bits of the prefix.

resource_group_name = None

The name of the resource group in which to create the public IP.

sku = None

The SKU of the Public IP Prefix.

tags = None

A mapping of tags to assigned to the resource.

class pulumi_azure.network.GetRouteTableResult(id=None, location=None, name=None, resource_group_name=None, routes=None, subnets=None, tags=None)

A collection of values returned by getRouteTable.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The Azure Region in which the Route Table exists.

name = None

The name of the Route.

routes = None

One or more route blocks as documented below.

subnets = None

The collection of Subnets associated with this route table.

tags = None

A mapping of tags assigned to the Route Table.

class pulumi_azure.network.GetServiceTagsResult(address_prefixes=None, id=None, location=None, location_filter=None, service=None)

A collection of values returned by getServiceTags.

address_prefixes = None

List of address prefixes for the service type (and optionally a specific region).

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_azure.network.GetSubnetResult(address_prefix=None, address_prefixes=None, enforce_private_link_endpoint_network_policies=None, enforce_private_link_service_network_policies=None, id=None, name=None, network_security_group_id=None, resource_group_name=None, route_table_id=None, service_endpoints=None, virtual_network_name=None)

A collection of values returned by getSubnet.

address_prefix = None

(Deprecated) The address prefix used for the subnet.

address_prefixes = None

The address prefixes for the subnet.

Enable or Disable network policies for the private link endpoint on the subnet.

Enable or Disable network policies for the private link service on the subnet.

id = None

The provider-assigned unique ID for this managed resource.

network_security_group_id = None

The ID of the Network Security Group associated with the subnet.

route_table_id = None

The ID of the Route Table associated with this subnet.

service_endpoints = None

A list of Service Endpoints within this subnet.

class pulumi_azure.network.GetTrafficManagerResult(id=None, name=None)

A collection of values returned by getTrafficManager.

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_azure.network.GetVirtualHubResult(address_prefix=None, id=None, location=None, name=None, resource_group_name=None, tags=None, virtual_wan_id=None)

A collection of values returned by getVirtualHub.

address_prefix = None

The Address Prefix used for this Virtual Hub.

id = None

The provider-assigned unique ID for this managed resource.

location = None

The Azure Region where the Virtual Hub exists.

tags = None

A mapping of tags assigned to the Virtual Hub.

virtual_wan_id = None

The ID of the Virtual WAN within which the Virtual Hub exists.

class pulumi_azure.network.GetVirtualNetworkGatewayResult(active_active=None, bgp_settings=None, default_local_network_gateway_id=None, enable_bgp=None, generation=None, id=None, ip_configurations=None, location=None, name=None, resource_group_name=None, sku=None, tags=None, type=None, vpn_client_configurations=None, vpn_type=None)

A collection of values returned by getVirtualNetworkGateway.

active_active = None

Is this an Active-Active Gateway?

default_local_network_gateway_id = None

The ID of the local network gateway through which outbound Internet traffic from the virtual network in which the gateway is created will be routed (forced tunneling). Refer to the Azure documentation on forced tunneling.

enable_bgp = None

Will BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway.

generation = None

The Generation of the Virtual Network Gateway.

id = None

The provider-assigned unique ID for this managed resource.

ip_configurations = None

One or two ip_configuration blocks documented below.

location = None

The location/region where the Virtual Network Gateway is located.

name = None

The user-defined name of the revoked certificate.

sku = None

Configuration of the size and capacity of the Virtual Network Gateway.

tags = None

A mapping of tags assigned to the resource.

type = None

The type of the Virtual Network Gateway.

vpn_client_configurations = None

A vpn_client_configuration block which is documented below.

vpn_type = None

The routing type of the Virtual Network Gateway.

class pulumi_azure.network.GetVirtualNetworkResult(address_spaces=None, dns_servers=None, guid=None, id=None, location=None, name=None, resource_group_name=None, subnets=None, vnet_peerings=None)

A collection of values returned by getVirtualNetwork.

address_spaces = None

The list of address spaces used by the virtual network.

dns_servers = None

The list of DNS servers used by the virtual network.

guid = None

The GUID of the virtual network.

id = None

The provider-assigned unique ID for this managed resource.

location = None

Location of the virtual network.

subnets = None

The list of name of the subnets that are attached to this virtual network.

vnet_peerings = None

A mapping of name - virtual network id of the virtual network peerings.

class pulumi_azure.network.LocalNetworkGateway(resource_name, opts=None, address_spaces=None, bgp_settings=None, gateway_address=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a local network gateway connection over which specific connections can be configured.

import pulumi
import pulumi_azure as azure

example = azure.core.ResourceGroup("example", location="West US")
home = azure.network.LocalNetworkGateway("home",
    resource_group_name=example.name,
    location=example.location,
    gateway_address="12.13.14.15",
    address_spaces=["10.0.0.0/16"])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_spaces (pulumi.Input[list]) – The list of string CIDRs representing the address spaces the gateway exposes.

  • bgp_settings (pulumi.Input[dict]) – A bgp_settings block as defined below containing the Local Network Gateway’s BGP speaker settings.

  • gateway_address (pulumi.Input[str]) – The IP address of the gateway to which to connect.

  • location (pulumi.Input[str]) – The location/region where the local network gateway is created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the local network gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the local network gateway.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The bgp_settings object supports the following:

  • asn (pulumi.Input[float]) - The BGP speaker’s ASN.

  • bgpPeeringAddress (pulumi.Input[str]) - The BGP peering address and BGP identifier of this BGP speaker.

  • peerWeight (pulumi.Input[float]) - The weight added to routes learned from this BGP speaker.

address_spaces: pulumi.Output[list] = None

The list of string CIDRs representing the address spaces the gateway exposes.

bgp_settings: pulumi.Output[dict] = None

A bgp_settings block as defined below containing the Local Network Gateway’s BGP speaker settings.

  • asn (float) - The BGP speaker’s ASN.

  • bgpPeeringAddress (str) - The BGP peering address and BGP identifier of this BGP speaker.

  • peerWeight (float) - The weight added to routes learned from this BGP speaker.

gateway_address: pulumi.Output[str] = None

The IP address of the gateway to which to connect.

location: pulumi.Output[str] = None

The location/region where the local network gateway is created. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the local network gateway. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the local network gateway.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, address_spaces=None, bgp_settings=None, gateway_address=None, location=None, name=None, resource_group_name=None, tags=None)

Get an existing LocalNetworkGateway resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_spaces (pulumi.Input[list]) – The list of string CIDRs representing the address spaces the gateway exposes.

  • bgp_settings (pulumi.Input[dict]) – A bgp_settings block as defined below containing the Local Network Gateway’s BGP speaker settings.

  • gateway_address (pulumi.Input[str]) – The IP address of the gateway to which to connect.

  • location (pulumi.Input[str]) – The location/region where the local network gateway is created. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the local network gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the local network gateway.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The bgp_settings object supports the following:

  • asn (pulumi.Input[float]) - The BGP speaker’s ASN.

  • bgpPeeringAddress (pulumi.Input[str]) - The BGP peering address and BGP identifier of this BGP speaker.

  • peerWeight (pulumi.Input[float]) - The weight added to routes learned from this BGP speaker.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NatGateway(resource_name, opts=None, idle_timeout_in_minutes=None, location=None, name=None, public_ip_address_ids=None, public_ip_prefix_ids=None, resource_group_name=None, sku_name=None, tags=None, zones=None, __props__=None, __name__=None, __opts__=None)

Manages a Azure NAT Gateway.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="eastus2")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard",
    zones=["1"])
example_public_ip_prefix = azure.network.PublicIpPrefix("examplePublicIpPrefix",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    prefix_length=30,
    zones=["1"])
example_nat_gateway = azure.network.NatGateway("exampleNatGateway",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    public_ip_address_ids=[example_public_ip.id],
    public_ip_prefix_ids=[example_public_ip_prefix.id],
    sku_name="Standard",
    idle_timeout_in_minutes=10,
    zones=["1"])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • idle_timeout_in_minutes (pulumi.Input[float]) – The idle timeout which should be used in minutes. Defaults to 4.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the NAT Gateway should exist. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the NAT Gateway. Changing this forces a new resource to be created.

  • public_ip_address_ids (pulumi.Input[list]) – A list of Public IP Address ID’s which should be associated with the NAT Gateway resource.

  • public_ip_prefix_ids (pulumi.Input[list]) – A list of Public IP Prefix ID’s which should be associated with the NAT Gateway resource.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the NAT Gateway should exist. Changing this forces a new resource to be created.

  • sku_name (pulumi.Input[str]) – The SKU which should be used. At this time the only supported value is Standard. Defaults to Standard.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

  • zones (pulumi.Input[list]) – A list of availability zones where the NAT Gateway should be provisioned. Changing this forces a new resource to be created.

idle_timeout_in_minutes: pulumi.Output[float] = None

The idle timeout which should be used in minutes. Defaults to 4.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the NAT Gateway should exist. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the NAT Gateway. Changing this forces a new resource to be created.

public_ip_address_ids: pulumi.Output[list] = None

A list of Public IP Address ID’s which should be associated with the NAT Gateway resource.

public_ip_prefix_ids: pulumi.Output[list] = None

A list of Public IP Prefix ID’s which should be associated with the NAT Gateway resource.

resource_group_name: pulumi.Output[str] = None

Specifies the name of the Resource Group in which the NAT Gateway should exist. Changing this forces a new resource to be created.

resource_guid: pulumi.Output[str] = None

The resource GUID property of the NAT Gateway.

sku_name: pulumi.Output[str] = None

The SKU which should be used. At this time the only supported value is Standard. Defaults to Standard.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

zones: pulumi.Output[list] = None

A list of availability zones where the NAT Gateway should be provisioned. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, idle_timeout_in_minutes=None, location=None, name=None, public_ip_address_ids=None, public_ip_prefix_ids=None, resource_group_name=None, resource_guid=None, sku_name=None, tags=None, zones=None)

Get an existing NatGateway resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • idle_timeout_in_minutes (pulumi.Input[float]) – The idle timeout which should be used in minutes. Defaults to 4.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the NAT Gateway should exist. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the NAT Gateway. Changing this forces a new resource to be created.

  • public_ip_address_ids (pulumi.Input[list]) – A list of Public IP Address ID’s which should be associated with the NAT Gateway resource.

  • public_ip_prefix_ids (pulumi.Input[list]) – A list of Public IP Prefix ID’s which should be associated with the NAT Gateway resource.

  • resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the NAT Gateway should exist. Changing this forces a new resource to be created.

  • resource_guid (pulumi.Input[str]) – The resource GUID property of the NAT Gateway.

  • sku_name (pulumi.Input[str]) – The SKU which should be used. At this time the only supported value is Standard. Defaults to Standard.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

  • zones (pulumi.Input[list]) – A list of availability zones where the NAT Gateway should be provisioned. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NatGatewayPublicIpAssociation(resource_name, opts=None, nat_gateway_id=None, public_ip_address_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Nat Gateway and a Public IP.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static",
    sku="Standard")
example_nat_gateway = azure.network.NatGateway("exampleNatGateway",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    sku_name="Standard")
example_nat_gateway_public_ip_association = azure.network.NatGatewayPublicIpAssociation("exampleNatGatewayPublicIpAssociation",
    nat_gateway_id=example_nat_gateway.id,
    public_ip_address_id=example_public_ip.id)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • nat_gateway_id (pulumi.Input[str]) – The ID of the Nat Gateway. Changing this forces a new resource to be created.

  • public_ip_address_id (pulumi.Input[str]) – The ID of the Public IP which this Nat Gateway which should be connected to. Changing this forces a new resource to be created.

nat_gateway_id: pulumi.Output[str] = None

The ID of the Nat Gateway. Changing this forces a new resource to be created.

public_ip_address_id: pulumi.Output[str] = None

The ID of the Public IP which this Nat Gateway which should be connected to. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, nat_gateway_id=None, public_ip_address_id=None)

Get an existing NatGatewayPublicIpAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • nat_gateway_id (pulumi.Input[str]) – The ID of the Nat Gateway. Changing this forces a new resource to be created.

  • public_ip_address_id (pulumi.Input[str]) – The ID of the Public IP which this Nat Gateway which should be connected to. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkConnectionMonitor(resource_name, opts=None, auto_start=None, destination=None, interval_in_seconds=None, location=None, name=None, network_watcher_name=None, resource_group_name=None, source=None, tags=None, __props__=None, __name__=None, __opts__=None)

Configures a Network Connection Monitor to monitor communication between a Virtual Machine and an endpoint using a Network Watcher.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_network_watcher = azure.network.NetworkWatcher("exampleNetworkWatcher",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_virtual_machine = azure.compute.VirtualMachine("exampleVirtualMachine",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    network_interface_ids=[example_network_interface.id],
    vm_size="Standard_F2",
    storage_image_reference={
        "publisher": "Canonical",
        "offer": "UbuntuServer",
        "sku": "16.04-LTS",
        "version": "latest",
    },
    storage_os_disk={
        "name": "osdisk",
        "caching": "ReadWrite",
        "create_option": "FromImage",
        "managedDiskType": "Standard_LRS",
    },
    os_profile={
        "computer_name": "cmtest-vm",
        "admin_username": "testadmin",
        "admin_password": "Password1234!",
    },
    os_profile_linux_config={
        "disable_password_authentication": False,
    })
example_extension = azure.compute.Extension("exampleExtension",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    virtual_machine_name=example_virtual_machine.name,
    publisher="Microsoft.Azure.NetworkWatcher",
    type="NetworkWatcherAgentLinux",
    type_handler_version="1.4",
    auto_upgrade_minor_version=True)
example_network_connection_monitor = azure.network.NetworkConnectionMonitor("exampleNetworkConnectionMonitor",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    network_watcher_name=example_network_watcher.name,
    source={
        "virtual_machine_id": example_virtual_machine.id,
    },
    destination={
        "address": "exmaple.com",
        "port": 80,
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auto_start (pulumi.Input[bool]) – Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

  • destination (pulumi.Input[dict]) – A destination block as defined below.

  • interval_in_seconds (pulumi.Input[float]) – Monitoring interval in seconds. Defaults to 60.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Network Connection Monitor. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

  • source (pulumi.Input[dict]) – A source block as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The destination object supports the following:

  • address (pulumi.Input[str]) - IP address or domain name to monitor connectivity to.

  • port (pulumi.Input[float]) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (pulumi.Input[str]) - The ID of the Virtual Machine to monitor connectivity to.

The source object supports the following:

  • port (pulumi.Input[float]) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (pulumi.Input[str]) - The ID of the Virtual Machine to monitor connectivity to.

auto_start: pulumi.Output[bool] = None

Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

destination: pulumi.Output[dict] = None

A destination block as defined below.

  • address (str) - IP address or domain name to monitor connectivity to.

  • port (float) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (str) - The ID of the Virtual Machine to monitor connectivity to.

interval_in_seconds: pulumi.Output[float] = None

Monitoring interval in seconds. Defaults to 60.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the Network Connection Monitor. Changing this forces a new resource to be created.

network_watcher_name: pulumi.Output[str] = None

The name of the Network Watcher. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

source: pulumi.Output[dict] = None

A source block as defined below.

  • port (float) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (str) - The ID of the Virtual Machine to monitor connectivity to.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, auto_start=None, destination=None, interval_in_seconds=None, location=None, name=None, network_watcher_name=None, resource_group_name=None, source=None, tags=None)

Get an existing NetworkConnectionMonitor resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auto_start (pulumi.Input[bool]) – Specifies whether the connection monitor will start automatically once created. Defaults to true. Changing this forces a new resource to be created.

  • destination (pulumi.Input[dict]) – A destination block as defined below.

  • interval_in_seconds (pulumi.Input[float]) – Monitoring interval in seconds. Defaults to 60.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Network Connection Monitor. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Connection Monitor. Changing this forces a new resource to be created.

  • source (pulumi.Input[dict]) – A source block as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The destination object supports the following:

  • address (pulumi.Input[str]) - IP address or domain name to monitor connectivity to.

  • port (pulumi.Input[float]) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (pulumi.Input[str]) - The ID of the Virtual Machine to monitor connectivity to.

The source object supports the following:

  • port (pulumi.Input[float]) - The port on the destination to monitor connectivity to.

  • virtual_machine_id (pulumi.Input[str]) - The ID of the Virtual Machine to monitor connectivity to.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterface(resource_name, opts=None, dns_servers=None, enable_accelerated_networking=None, enable_ip_forwarding=None, internal_dns_name_label=None, ip_configurations=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Interface.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "internal",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • dns_servers (pulumi.Input[list]) – A list of IP Addresses defining the DNS Servers which should be used for this Network Interface.

  • enable_accelerated_networking (pulumi.Input[bool]) – Should Accelerated Networking be enabled? Defaults to false.

  • enable_ip_forwarding (pulumi.Input[bool]) – Should IP Forwarding be enabled? Defaults to false.

  • internal_dns_name_label (pulumi.Input[str]) – The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network.

  • ip_configurations (pulumi.Input[list]) – One or more ip_configuration blocks as defined below.

  • location (pulumi.Input[str]) – The location where the Network Interface should exist. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Network Interface. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the Resource Group in which to create the Network Interface. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The ip_configurations object supports the following:

  • name (pulumi.Input[str]) - A name used for this IP Configuration.

  • primary (pulumi.Input[bool]) - Is this the Primary IP Configuration? Must be true for the first ip_configuration when multiple are specified. Defaults to false.

  • private_ip_address (pulumi.Input[str]) - The Static IP Address which should be used.

  • privateIpAddressAllocation (pulumi.Input[str]) - The allocation method used for the Private IP Address. Possible values are Dynamic and Static.

  • privateIpAddressVersion (pulumi.Input[str]) - The IP Version to use. Possible values are IPv4 or IPv6. Defaults to IPv4.

  • public_ip_address_id (pulumi.Input[str]) - Reference to a Public IP Address to associate with this NIC

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet where this Network Interface should be located in.

applied_dns_servers: pulumi.Output[list] = None

If the Virtual Machine using this Network Interface is part of an Availability Set, then this list will have the union of all DNS servers from all Network Interfaces that are part of the Availability Set.

dns_servers: pulumi.Output[list] = None

A list of IP Addresses defining the DNS Servers which should be used for this Network Interface.

enable_accelerated_networking: pulumi.Output[bool] = None

Should Accelerated Networking be enabled? Defaults to false.

enable_ip_forwarding: pulumi.Output[bool] = None

Should IP Forwarding be enabled? Defaults to false.

internal_dns_name_label: pulumi.Output[str] = None

The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network.

internal_domain_name_suffix: pulumi.Output[str] = None

Even if internal_dns_name_label is not specified, a DNS entry is created for the primary NIC of the VM. This DNS name can be constructed by concatenating the VM name with the value of internal_domain_name_suffix.

ip_configurations: pulumi.Output[list] = None

One or more ip_configuration blocks as defined below.

  • name (str) - A name used for this IP Configuration.

  • primary (bool) - Is this the Primary IP Configuration? Must be true for the first ip_configuration when multiple are specified. Defaults to false.

  • private_ip_address (str) - The Static IP Address which should be used.

  • privateIpAddressAllocation (str) - The allocation method used for the Private IP Address. Possible values are Dynamic and Static.

  • privateIpAddressVersion (str) - The IP Version to use. Possible values are IPv4 or IPv6. Defaults to IPv4.

  • public_ip_address_id (str) - Reference to a Public IP Address to associate with this NIC

  • subnet_id (str) - The ID of the Subnet where this Network Interface should be located in.

location: pulumi.Output[str] = None

The location where the Network Interface should exist. Changing this forces a new resource to be created.

mac_address: pulumi.Output[str] = None

The Media Access Control (MAC) Address of the Network Interface.

name: pulumi.Output[str] = None

The name of the Network Interface. Changing this forces a new resource to be created.

private_ip_address: pulumi.Output[str] = None

The Static IP Address which should be used.

private_ip_addresses: pulumi.Output[list] = None

The private IP addresses of the network interface.

resource_group_name: pulumi.Output[str] = None

The name of the Resource Group in which to create the Network Interface. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

virtual_machine_id: pulumi.Output[str] = None

The ID of the Virtual Machine which this Network Interface is connected to.

static get(resource_name, id, opts=None, applied_dns_servers=None, dns_servers=None, enable_accelerated_networking=None, enable_ip_forwarding=None, internal_dns_name_label=None, internal_domain_name_suffix=None, ip_configurations=None, location=None, mac_address=None, name=None, private_ip_address=None, private_ip_addresses=None, resource_group_name=None, tags=None, virtual_machine_id=None)

Get an existing NetworkInterface resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • applied_dns_servers (pulumi.Input[list]) – If the Virtual Machine using this Network Interface is part of an Availability Set, then this list will have the union of all DNS servers from all Network Interfaces that are part of the Availability Set.

  • dns_servers (pulumi.Input[list]) – A list of IP Addresses defining the DNS Servers which should be used for this Network Interface.

  • enable_accelerated_networking (pulumi.Input[bool]) – Should Accelerated Networking be enabled? Defaults to false.

  • enable_ip_forwarding (pulumi.Input[bool]) – Should IP Forwarding be enabled? Defaults to false.

  • internal_dns_name_label (pulumi.Input[str]) – The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network.

  • internal_domain_name_suffix (pulumi.Input[str]) – Even if internal_dns_name_label is not specified, a DNS entry is created for the primary NIC of the VM. This DNS name can be constructed by concatenating the VM name with the value of internal_domain_name_suffix.

  • ip_configurations (pulumi.Input[list]) – One or more ip_configuration blocks as defined below.

  • location (pulumi.Input[str]) – The location where the Network Interface should exist. Changing this forces a new resource to be created.

  • mac_address (pulumi.Input[str]) – The Media Access Control (MAC) Address of the Network Interface.

  • name (pulumi.Input[str]) – The name of the Network Interface. Changing this forces a new resource to be created.

  • private_ip_address (pulumi.Input[str]) – The Static IP Address which should be used.

  • private_ip_addresses (pulumi.Input[list]) – The private IP addresses of the network interface.

  • resource_group_name (pulumi.Input[str]) – The name of the Resource Group in which to create the Network Interface. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • virtual_machine_id (pulumi.Input[str]) – The ID of the Virtual Machine which this Network Interface is connected to.

The ip_configurations object supports the following:

  • name (pulumi.Input[str]) - A name used for this IP Configuration.

  • primary (pulumi.Input[bool]) - Is this the Primary IP Configuration? Must be true for the first ip_configuration when multiple are specified. Defaults to false.

  • private_ip_address (pulumi.Input[str]) - The Static IP Address which should be used.

  • privateIpAddressAllocation (pulumi.Input[str]) - The allocation method used for the Private IP Address. Possible values are Dynamic and Static.

  • privateIpAddressVersion (pulumi.Input[str]) - The IP Version to use. Possible values are IPv4 or IPv6. Defaults to IPv4.

  • public_ip_address_id (pulumi.Input[str]) - Reference to a Public IP Address to associate with this NIC

  • subnet_id (pulumi.Input[str]) - The ID of the Subnet where this Network Interface should be located in.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation(resource_name, opts=None, backend_address_pool_id=None, ip_configuration_name=None, network_interface_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Network Interface and a Application Gateway’s Backend Address Pool.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
frontend = azure.network.Subnet("frontend",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
backend = azure.network.Subnet("backend",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Dynamic")
backend_address_pool_name = example_virtual_network.name.apply(lambda name: f"{name}-beap")
frontend_port_name = example_virtual_network.name.apply(lambda name: f"{name}-feport")
frontend_ip_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-feip")
http_setting_name = example_virtual_network.name.apply(lambda name: f"{name}-be-htst")
listener_name = example_virtual_network.name.apply(lambda name: f"{name}-httplstn")
request_routing_rule_name = example_virtual_network.name.apply(lambda name: f"{name}-rqrt")
network = azure.network.ApplicationGateway("network",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    sku={
        "name": "Standard_Small",
        "tier": "Standard",
        "capacity": 2,
    },
    gateway_ip_configuration=[{
        "name": "my-gateway-ip-configuration",
        "subnet_id": frontend.id,
    }],
    frontend_port=[{
        "name": frontend_port_name,
        "port": 80,
    }],
    frontend_ip_configuration=[{
        "name": frontend_ip_configuration_name,
        "public_ip_address_id": example_public_ip.id,
    }],
    backend_address_pool=[{
        "name": backend_address_pool_name,
    }],
    backend_http_settings=[{
        "name": http_setting_name,
        "cookieBasedAffinity": "Disabled",
        "port": 80,
        "protocol": "Http",
        "requestTimeout": 1,
    }],
    http_listener=[{
        "name": listener_name,
        "frontend_ip_configuration_name": frontend_ip_configuration_name,
        "frontendPortName": frontend_port_name,
        "protocol": "Http",
    }],
    request_routing_rule=[{
        "name": request_routing_rule_name,
        "ruleType": "Basic",
        "httpListenerName": listener_name,
        "backendAddressPoolName": backend_address_pool_name,
        "backendHttpSettingsName": http_setting_name,
    }])
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": frontend.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_network_interface_application_gateway_backend_address_pool_association = azure.network.NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation("exampleNetworkInterfaceApplicationGatewayBackendAddressPoolAssociation",
    network_interface_id=example_network_interface.id,
    ip_configuration_name="testconfiguration1",
    backend_address_pool_id=network.backend_address_pools[0]["id"])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend_address_pool_id (pulumi.Input[str]) – The ID of the Application Gateway’s Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

backend_address_pool_id: pulumi.Output[str] = None

The ID of the Application Gateway’s Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

ip_configuration_name: pulumi.Output[str] = None

The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

network_interface_id: pulumi.Output[str] = None

The ID of the Network Interface. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, backend_address_pool_id=None, ip_configuration_name=None, network_interface_id=None)

Get an existing NetworkInterfaceApplicationGatewayBackendAddressPoolAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend_address_pool_id (pulumi.Input[str]) – The ID of the Application Gateway’s Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterfaceApplicationSecurityGroupAssociation(resource_name, opts=None, application_security_group_id=None, network_interface_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Network Interface and a Application Security Group.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24")
example_application_security_group = azure.network.ApplicationSecurityGroup("exampleApplicationSecurityGroup",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
        "applicationSecurityGroupIds": [example_application_security_group.id],
    }])
example_network_interface_application_security_group_association = azure.network.NetworkInterfaceApplicationSecurityGroupAssociation("exampleNetworkInterfaceApplicationSecurityGroupAssociation",
    network_interface_id=example_network_interface.id,
    application_security_group_id=example_application_security_group.id)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • application_security_group_id (pulumi.Input[str]) – The ID of the Application Security Group which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

application_security_group_id: pulumi.Output[str] = None

The ID of the Application Security Group which this Network Interface which should be connected to. Changing this forces a new resource to be created.

network_interface_id: pulumi.Output[str] = None

The ID of the Network Interface. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, application_security_group_id=None, network_interface_id=None)

Get an existing NetworkInterfaceApplicationSecurityGroupAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • application_security_group_id (pulumi.Input[str]) – The ID of the Application Security Group which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterfaceBackendAddressPoolAssociation(resource_name, opts=None, backend_address_pool_id=None, ip_configuration_name=None, network_interface_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Network Interface and a Load Balancer’s Backend Address Pool.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static")
example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    frontend_ip_configuration=[{
        "name": "primary",
        "public_ip_address_id": example_public_ip.id,
    }])
example_backend_address_pool = azure.lb.BackendAddressPool("exampleBackendAddressPool",
    resource_group_name=example_resource_group.name,
    loadbalancer_id=example_load_balancer.id)
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_network_interface_backend_address_pool_association = azure.network.NetworkInterfaceBackendAddressPoolAssociation("exampleNetworkInterfaceBackendAddressPoolAssociation",
    network_interface_id=example_network_interface.id,
    ip_configuration_name="testconfiguration1",
    backend_address_pool_id=example_backend_address_pool.id)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend_address_pool_id (pulumi.Input[str]) – The ID of the Load Balancer Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

backend_address_pool_id: pulumi.Output[str] = None

The ID of the Load Balancer Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

ip_configuration_name: pulumi.Output[str] = None

The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

network_interface_id: pulumi.Output[str] = None

The ID of the Network Interface. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, backend_address_pool_id=None, ip_configuration_name=None, network_interface_id=None)

Get an existing NetworkInterfaceBackendAddressPoolAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • backend_address_pool_id (pulumi.Input[str]) – The ID of the Load Balancer Backend Address Pool which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the Backend Address Pool. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterfaceNatRuleAssociation(resource_name, opts=None, ip_configuration_name=None, nat_rule_id=None, network_interface_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Network Interface and a Load Balancer’s NAT Rule.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static")
example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    frontend_ip_configuration=[{
        "name": "primary",
        "public_ip_address_id": example_public_ip.id,
    }])
example_nat_rule = azure.lb.NatRule("exampleNatRule",
    resource_group_name=example_resource_group.name,
    loadbalancer_id=example_load_balancer.id,
    protocol="Tcp",
    frontend_port=3389,
    backend_port=3389,
    frontend_ip_configuration_name="primary")
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_network_interface_nat_rule_association = azure.network.NetworkInterfaceNatRuleAssociation("exampleNetworkInterfaceNatRuleAssociation",
    network_interface_id=example_network_interface.id,
    ip_configuration_name="testconfiguration1",
    nat_rule_id=example_nat_rule.id)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the NAT Rule. Changing this forces a new resource to be created.

  • nat_rule_id (pulumi.Input[str]) – The ID of the Load Balancer NAT Rule which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

ip_configuration_name: pulumi.Output[str] = None

The Name of the IP Configuration within the Network Interface which should be connected to the NAT Rule. Changing this forces a new resource to be created.

nat_rule_id: pulumi.Output[str] = None

The ID of the Load Balancer NAT Rule which this Network Interface which should be connected to. Changing this forces a new resource to be created.

network_interface_id: pulumi.Output[str] = None

The ID of the Network Interface. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, ip_configuration_name=None, nat_rule_id=None, network_interface_id=None)

Get an existing NetworkInterfaceNatRuleAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • ip_configuration_name (pulumi.Input[str]) – The Name of the IP Configuration within the Network Interface which should be connected to the NAT Rule. Changing this forces a new resource to be created.

  • nat_rule_id (pulumi.Input[str]) – The ID of the Load Balancer NAT Rule which this Network Interface which should be connected to. Changing this forces a new resource to be created.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkInterfaceSecurityGroupAssociation(resource_name, opts=None, network_interface_id=None, network_security_group_id=None, __props__=None, __name__=None, __opts__=None)

Manages the association between a Network Interface and a Network Security Group.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_network_security_group = azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_network_interface_security_group_association = azure.network.NetworkInterfaceSecurityGroupAssociation("exampleNetworkInterfaceSecurityGroupAssociation",
    network_interface_id=example_network_interface.id,
    network_security_group_id=example_network_security_group.id)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

  • network_security_group_id (pulumi.Input[str]) – The ID of the Network Security Group which should be attached to the Network Interface. Changing this forces a new resource to be created.

network_interface_id: pulumi.Output[str] = None

The ID of the Network Interface. Changing this forces a new resource to be created.

network_security_group_id: pulumi.Output[str] = None

The ID of the Network Security Group which should be attached to the Network Interface. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, network_interface_id=None, network_security_group_id=None)

Get an existing NetworkInterfaceSecurityGroupAssociation resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • network_interface_id (pulumi.Input[str]) – The ID of the Network Interface. Changing this forces a new resource to be created.

  • network_security_group_id (pulumi.Input[str]) – The ID of the Network Security Group which should be attached to the Network Interface. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkPacketCapture(resource_name, opts=None, filters=None, maximum_bytes_per_packet=None, maximum_bytes_per_session=None, maximum_capture_duration=None, name=None, network_watcher_name=None, resource_group_name=None, storage_location=None, target_resource_id=None, __props__=None, __name__=None, __opts__=None)

Configures Network Packet Capturing against a Virtual Machine using a Network Watcher.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_network_watcher = azure.network.NetworkWatcher("exampleNetworkWatcher",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_virtual_machine = azure.compute.VirtualMachine("exampleVirtualMachine",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    network_interface_ids=[example_network_interface.id],
    vm_size="Standard_F2",
    storage_image_reference={
        "publisher": "Canonical",
        "offer": "UbuntuServer",
        "sku": "16.04-LTS",
        "version": "latest",
    },
    storage_os_disk={
        "name": "osdisk",
        "caching": "ReadWrite",
        "create_option": "FromImage",
        "managedDiskType": "Standard_LRS",
    },
    os_profile={
        "computer_name": "pctest-vm",
        "admin_username": "testadmin",
        "admin_password": "Password1234!",
    },
    os_profile_linux_config={
        "disable_password_authentication": False,
    })
example_extension = azure.compute.Extension("exampleExtension",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    virtual_machine_name=example_virtual_machine.name,
    publisher="Microsoft.Azure.NetworkWatcher",
    type="NetworkWatcherAgentLinux",
    type_handler_version="1.4",
    auto_upgrade_minor_version=True)
example_account = azure.storage.Account("exampleAccount",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    account_tier="Standard",
    account_replication_type="LRS")
example_network_packet_capture = azure.network.NetworkPacketCapture("exampleNetworkPacketCapture",
    network_watcher_name=example_network_watcher.name,
    resource_group_name=example_resource_group.name,
    target_resource_id=example_virtual_machine.id,
    storage_location={
        "storage_account_id": example_account.id,
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • filters (pulumi.Input[list]) – One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • maximum_bytes_per_packet (pulumi.Input[float]) – The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

  • maximum_bytes_per_session (pulumi.Input[float]) – Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

  • maximum_capture_duration (pulumi.Input[float]) – The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name to use for this Network Packet Capture. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

  • storage_location (pulumi.Input[dict]) – A storage_location block as defined below. Changing this forces a new resource to be created.

  • target_resource_id (pulumi.Input[str]) – The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

The filters object supports the following:

  • localIpAddress (pulumi.Input[str]) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (pulumi.Input[str]) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (pulumi.Input[str]) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (pulumi.Input[str]) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (pulumi.Input[str]) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

The storage_location object supports the following:

  • file_path (pulumi.Input[str]) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (pulumi.Input[str]) - The ID of the storage account to save the packet capture session

  • storagePath (pulumi.Input[str]) - The URI of the storage path to save the packet capture.

filters: pulumi.Output[list] = None

One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • localIpAddress (str) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (str) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (str) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (str) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (str) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

maximum_bytes_per_packet: pulumi.Output[float] = None

The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

maximum_bytes_per_session: pulumi.Output[float] = None

Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

maximum_capture_duration: pulumi.Output[float] = None

The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name to use for this Network Packet Capture. Changing this forces a new resource to be created.

network_watcher_name: pulumi.Output[str] = None

The name of the Network Watcher. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

storage_location: pulumi.Output[dict] = None

A storage_location block as defined below. Changing this forces a new resource to be created.

  • file_path (str) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (str) - The ID of the storage account to save the packet capture session

  • storagePath (str) - The URI of the storage path to save the packet capture.

target_resource_id: pulumi.Output[str] = None

The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, filters=None, maximum_bytes_per_packet=None, maximum_bytes_per_session=None, maximum_capture_duration=None, name=None, network_watcher_name=None, resource_group_name=None, storage_location=None, target_resource_id=None)

Get an existing NetworkPacketCapture resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • filters (pulumi.Input[list]) – One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • maximum_bytes_per_packet (pulumi.Input[float]) – The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

  • maximum_bytes_per_session (pulumi.Input[float]) – Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

  • maximum_capture_duration (pulumi.Input[float]) – The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name to use for this Network Packet Capture. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

  • storage_location (pulumi.Input[dict]) – A storage_location block as defined below. Changing this forces a new resource to be created.

  • target_resource_id (pulumi.Input[str]) – The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

The filters object supports the following:

  • localIpAddress (pulumi.Input[str]) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (pulumi.Input[str]) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (pulumi.Input[str]) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (pulumi.Input[str]) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (pulumi.Input[str]) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

The storage_location object supports the following:

  • file_path (pulumi.Input[str]) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (pulumi.Input[str]) - The ID of the storage account to save the packet capture session

  • storagePath (pulumi.Input[str]) - The URI of the storage path to save the packet capture.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkSecurityGroup(resource_name, opts=None, location=None, name=None, resource_group_name=None, security_rules=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a network security group that contains a list of network security rules. Network security groups enable inbound or outbound traffic to be enabled or denied.

NOTE on Network Security Groups and Network Security Rules: This provider currently provides both a standalone Network Security Rule resource, and allows for Network Security Rules to be defined in-line within the Network Security Group resource. At this time you cannot use a Network Security Group with in-line Network Security Rules in conjunction with any Network Security Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_network_security_group = azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    security_rule=[{
        "name": "test123",
        "priority": 100,
        "direction": "Inbound",
        "access": "Allow",
        "protocol": "Tcp",
        "source_port_range": "*",
        "destination_port_range": "*",
        "source_address_prefix": "*",
        "destination_address_prefix": "*",
    }],
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the security rule.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the network security group. Changing this forces a new resource to be created.

  • security_rules (pulumi.Input[list]) – A list of objects representing security rules, as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The security_rules object supports the following:

  • access (pulumi.Input[str]) - Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

  • description (pulumi.Input[str]) - A description for this rule. Restricted to 140 characters.

  • destination_address_prefix (pulumi.Input[str]) - CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

  • destination_address_prefixes (pulumi.Input[list]) - List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

  • destination_application_security_group_ids (pulumi.Input[list]) - A List of destination Application Security Group ID’s

  • destination_port_range (pulumi.Input[str]) - Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified.

  • destination_port_ranges (pulumi.Input[list]) - List of destination ports or port ranges. This is required if destination_port_range is not specified.

  • direction (pulumi.Input[str]) - The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are Inbound and Outbound.

  • name (pulumi.Input[str]) - The name of the security rule.

  • priority (pulumi.Input[float]) - Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

  • protocol (pulumi.Input[str]) - Network protocol this rule applies to. Can be Tcp, Udp, Icmp, or * to match all.

  • source_address_prefix (pulumi.Input[str]) - CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

  • source_address_prefixes (pulumi.Input[list]) - List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

  • source_application_security_group_ids (pulumi.Input[list]) - A List of source Application Security Group ID’s

  • source_port_range (pulumi.Input[str]) - Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

  • source_port_ranges (pulumi.Input[list]) - List of source ports or port ranges. This is required if source_port_range is not specified.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the security rule.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the network security group. Changing this forces a new resource to be created.

security_rules: pulumi.Output[list] = None

A list of objects representing security rules, as defined below.

  • access (str) - Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

  • description (str) - A description for this rule. Restricted to 140 characters.

  • destination_address_prefix (str) - CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

  • destination_address_prefixes (list) - List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

  • destination_application_security_group_ids (list) - A List of destination Application Security Group ID’s

  • destination_port_range (str) - Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified.

  • destination_port_ranges (list) - List of destination ports or port ranges. This is required if destination_port_range is not specified.

  • direction (str) - The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are Inbound and Outbound.

  • name (str) - The name of the security rule.

  • priority (float) - Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

  • protocol (str) - Network protocol this rule applies to. Can be Tcp, Udp, Icmp, or * to match all.

  • source_address_prefix (str) - CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

  • source_address_prefixes (list) - List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

  • source_application_security_group_ids (list) - A List of source Application Security Group ID’s

  • source_port_range (str) - Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

  • source_port_ranges (list) - List of source ports or port ranges. This is required if source_port_range is not specified.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, location=None, name=None, resource_group_name=None, security_rules=None, tags=None)

Get an existing NetworkSecurityGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the security rule.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the network security group. Changing this forces a new resource to be created.

  • security_rules (pulumi.Input[list]) – A list of objects representing security rules, as defined below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The security_rules object supports the following:

  • access (pulumi.Input[str]) - Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

  • description (pulumi.Input[str]) - A description for this rule. Restricted to 140 characters.

  • destination_address_prefix (pulumi.Input[str]) - CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

  • destination_address_prefixes (pulumi.Input[list]) - List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

  • destination_application_security_group_ids (pulumi.Input[list]) - A List of destination Application Security Group ID’s

  • destination_port_range (pulumi.Input[str]) - Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified.

  • destination_port_ranges (pulumi.Input[list]) - List of destination ports or port ranges. This is required if destination_port_range is not specified.

  • direction (pulumi.Input[str]) - The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are Inbound and Outbound.

  • name (pulumi.Input[str]) - The name of the security rule.

  • priority (pulumi.Input[float]) - Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

  • protocol (pulumi.Input[str]) - Network protocol this rule applies to. Can be Tcp, Udp, Icmp, or * to match all.

  • source_address_prefix (pulumi.Input[str]) - CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

  • source_address_prefixes (pulumi.Input[list]) - List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

  • source_application_security_group_ids (pulumi.Input[list]) - A List of source Application Security Group ID’s

  • source_port_range (pulumi.Input[str]) - Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

  • source_port_ranges (pulumi.Input[list]) - List of source ports or port ranges. This is required if source_port_range is not specified.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkSecurityRule(resource_name, opts=None, access=None, description=None, destination_address_prefix=None, destination_address_prefixes=None, destination_application_security_group_ids=None, destination_port_range=None, destination_port_ranges=None, direction=None, name=None, network_security_group_name=None, priority=None, protocol=None, resource_group_name=None, source_address_prefix=None, source_address_prefixes=None, source_application_security_group_ids=None, source_port_range=None, source_port_ranges=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Security Rule.

NOTE on Network Security Groups and Network Security Rules: This provider currently provides both a standalone Network Security Rule resource, and allows for Network Security Rules to be defined in-line within the Network Security Group resource. At this time you cannot use a Network Security Group with in-line Network Security Rules in conjunction with any Network Security Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_network_security_group = azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_network_security_rule = azure.network.NetworkSecurityRule("exampleNetworkSecurityRule",
    priority=100,
    direction="Outbound",
    access="Allow",
    protocol="Tcp",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="*",
    destination_address_prefix="*",
    resource_group_name=example_resource_group.name,
    network_security_group_name=example_network_security_group.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access (pulumi.Input[str]) – Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

  • description (pulumi.Input[str]) – A description for this rule. Restricted to 140 characters.

  • destination_address_prefix (pulumi.Input[str]) – CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

  • destination_address_prefixes (pulumi.Input[list]) – List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

  • destination_application_security_group_ids (pulumi.Input[str]) – A List of destination Application Security Group ID’s

  • destination_port_range (pulumi.Input[str]) – Destination Port or Range. Integer or range between 0 and 65535 or *``to match any. This is required if`destination_port_ranges``is not specified.

  • destination_port_ranges (pulumi.Input[list]) – List of destination ports or port ranges. This is required if``destination_port_range``is not specified.

  • direction (pulumi.Input[str]) – The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are``InboundandOutbound``.

  • name (pulumi.Input[str]) – The name of the security rule. This needs to be unique across all Rules in the Network Security Group. Changing this forces a new resource to be created.

  • network_security_group_name (pulumi.Input[str]) – The name of the Network Security Group that we want to attach the rule to. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

  • protocol (pulumi.Input[str]) – Network protocol this rule applies to. Possible values include``Tcp,Udp,Icmp, or*` (which matches all).

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Network Security Rule. Changing this forces a new resource to be created.

  • source_address_prefix (pulumi.Input[str]) – CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

  • source_address_prefixes (pulumi.Input[list]) – List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

  • source_application_security_group_ids (pulumi.Input[str]) – A List of source Application Security Group ID’s

  • source_port_range (pulumi.Input[str]) – Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

  • source_port_ranges (pulumi.Input[list]) – List of source ports or port ranges. This is required if source_port_range is not specified.

access: pulumi.Output[str] = None

Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

description: pulumi.Output[str] = None

A description for this rule. Restricted to 140 characters.

destination_address_prefix: pulumi.Output[str] = None

CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

destination_address_prefixes: pulumi.Output[list] = None

List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

destination_application_security_group_ids: pulumi.Output[str] = None

A List of destination Application Security Group ID’s

destination_port_range: pulumi.Output[str] = None

Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified.

destination_port_ranges: pulumi.Output[list] = None

List of destination ports or port ranges. This is required if destination_port_range is not specified.

direction: pulumi.Output[str] = None

The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are Inbound and Outbound.

name: pulumi.Output[str] = None

The name of the security rule. This needs to be unique across all Rules in the Network Security Group. Changing this forces a new resource to be created.

network_security_group_name: pulumi.Output[str] = None

The name of the Network Security Group that we want to attach the rule to. Changing this forces a new resource to be created.

priority: pulumi.Output[float] = None

Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

protocol: pulumi.Output[str] = None

Network protocol this rule applies to. Possible values include Tcp, Udp, Icmp, or * (which matches all).

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Network Security Rule. Changing this forces a new resource to be created.

source_address_prefix: pulumi.Output[str] = None

CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

source_address_prefixes: pulumi.Output[list] = None

List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

source_application_security_group_ids: pulumi.Output[str] = None

A List of source Application Security Group ID’s

source_port_range: pulumi.Output[str] = None

Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

source_port_ranges: pulumi.Output[list] = None

List of source ports or port ranges. This is required if source_port_range is not specified.

static get(resource_name, id, opts=None, access=None, description=None, destination_address_prefix=None, destination_address_prefixes=None, destination_application_security_group_ids=None, destination_port_range=None, destination_port_ranges=None, direction=None, name=None, network_security_group_name=None, priority=None, protocol=None, resource_group_name=None, source_address_prefix=None, source_address_prefixes=None, source_application_security_group_ids=None, source_port_range=None, source_port_ranges=None)

Get an existing NetworkSecurityRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access (pulumi.Input[str]) – Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny.

  • description (pulumi.Input[str]) – A description for this rule. Restricted to 140 characters.

  • destination_address_prefix (pulumi.Input[str]) – CIDR or destination IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if destination_address_prefixes is not specified.

  • destination_address_prefixes (pulumi.Input[list]) – List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified.

  • destination_application_security_group_ids (pulumi.Input[str]) – A List of destination Application Security Group ID’s

  • destination_port_range (pulumi.Input[str]) – Destination Port or Range. Integer or range between 0 and 65535 or *``to match any. This is required if`destination_port_ranges``is not specified.

  • destination_port_ranges (pulumi.Input[list]) – List of destination ports or port ranges. This is required if``destination_port_range``is not specified.

  • direction (pulumi.Input[str]) – The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are``InboundandOutbound``.

  • name (pulumi.Input[str]) – The name of the security rule. This needs to be unique across all Rules in the Network Security Group. Changing this forces a new resource to be created.

  • network_security_group_name (pulumi.Input[str]) – The name of the Network Security Group that we want to attach the rule to. Changing this forces a new resource to be created.

  • priority (pulumi.Input[float]) – Specifies the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

  • protocol (pulumi.Input[str]) – Network protocol this rule applies to. Possible values include``Tcp,Udp,Icmp, or*` (which matches all).

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Network Security Rule. Changing this forces a new resource to be created.

  • source_address_prefix (pulumi.Input[str]) – CIDR or source IP range or * to match any IP. Tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. This is required if source_address_prefixes is not specified.

  • source_address_prefixes (pulumi.Input[list]) – List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified.

  • source_application_security_group_ids (pulumi.Input[str]) – A List of source Application Security Group ID’s

  • source_port_range (pulumi.Input[str]) – Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified.

  • source_port_ranges (pulumi.Input[list]) – List of source ports or port ranges. This is required if source_port_range is not specified.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkWatcher(resource_name, opts=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Watcher.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_network_watcher = azure.network.NetworkWatcher("exampleNetworkWatcher",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Network Watcher. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the Network Watcher. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Network Watcher. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, location=None, name=None, resource_group_name=None, tags=None)

Get an existing NetworkWatcher resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Network Watcher. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.NetworkWatcherFlowLog(resource_name, opts=None, enabled=None, network_security_group_id=None, network_watcher_name=None, resource_group_name=None, retention_policy=None, storage_account_id=None, traffic_analytics=None, version=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Watcher Flow Log.

import pulumi
import pulumi_azure as azure

test_resource_group = azure.core.ResourceGroup("testResourceGroup", location="eastus")
test_network_security_group = azure.network.NetworkSecurityGroup("testNetworkSecurityGroup",
    location=test_resource_group.location,
    resource_group_name=test_resource_group.name)
test_network_watcher = azure.network.NetworkWatcher("testNetworkWatcher",
    location=test_resource_group.location,
    resource_group_name=test_resource_group.name)
test_account = azure.storage.Account("testAccount",
    resource_group_name=test_resource_group.name,
    location=test_resource_group.location,
    account_tier="Standard",
    account_kind="StorageV2",
    account_replication_type="LRS",
    enable_https_traffic_only=True)
test_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace("testAnalyticsWorkspace",
    location=test_resource_group.location,
    resource_group_name=test_resource_group.name,
    sku="PerGB2018")
test_network_watcher_flow_log = azure.network.NetworkWatcherFlowLog("testNetworkWatcherFlowLog",
    network_watcher_name=test_network_watcher.name,
    resource_group_name=test_resource_group.name,
    network_security_group_id=test_network_security_group.id,
    storage_account_id=test_account.id,
    enabled=True,
    retention_policy={
        "enabled": True,
        "days": 7,
    },
    traffic_analytics={
        "enabled": True,
        "workspace_id": test_analytics_workspace.workspace_id,
        "workspaceRegion": test_analytics_workspace.location,
        "workspace_resource_id": test_analytics_workspace.id,
        "intervalInMinutes": 10,
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • enabled (pulumi.Input[bool]) – Boolean flag to enable/disable traffic analytics.

  • network_security_group_id (pulumi.Input[str]) – The ID of the Network Security Group for which to enable flow logs for. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher was deployed. Changing this forces a new resource to be created.

  • retention_policy (pulumi.Input[dict]) – A retention_policy block as documented below.

  • storage_account_id (pulumi.Input[str]) – The ID of the Storage Account where flow logs are stored.

  • traffic_analytics (pulumi.Input[dict]) – A traffic_analytics block as documented below.

  • version (pulumi.Input[float]) – The version (revision) of the flow log. Possible values are 1 and 2.

The retention_policy object supports the following:

  • days (pulumi.Input[float]) - The number of days to retain flow log records.

  • enabled (pulumi.Input[bool]) - Boolean flag to enable/disable traffic analytics.

The traffic_analytics object supports the following:

  • enabled (pulumi.Input[bool]) - Boolean flag to enable/disable traffic analytics.

  • intervalInMinutes (pulumi.Input[float]) - How frequently service should do flow analytics in minutes.

  • workspace_id (pulumi.Input[str]) - The resource guid of the attached workspace.

  • workspaceRegion (pulumi.Input[str]) - The location of the attached workspace.

  • workspace_resource_id (pulumi.Input[str]) - The resource ID of the attached workspace.

enabled: pulumi.Output[bool] = None

Boolean flag to enable/disable traffic analytics.

network_security_group_id: pulumi.Output[str] = None

The ID of the Network Security Group for which to enable flow logs for. Changing this forces a new resource to be created.

network_watcher_name: pulumi.Output[str] = None

The name of the Network Watcher. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which the Network Watcher was deployed. Changing this forces a new resource to be created.

retention_policy: pulumi.Output[dict] = None

A retention_policy block as documented below.

  • days (float) - The number of days to retain flow log records.

  • enabled (bool) - Boolean flag to enable/disable traffic analytics.

storage_account_id: pulumi.Output[str] = None

The ID of the Storage Account where flow logs are stored.

traffic_analytics: pulumi.Output[dict] = None

A traffic_analytics block as documented below.

  • enabled (bool) - Boolean flag to enable/disable traffic analytics.

  • intervalInMinutes (float) - How frequently service should do flow analytics in minutes.

  • workspace_id (str) - The resource guid of the attached workspace.

  • workspaceRegion (str) - The location of the attached workspace.

  • workspace_resource_id (str) - The resource ID of the attached workspace.

version: pulumi.Output[float] = None

The version (revision) of the flow log. Possible values are 1 and 2.

static get(resource_name, id, opts=None, enabled=None, network_security_group_id=None, network_watcher_name=None, resource_group_name=None, retention_policy=None, storage_account_id=None, traffic_analytics=None, version=None)

Get an existing NetworkWatcherFlowLog resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • enabled (pulumi.Input[bool]) – Boolean flag to enable/disable traffic analytics.

  • network_security_group_id (pulumi.Input[str]) – The ID of the Network Security Group for which to enable flow logs for. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher was deployed. Changing this forces a new resource to be created.

  • retention_policy (pulumi.Input[dict]) – A retention_policy block as documented below.

  • storage_account_id (pulumi.Input[str]) – The ID of the Storage Account where flow logs are stored.

  • traffic_analytics (pulumi.Input[dict]) – A traffic_analytics block as documented below.

  • version (pulumi.Input[float]) – The version (revision) of the flow log. Possible values are 1 and 2.

The retention_policy object supports the following:

  • days (pulumi.Input[float]) - The number of days to retain flow log records.

  • enabled (pulumi.Input[bool]) - Boolean flag to enable/disable traffic analytics.

The traffic_analytics object supports the following:

  • enabled (pulumi.Input[bool]) - Boolean flag to enable/disable traffic analytics.

  • intervalInMinutes (pulumi.Input[float]) - How frequently service should do flow analytics in minutes.

  • workspace_id (pulumi.Input[str]) - The resource guid of the attached workspace.

  • workspaceRegion (pulumi.Input[str]) - The location of the attached workspace.

  • workspace_resource_id (pulumi.Input[str]) - The resource ID of the attached workspace.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.PacketCapture(resource_name, opts=None, filters=None, maximum_bytes_per_packet=None, maximum_bytes_per_session=None, maximum_capture_duration=None, name=None, network_watcher_name=None, resource_group_name=None, storage_location=None, target_resource_id=None, __props__=None, __name__=None, __opts__=None)

Configures Packet Capturing against a Virtual Machine using a Network Watcher.

NOTE: This resource has been deprecated in favour of the network.NetworkConnectionMonitor resource and will be removed in the next major version of the AzureRM Provider. The new resource shares the same fields as this one, and information on migrating across can be found in this guide.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_network_watcher = azure.network.NetworkWatcher("exampleNetworkWatcher",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24")
example_network_interface = azure.network.NetworkInterface("exampleNetworkInterface",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    ip_configuration=[{
        "name": "testconfiguration1",
        "subnet_id": example_subnet.id,
        "privateIpAddressAllocation": "Dynamic",
    }])
example_virtual_machine = azure.compute.VirtualMachine("exampleVirtualMachine",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    network_interface_ids=[example_network_interface.id],
    vm_size="Standard_F2",
    storage_image_reference={
        "publisher": "Canonical",
        "offer": "UbuntuServer",
        "sku": "16.04-LTS",
        "version": "latest",
    },
    storage_os_disk={
        "name": "osdisk",
        "caching": "ReadWrite",
        "create_option": "FromImage",
        "managedDiskType": "Standard_LRS",
    },
    os_profile={
        "computer_name": "pctest-vm",
        "admin_username": "testadmin",
        "admin_password": "Password1234!",
    },
    os_profile_linux_config={
        "disable_password_authentication": False,
    })
example_extension = azure.compute.Extension("exampleExtension",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    virtual_machine_name=example_virtual_machine.name,
    publisher="Microsoft.Azure.NetworkWatcher",
    type="NetworkWatcherAgentLinux",
    type_handler_version="1.4",
    auto_upgrade_minor_version=True)
example_account = azure.storage.Account("exampleAccount",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    account_tier="Standard",
    account_replication_type="LRS")
example_packet_capture = azure.network.PacketCapture("examplePacketCapture",
    network_watcher_name=example_network_watcher.name,
    resource_group_name=example_resource_group.name,
    target_resource_id=example_virtual_machine.id,
    storage_location={
        "storage_account_id": example_account.id,
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • filters (pulumi.Input[list]) – One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • maximum_bytes_per_packet (pulumi.Input[float]) – The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

  • maximum_bytes_per_session (pulumi.Input[float]) – Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

  • maximum_capture_duration (pulumi.Input[float]) – The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name to use for this Packet Capture. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

  • storage_location (pulumi.Input[dict]) – A storage_location block as defined below. Changing this forces a new resource to be created.

  • target_resource_id (pulumi.Input[str]) – The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

The filters object supports the following:

  • localIpAddress (pulumi.Input[str]) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (pulumi.Input[str]) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (pulumi.Input[str]) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (pulumi.Input[str]) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (pulumi.Input[str]) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

The storage_location object supports the following:

  • file_path (pulumi.Input[str]) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (pulumi.Input[str]) - The ID of the storage account to save the packet capture session

  • storagePath (pulumi.Input[str]) - The URI of the storage path to save the packet capture.

filters: pulumi.Output[list] = None

One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • localIpAddress (str) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (str) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (str) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (str) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (str) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

maximum_bytes_per_packet: pulumi.Output[float] = None

The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

maximum_bytes_per_session: pulumi.Output[float] = None

Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

maximum_capture_duration: pulumi.Output[float] = None

The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name to use for this Packet Capture. Changing this forces a new resource to be created.

network_watcher_name: pulumi.Output[str] = None

The name of the Network Watcher. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

storage_location: pulumi.Output[dict] = None

A storage_location block as defined below. Changing this forces a new resource to be created.

  • file_path (str) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (str) - The ID of the storage account to save the packet capture session

  • storagePath (str) - The URI of the storage path to save the packet capture.

target_resource_id: pulumi.Output[str] = None

The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, filters=None, maximum_bytes_per_packet=None, maximum_bytes_per_session=None, maximum_capture_duration=None, name=None, network_watcher_name=None, resource_group_name=None, storage_location=None, target_resource_id=None)

Get an existing PacketCapture resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • filters (pulumi.Input[list]) – One or more filter blocks as defined below. Changing this forces a new resource to be created.

  • maximum_bytes_per_packet (pulumi.Input[float]) – The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.

  • maximum_bytes_per_session (pulumi.Input[float]) – Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.

  • maximum_capture_duration (pulumi.Input[float]) – The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name to use for this Packet Capture. Changing this forces a new resource to be created.

  • network_watcher_name (pulumi.Input[str]) – The name of the Network Watcher. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created.

  • storage_location (pulumi.Input[dict]) – A storage_location block as defined below. Changing this forces a new resource to be created.

  • target_resource_id (pulumi.Input[str]) – The ID of the Resource to capture packets from. Changing this forces a new resource to be created.

The filters object supports the following:

  • localIpAddress (pulumi.Input[str]) - The local IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • localPort (pulumi.Input[str]) - The local port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

  • protocol (pulumi.Input[str]) - The Protocol to be filtered on. Possible values include Any, TCP and UDP. Changing this forces a new resource to be created.

  • remoteIpAddress (pulumi.Input[str]) - The remote IP Address to be filtered on. Notation: “127.0.0.1” for single address entry. “127.0.0.1-127.0.0.255” for range. “127.0.0.1;127.0.0.5;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created.

  • remotePort (pulumi.Input[str]) - The remote port to be filtered on. Notation: “80” for single port entry.”80-85” for range. “80;443;” for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.

The storage_location object supports the following:

  • file_path (pulumi.Input[str]) - A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures.

  • storage_account_id (pulumi.Input[str]) - The ID of the storage account to save the packet capture session

  • storagePath (pulumi.Input[str]) - The URI of the storage path to save the packet capture.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.PointToPointVpnGateway(resource_name, opts=None, connection_configuration=None, location=None, name=None, resource_group_name=None, scale_unit=None, tags=None, virtual_hub_id=None, vpn_server_configuration_id=None, __props__=None, __name__=None, __opts__=None)

Manages a Point-to-Site VPN Gateway.

import pulumi
import pulumi_azure as azure

example = azure.network.PointToPointVpnGateway("example",
    location=azurerm_resource_group["example"]["location"],
    resource_group_name=azurerm_resource_group["example"]["resource_group_name"],
    virtual_hub_id=azurerm_virtual_hub["example"]["id"],
    vpn_server_configuration_id=azurerm_vpn_server_configuration["example"]["id"],
    scale_unit=1)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • connection_configuration (pulumi.Input[dict]) – A connection_configuration block as defined below.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

  • scale_unit (pulumi.Input[float]) – The Scale Unit for this Point-to-Site VPN Gateway.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the Point-to-Site VPN Gateway.

  • virtual_hub_id (pulumi.Input[str]) – The ID of the Virtual Hub where this Point-to-Site VPN Gateway should exist. Changing this forces a new resource to be created.

  • vpn_server_configuration_id (pulumi.Input[str]) – The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created.

The connection_configuration object supports the following:

  • name (pulumi.Input[str]) - The Name which should be used for this Connection Configuration.

  • vpnClientAddressPool (pulumi.Input[dict]) - A vpn_client_address_pool block as defined below.

    • address_prefixes (pulumi.Input[list]) - A list of CIDR Ranges which should be used as Address Prefixes.

connection_configuration: pulumi.Output[dict] = None

A connection_configuration block as defined below.

  • name (str) - The Name which should be used for this Connection Configuration.

  • vpnClientAddressPool (dict) - A vpn_client_address_pool block as defined below.

    • address_prefixes (list) - A list of CIDR Ranges which should be used as Address Prefixes.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

scale_unit: pulumi.Output[float] = None

The Scale Unit for this Point-to-Site VPN Gateway.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the Point-to-Site VPN Gateway.

virtual_hub_id: pulumi.Output[str] = None

The ID of the Virtual Hub where this Point-to-Site VPN Gateway should exist. Changing this forces a new resource to be created.

vpn_server_configuration_id: pulumi.Output[str] = None

The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, connection_configuration=None, location=None, name=None, resource_group_name=None, scale_unit=None, tags=None, virtual_hub_id=None, vpn_server_configuration_id=None)

Get an existing PointToPointVpnGateway resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • connection_configuration (pulumi.Input[dict]) – A connection_configuration block as defined below.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Point-to-Site VPN Gateway. Changing this forces a new resource to be created.

  • scale_unit (pulumi.Input[float]) – The Scale Unit for this Point-to-Site VPN Gateway.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the Point-to-Site VPN Gateway.

  • virtual_hub_id (pulumi.Input[str]) – The ID of the Virtual Hub where this Point-to-Site VPN Gateway should exist. Changing this forces a new resource to be created.

  • vpn_server_configuration_id (pulumi.Input[str]) – The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created.

The connection_configuration object supports the following:

  • name (pulumi.Input[str]) - The Name which should be used for this Connection Configuration.

  • vpnClientAddressPool (pulumi.Input[dict]) - A vpn_client_address_pool block as defined below.

    • address_prefixes (pulumi.Input[list]) - A list of CIDR Ranges which should be used as Address Prefixes.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.Profile(resource_name, opts=None, container_network_interface=None, location=None, name=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a Network Profile.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    address_spaces=["10.1.0.0/16"])
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.1.0.0/24",
    delegation=[{
        "name": "delegation",
        "service_delegation": {
            "name": "Microsoft.ContainerInstance/containerGroups",
            "actions": ["Microsoft.Network/virtualNetworks/subnets/action"],
        },
    }])
example_profile = azure.network.Profile("exampleProfile",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    container_network_interface={
        "name": "examplecnic",
        "ip_configuration": [{
            "name": "exampleipconfig",
            "subnet_id": example_subnet.id,
        }],
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • container_network_interface (pulumi.Input[dict]) – A container_network_interface block as documented below.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network Profile. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The container_network_interface object supports the following:

  • ip_configurations (pulumi.Input[list]) - One or more ip_configuration blocks as documented below.

    • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

    • subnet_id (pulumi.Input[str]) - Reference to the subnet associated with the IP Configuration.

  • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

container_network_interface: pulumi.Output[dict] = None

A container_network_interface block as documented below.

  • ip_configurations (list) - One or more ip_configuration blocks as documented below.

    • name (str) - Specifies the name of the IP Configuration.

    • subnet_id (str) - Reference to the subnet associated with the IP Configuration.

  • name (str) - Specifies the name of the IP Configuration.

container_network_interface_ids: pulumi.Output[list] = None

A list of Container Network Interface ID’s.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Network Profile. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, container_network_interface=None, container_network_interface_ids=None, location=None, name=None, resource_group_name=None, tags=None)

Get an existing Profile resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • container_network_interface (pulumi.Input[dict]) – A container_network_interface block as documented below.

  • container_network_interface_ids (pulumi.Input[list]) – A list of Container Network Interface ID’s.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Network Profile. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The container_network_interface object supports the following:

  • ip_configurations (pulumi.Input[list]) - One or more ip_configuration blocks as documented below.

    • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

    • subnet_id (pulumi.Input[str]) - Reference to the subnet associated with the IP Configuration.

  • name (pulumi.Input[str]) - Specifies the name of the IP Configuration.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.PublicIp(resource_name, opts=None, allocation_method=None, domain_name_label=None, idle_timeout_in_minutes=None, ip_version=None, location=None, name=None, public_ip_prefix_id=None, resource_group_name=None, reverse_fqdn=None, sku=None, tags=None, zones=None, __props__=None, __name__=None, __opts__=None)

Manages a Public IP Address.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_public_ip = azure.network.PublicIp("examplePublicIp",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    allocation_method="Static",
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allocation_method (pulumi.Input[str]) – Defines the allocation method for this IP address. Possible values are Static or Dynamic.

  • domain_name_label (pulumi.Input[str]) – Label for the Domain Name. Will be used to make up the FQDN. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.

  • idle_timeout_in_minutes (pulumi.Input[float]) – Specifies the timeout for the TCP idle connection. The value can be set between 4 and 30 minutes.

  • ip_version (pulumi.Input[str]) – The IP Version to use, IPv6 or IPv4.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Public IP resource . Changing this forces a new resource to be created.

  • public_ip_prefix_id (pulumi.Input[str]) – If specified then public IP address allocated will be provided from the public IP prefix resource.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the public ip.

  • reverse_fqdn (pulumi.Input[str]) – A fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

  • sku (pulumi.Input[str]) – The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[str]) – A collection containing the availability zone to allocate the Public IP in.

allocation_method: pulumi.Output[str] = None

Defines the allocation method for this IP address. Possible values are Static or Dynamic.

domain_name_label: pulumi.Output[str] = None

Label for the Domain Name. Will be used to make up the FQDN. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.

fqdn: pulumi.Output[str] = None

Fully qualified domain name of the A DNS record associated with the public IP. domain_name_label must be specified to get the fqdn. This is the concatenation of the domain_name_label and the regionalized DNS zone

idle_timeout_in_minutes: pulumi.Output[float] = None

Specifies the timeout for the TCP idle connection. The value can be set between 4 and 30 minutes.

ip_address: pulumi.Output[str] = None

The IP address value that was allocated.

ip_version: pulumi.Output[str] = None

The IP Version to use, IPv6 or IPv4.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Public IP resource . Changing this forces a new resource to be created.

public_ip_prefix_id: pulumi.Output[str] = None

If specified then public IP address allocated will be provided from the public IP prefix resource.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the public ip.

reverse_fqdn: pulumi.Output[str] = None

A fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

sku: pulumi.Output[str] = None

The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

zones: pulumi.Output[str] = None

A collection containing the availability zone to allocate the Public IP in.

static get(resource_name, id, opts=None, allocation_method=None, domain_name_label=None, fqdn=None, idle_timeout_in_minutes=None, ip_address=None, ip_version=None, location=None, name=None, public_ip_prefix_id=None, resource_group_name=None, reverse_fqdn=None, sku=None, tags=None, zones=None)

Get an existing PublicIp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allocation_method (pulumi.Input[str]) – Defines the allocation method for this IP address. Possible values are Static or Dynamic.

  • domain_name_label (pulumi.Input[str]) – Label for the Domain Name. Will be used to make up the FQDN. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.

  • fqdn (pulumi.Input[str]) – Fully qualified domain name of the A DNS record associated with the public IP. domain_name_label must be specified to get the fqdn. This is the concatenation of the domain_name_label and the regionalized DNS zone

  • idle_timeout_in_minutes (pulumi.Input[float]) – Specifies the timeout for the TCP idle connection. The value can be set between 4 and 30 minutes.

  • ip_address (pulumi.Input[str]) – The IP address value that was allocated.

  • ip_version (pulumi.Input[str]) – The IP Version to use, IPv6 or IPv4.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Public IP resource . Changing this forces a new resource to be created.

  • public_ip_prefix_id (pulumi.Input[str]) – If specified then public IP address allocated will be provided from the public IP prefix resource.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the public ip.

  • reverse_fqdn (pulumi.Input[str]) – A fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

  • sku (pulumi.Input[str]) – The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[str]) – A collection containing the availability zone to allocate the Public IP in.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.PublicIpPrefix(resource_name, opts=None, location=None, name=None, prefix_length=None, resource_group_name=None, sku=None, tags=None, zones=None, __props__=None, __name__=None, __opts__=None)

Manages a Public IP Prefix.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_public_ip_prefix = azure.network.PublicIpPrefix("examplePublicIpPrefix",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    prefix_length=31,
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Public IP Prefix resource . Changing this forces a new resource to be created.

  • prefix_length (pulumi.Input[float]) – Specifies the number of bits of the prefix. The value can be set between 0 (4,294,967,296 addresses) and 31 (2 addresses). Defaults to 28(16 addresses). Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Public IP Prefix.

  • sku (pulumi.Input[str]) – The SKU of the Public IP Prefix. Accepted values are Standard. Defaults to Standard. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[str]) – A collection containing the availability zone to allocate the Public IP Prefix in.

ip_prefix: pulumi.Output[str] = None

The IP address prefix value that was allocated.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

Specifies the name of the Public IP Prefix resource . Changing this forces a new resource to be created.

prefix_length: pulumi.Output[float] = None

Specifies the number of bits of the prefix. The value can be set between 0 (4,294,967,296 addresses) and 31 (2 addresses). Defaults to 28(16 addresses). Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the Public IP Prefix.

sku: pulumi.Output[str] = None

The SKU of the Public IP Prefix. Accepted values are Standard. Defaults to Standard. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

zones: pulumi.Output[str] = None

A collection containing the availability zone to allocate the Public IP Prefix in.

static get(resource_name, id, opts=None, ip_prefix=None, location=None, name=None, prefix_length=None, resource_group_name=None, sku=None, tags=None, zones=None)

Get an existing PublicIpPrefix resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • ip_prefix (pulumi.Input[str]) – The IP address prefix value that was allocated.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – Specifies the name of the Public IP Prefix resource . Changing this forces a new resource to be created.

  • prefix_length (pulumi.Input[float]) – Specifies the number of bits of the prefix. The value can be set between 0 (4,294,967,296 addresses) and 31 (2 addresses). Defaults to 28(16 addresses). Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Public IP Prefix.

  • sku (pulumi.Input[str]) – The SKU of the Public IP Prefix. Accepted values are Standard. Defaults to Standard. Changing this forces a new resource to be created.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

  • zones (pulumi.Input[str]) – A collection containing the availability zone to allocate the Public IP Prefix in.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.Route(resource_name, opts=None, address_prefix=None, name=None, next_hop_in_ip_address=None, next_hop_type=None, resource_group_name=None, route_table_name=None, __props__=None, __name__=None, __opts__=None)

Manages a Route within a Route Table.

NOTE on Route Tables and Routes: This provider currently provides both a standalone Route resource, and allows for Routes to be defined in-line within the Route Table resource. At this time you cannot use a Route Table with in-line Routes in conjunction with any Route resources. Doing so will cause a conflict of Route configurations and will overwrite Routes.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_route_table = azure.network.RouteTable("exampleRouteTable",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_route = azure.network.Route("exampleRoute",
    resource_group_name=example_resource_group.name,
    route_table_name=example_route_table.name,
    address_prefix="10.1.0.0/16",
    next_hop_type="vnetlocal")
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_prefix (pulumi.Input[str]) – The destination CIDR to which the route applies, such as 10.1.0.0/16

  • name (pulumi.Input[str]) – The name of the route. Changing this forces a new resource to be created.

  • next_hop_in_ip_address (pulumi.Input[str]) – Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

  • next_hop_type (pulumi.Input[str]) – The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the route. Changing this forces a new resource to be created.

  • route_table_name (pulumi.Input[str]) – The name of the route table within which create the route. Changing this forces a new resource to be created.

address_prefix: pulumi.Output[str] = None

The destination CIDR to which the route applies, such as 10.1.0.0/16

name: pulumi.Output[str] = None

The name of the route. Changing this forces a new resource to be created.

next_hop_in_ip_address: pulumi.Output[str] = None

Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

next_hop_type: pulumi.Output[str] = None

The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the route. Changing this forces a new resource to be created.

route_table_name: pulumi.Output[str] = None

The name of the route table within which create the route. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, address_prefix=None, name=None, next_hop_in_ip_address=None, next_hop_type=None, resource_group_name=None, route_table_name=None)

Get an existing Route resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_prefix (pulumi.Input[str]) – The destination CIDR to which the route applies, such as 10.1.0.0/16

  • name (pulumi.Input[str]) – The name of the route. Changing this forces a new resource to be created.

  • next_hop_in_ip_address (pulumi.Input[str]) – Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

  • next_hop_type (pulumi.Input[str]) – The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the route. Changing this forces a new resource to be created.

  • route_table_name (pulumi.Input[str]) – The name of the route table within which create the route. Changing this forces a new resource to be created.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.RouteTable(resource_name, opts=None, disable_bgp_route_propagation=None, location=None, name=None, resource_group_name=None, routes=None, tags=None, __props__=None, __name__=None, __opts__=None)

Manages a Route Table

NOTE on Route Tables and Routes: There is both a standalone route resource, and allows for Routes to be defined in-line within the route_table resource. At this time you cannot use a Route Table with in-line Routes in conjunction with any Route resources. Doing so will cause a conflict of Route configurations and will overwrite Routes.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_route_table = azure.network.RouteTable("exampleRouteTable",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    disable_bgp_route_propagation=False,
    route=[{
        "name": "route1",
        "address_prefix": "10.1.0.0/16",
        "next_hop_type": "vnetlocal",
    }],
    tags={
        "environment": "Production",
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • disable_bgp_route_propagation (pulumi.Input[bool]) – Boolean flag which controls propagation of routes learned by BGP on that route table. True means disable.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the route.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the route table. Changing this forces a new resource to be created.

  • routes (pulumi.Input[list]) – A list of objects representing routes. Each object accepts the arguments documented below.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The routes object supports the following:

  • address_prefix (pulumi.Input[str]) - The destination CIDR to which the route applies, such as 10.1.0.0/16

  • name (pulumi.Input[str]) - The name of the route.

  • next_hop_in_ip_address (pulumi.Input[str]) - Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

  • next_hop_type (pulumi.Input[str]) - The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None.

disable_bgp_route_propagation: pulumi.Output[bool] = None

Boolean flag which controls propagation of routes learned by BGP on that route table. True means disable.

location: pulumi.Output[str] = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the route.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the route table. Changing this forces a new resource to be created.

routes: pulumi.Output[list] = None

A list of objects representing routes. Each object accepts the arguments documented below.

  • address_prefix (str) - The destination CIDR to which the route applies, such as 10.1.0.0/16

  • name (str) - The name of the route.

  • next_hop_in_ip_address (str) - Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

  • next_hop_type (str) - The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None.

subnets: pulumi.Output[list] = None

The collection of Subnets associated with this route table.

tags: pulumi.Output[dict] = None

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, disable_bgp_route_propagation=None, location=None, name=None, resource_group_name=None, routes=None, subnets=None, tags=None)

Get an existing RouteTable resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • disable_bgp_route_propagation (pulumi.Input[bool]) – Boolean flag which controls propagation of routes learned by BGP on that route table. True means disable.

  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the route.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the route table. Changing this forces a new resource to be created.

  • routes (pulumi.Input[list]) – A list of objects representing routes. Each object accepts the arguments documented below.

  • subnets (pulumi.Input[list]) – The collection of Subnets associated with this route table.

  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The routes object supports the following:

  • address_prefix (pulumi.Input[str]) - The destination CIDR to which the route applies, such as 10.1.0.0/16

  • name (pulumi.Input[str]) - The name of the route.

  • next_hop_in_ip_address (pulumi.Input[str]) - Contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

  • next_hop_type (pulumi.Input[str]) - The type of Azure hop the packet should be sent to. Possible values are VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance and None.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.Subnet(resource_name, opts=None, address_prefix=None, address_prefixes=None, delegations=None, enforce_private_link_endpoint_network_policies=None, enforce_private_link_service_network_policies=None, name=None, resource_group_name=None, service_endpoints=None, virtual_network_name=None, __props__=None, __name__=None, __opts__=None)

Manages a subnet. Subnets represent network segments within the IP space defined by the virtual network.

NOTE on Virtual Networks and Subnet’s: This provider currently provides both a standalone Subnet resource, and allows for Subnets to be defined in-line within the Virtual Network resource. At this time you cannot use a Virtual Network with in-line Subnets in conjunction with any Subnet resources. Doing so will cause a conflict of Subnet configurations and will overwrite Subnet’s.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.0.1.0/24"],
    delegation=[{
        "name": "acctestdelegation",
        "service_delegation": {
            "name": "Microsoft.ContainerInstance/containerGroups",
            "actions": [
                "Microsoft.Network/virtualNetworks/subnets/join/action",
                "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
            ],
        },
    }])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_prefix (pulumi.Input[str]) – The address prefix to use for the subnet.

  • address_prefixes (pulumi.Input[list]) – The address prefixes to use for the subnet.

  • delegations (pulumi.Input[list]) – One or more delegation blocks as defined below.

  • enforce_private_link_endpoint_network_policies (pulumi.Input[bool]) – Enable or Disable network policies for the private link endpoint on the subnet. Default value is false. Conflicts with enforce_private_link_service_network_policies.

  • enforce_private_link_service_network_policies (pulumi.Input[bool]) – Enable or Disable network policies for the private link service on the subnet. Default valule is false. Conflicts with enforce_private_link_endpoint_network_policies.

  • name (pulumi.Input[str]) – The name of the subnet. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the subnet. Changing this forces a new resource to be created.

  • service_endpoints (pulumi.Input[list]) – The list of Service endpoints to associate with the subnet. Possible values include: Microsoft.AzureActiveDirectory, Microsoft.AzureCosmosDB, Microsoft.ContainerRegistry, Microsoft.EventHub, Microsoft.KeyVault, Microsoft.ServiceBus, Microsoft.Sql, Microsoft.Storage and Microsoft.Web.

  • virtual_network_name (pulumi.Input[str]) – The name of the virtual network to which to attach the subnet. Changing this forces a new resource to be created.

The delegations object supports the following:

  • name (pulumi.Input[str]) - A name for this delegation.

  • serviceDelegation (pulumi.Input[dict]) - A service_delegation block as defined below.

    • actions (pulumi.Input[list]) - A list of Actions which should be delegated. This list is specific to the service to delegate to. Possible values include Microsoft.Network/networkinterfaces/*, Microsoft.Network/virtualNetworks/subnets/action, Microsoft.Network/virtualNetworks/subnets/join/action, Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action and Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action.

    • name (pulumi.Input[str]) - The name of service to delegate to. Possible values include Microsoft.BareMetal/AzureVMware, Microsoft.BareMetal/CrayServers, Microsoft.Batch/batchAccounts, Microsoft.ContainerInstance/containerGroups, Microsoft.Databricks/workspaces, Microsoft.DBforPostgreSQL/serversv2, Microsoft.HardwareSecurityModules/dedicatedHSMs, Microsoft.Logic/integrationServiceEnvironments, Microsoft.Netapp/volumes, Microsoft.ServiceFabricMesh/networks, Microsoft.Sql/managedInstances, Microsoft.Sql/servers, Microsoft.StreamAnalytics/streamingJobs, Microsoft.Web/hostingEnvironments and Microsoft.Web/serverFarms.

address_prefix: pulumi.Output[str] = None

The address prefix to use for the subnet.

address_prefixes: pulumi.Output[list] = None

The address prefixes to use for the subnet.

delegations: pulumi.Output[list] = None

One or more delegation blocks as defined below.

  • name (str) - A name for this delegation.

  • serviceDelegation (dict) - A service_delegation block as defined below.

    • actions (list) - A list of Actions which should be delegated. This list is specific to the service to delegate to. Possible values include Microsoft.Network/networkinterfaces/*, Microsoft.Network/virtualNetworks/subnets/action, Microsoft.Network/virtualNetworks/subnets/join/action, Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action and Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action.

    • name (str) - The name of service to delegate to. Possible values include Microsoft.BareMetal/AzureVMware, Microsoft.BareMetal/CrayServers, Microsoft.Batch/batchAccounts, Microsoft.ContainerInstance/containerGroups, Microsoft.Databricks/workspaces, Microsoft.DBforPostgreSQL/serversv2, Microsoft.HardwareSecurityModules/dedicatedHSMs, Microsoft.Logic/integrationServiceEnvironments, Microsoft.Netapp/volumes, Microsoft.ServiceFabricMesh/networks, Microsoft.Sql/managedInstances, Microsoft.Sql/servers, Microsoft.StreamAnalytics/streamingJobs, Microsoft.Web/hostingEnvironments and Microsoft.Web/serverFarms.

Enable or Disable network policies for the private link endpoint on the subnet. Default value is false. Conflicts with enforce_private_link_service_network_policies.

Enable or Disable network policies for the private link service on the subnet. Default valule is false. Conflicts with enforce_private_link_endpoint_network_policies.

name: pulumi.Output[str] = None

The name of the subnet. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None

The name of the resource group in which to create the subnet. Changing this forces a new resource to be created.

service_endpoints: pulumi.Output[list] = None

The list of Service endpoints to associate with the subnet. Possible values include: Microsoft.AzureActiveDirectory, Microsoft.AzureCosmosDB, Microsoft.ContainerRegistry, Microsoft.EventHub, Microsoft.KeyVault, Microsoft.ServiceBus, Microsoft.Sql, Microsoft.Storage and Microsoft.Web.

virtual_network_name: pulumi.Output[str] = None

The name of the virtual network to which to attach the subnet. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, address_prefix=None, address_prefixes=None, delegations=None, enforce_private_link_endpoint_network_policies=None, enforce_private_link_service_network_policies=None, name=None, resource_group_name=None, service_endpoints=None, virtual_network_name=None)

Get an existing Subnet resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • address_prefix (pulumi.Input[str]) – The address prefix to use for the subnet.

  • address_prefixes (pulumi.Input[list]) – The address prefixes to use for the subnet.

  • delegations (pulumi.Input[list]) – One or more delegation blocks as defined below.

  • enforce_private_link_endpoint_network_policies (pulumi.Input[bool]) – Enable or Disable network policies for the private link endpoint on the subnet. Default value is false. Conflicts with enforce_private_link_service_network_policies.

  • enforce_private_link_service_network_policies (pulumi.Input[bool]) – Enable or Disable network policies for the private link service on the subnet. Default valule is false. Conflicts with enforce_private_link_endpoint_network_policies.

  • name (pulumi.Input[str]) – The name of the subnet. Changing this forces a new resource to be created.

  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the subnet. Changing this forces a new resource to be created.

  • service_endpoints (pulumi.Input[list]) – The list of Service endpoints to associate with the subnet. Possible values include: Microsoft.AzureActiveDirectory, Microsoft.AzureCosmosDB, Microsoft.ContainerRegistry, Microsoft.EventHub, Microsoft.KeyVault, Microsoft.ServiceBus, Microsoft.Sql, Microsoft.Storage and Microsoft.Web.

  • virtual_network_name (pulumi.Input[str]) – The name of the virtual network to which to attach the subnet. Changing this forces a new resource to be created.

The delegations object supports the following:

  • name (pulumi.Input[str]) - A name for this delegation.

  • serviceDelegation (pulumi.Input[dict]) - A service_delegation block as defined below.

    • actions (pulumi.Input[list]) - A list of Actions which should be delegated. This list is specific to the service to delegate to. Possible values include Microsoft.Network/networkinterfaces/*, Microsoft.Network/virtualNetworks/subnets/action, Microsoft.Network/virtualNetworks/subnets/join/action, Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action and Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action.

    • name (pulumi.Input[str]) - The name of service to delegate to. Possible values include Microsoft.BareMetal/AzureVMware, Microsoft.BareMetal/CrayServers, Microsoft.Batch/batchAccounts, Microsoft.ContainerInstance/containerGroups, Microsoft.Databricks/workspaces, Microsoft.DBforPostgreSQL/serversv2, Microsoft.HardwareSecurityModules/dedicatedHSMs, Microsoft.Logic/integrationServiceEnvironments, Microsoft.Netapp/volumes, Microsoft.ServiceFabricMesh/networks, Microsoft.Sql/managedInstances, Microsoft.Sql/servers, Microsoft.StreamAnalytics/streamingJobs, Microsoft.Web/hostingEnvironments and Microsoft.Web/serverFarms.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.network.SubnetNatGatewayAssociation(resource_name, opts=None, nat_gateway_id=None, subnet_id=None, __props__=None, __name__=None, __opts__=None)

Associates a NAT Gateway with a Subnet within a Virtual Network.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="East US 2")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
example_subnet = azure.network.Subnet("exampleSubnet",