Share via


Microsoft.Network vpnSites 2023-04-01

Bicep resource definition

The vpnSites resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnSites resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/vpnSites@2023-04-01' = {
  scope: resourceSymbolicName or scope
  ___location: 'string'
  name: 'string'
  properties: {
    addressSpace: {
      addressPrefixes: [
        'string'
      ]
    }
    bgpProperties: {
      asn: int
      bgpPeeringAddress: 'string'
      bgpPeeringAddresses: [
        {
          customBgpIpAddresses: [
            'string'
          ]
          ipconfigurationId: 'string'
        }
      ]
      peerWeight: int
    }
    deviceProperties: {
      deviceModel: 'string'
      deviceVendor: 'string'
      linkSpeedInMbps: int
    }
    ipAddress: 'string'
    isSecuritySite: bool
    o365Policy: {
      breakOutCategories: {
        allow: bool
        default: bool
        optimize: bool
      }
    }
    siteKey: 'string'
    virtualWan: {
      id: 'string'
    }
    vpnSiteLinks: [
      {
        id: 'string'
        name: 'string'
        properties: {
          bgpProperties: {
            asn: int
            bgpPeeringAddress: 'string'
          }
          fqdn: 'string'
          ipAddress: 'string'
          linkProperties: {
            linkProviderName: 'string'
            linkSpeedInMbps: int
          }
        }
      }
    ]
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

Microsoft.Network/vpnSites

Name Description Value
___location Resource ___location. string
name The resource name string (required)
properties Properties of the VPN site. VpnSiteProperties
scope Use when creating a resource at a scope that is different than the deployment scope. Set this property to the symbolic name of a resource to apply the extension resource.
tags Resource tags Dictionary of tag names and values. See Tags in templates

AddressSpace

Name Description Value
addressPrefixes A list of address blocks reserved for this virtual network in CIDR notation. string[]

BgpSettings

Name Description Value
asn The BGP speaker's ASN. int

Constraints:
Min value = 0
Max value = 4294967295
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string
bgpPeeringAddresses BGP peering address with IP configuration ID for virtual network gateway. IPConfigurationBgpPeeringAddress[]
peerWeight The weight added to routes learned from this BGP speaker. int

DeviceProperties

Name Description Value
deviceModel Model of the device. string
deviceVendor Name of the device Vendor. string
linkSpeedInMbps Link speed. int

IPConfigurationBgpPeeringAddress

Name Description Value
customBgpIpAddresses The list of custom BGP peering addresses which belong to IP configuration. string[]
ipconfigurationId The ID of IP configuration which belongs to gateway. string

O365BreakOutCategoryPolicies

Name Description Value
allow Flag to control allow category. bool
default Flag to control default category. bool
optimize Flag to control optimize category. bool

O365PolicyProperties

Name Description Value
breakOutCategories Office365 breakout categories. O365BreakOutCategoryPolicies

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource ID. string

VpnLinkBgpSettings

Name Description Value
asn The BGP speaker's ASN. int
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string

VpnLinkProviderProperties

Name Description Value
linkProviderName Name of the link provider. string
linkSpeedInMbps Link speed. int
Name Description Value
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the VPN site link. VpnSiteLinkProperties

VpnSiteLinkProperties

Name Description Value
bgpProperties The set of bgp properties. VpnLinkBgpSettings
fqdn FQDN of vpn-site-link. string
ipAddress The ip-address for the vpn-site-link. string
linkProperties The link provider properties. VpnLinkProviderProperties

VpnSiteProperties

Name Description Value
addressSpace The AddressSpace that contains an array of IP address ranges. AddressSpace
bgpProperties The set of bgp properties. BgpSettings
deviceProperties The device properties. DeviceProperties
ipAddress The ip-address for the vpn-site. string
isSecuritySite IsSecuritySite flag. bool
o365Policy Office365 Policy. O365PolicyProperties
siteKey The key for vpn-site that can be used for connections. string
virtualWan The VirtualWAN to which the vpnSite belongs. SubResource
vpnSiteLinks List of all vpn site links. VpnSiteLink[]

Usage Examples

Azure Verified Modules

The following Azure Verified Modules can be used to deploy this resource type.

Module Description
VPN Site AVM Resource Module for VPN Site

Azure Quickstart Samples

The following Azure Quickstart templates contain Bicep samples for deploying this resource type.

Bicep File Description
Creates Virtual WAN resources This template allows you to create virtual WAN resources including Virtual WAN, Virtual Hub, VPN Gateway, VPN Site and a VPN Connecton.

ARM template resource definition

The vpnSites resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnSites resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/vpnSites",
  "apiVersion": "2023-04-01",
  "name": "string",
  "___location": "string",
  "properties": {
    "addressSpace": {
      "addressPrefixes": [ "string" ]
    },
    "bgpProperties": {
      "asn": "int",
      "bgpPeeringAddress": "string",
      "bgpPeeringAddresses": [
        {
          "customBgpIpAddresses": [ "string" ],
          "ipconfigurationId": "string"
        }
      ],
      "peerWeight": "int"
    },
    "deviceProperties": {
      "deviceModel": "string",
      "deviceVendor": "string",
      "linkSpeedInMbps": "int"
    },
    "ipAddress": "string",
    "isSecuritySite": "bool",
    "o365Policy": {
      "breakOutCategories": {
        "allow": "bool",
        "default": "bool",
        "optimize": "bool"
      }
    },
    "siteKey": "string",
    "virtualWan": {
      "id": "string"
    },
    "vpnSiteLinks": [
      {
        "id": "string",
        "name": "string",
        "properties": {
          "bgpProperties": {
            "asn": "int",
            "bgpPeeringAddress": "string"
          },
          "fqdn": "string",
          "ipAddress": "string",
          "linkProperties": {
            "linkProviderName": "string",
            "linkSpeedInMbps": "int"
          }
        }
      }
    ]
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

Microsoft.Network/vpnSites

Name Description Value
apiVersion The api version '2023-04-01'
___location Resource ___location. string
name The resource name string (required)
properties Properties of the VPN site. VpnSiteProperties
tags Resource tags Dictionary of tag names and values. See Tags in templates
type The resource type 'Microsoft.Network/vpnSites'

AddressSpace

Name Description Value
addressPrefixes A list of address blocks reserved for this virtual network in CIDR notation. string[]

BgpSettings

Name Description Value
asn The BGP speaker's ASN. int

Constraints:
Min value = 0
Max value = 4294967295
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string
bgpPeeringAddresses BGP peering address with IP configuration ID for virtual network gateway. IPConfigurationBgpPeeringAddress[]
peerWeight The weight added to routes learned from this BGP speaker. int

DeviceProperties

Name Description Value
deviceModel Model of the device. string
deviceVendor Name of the device Vendor. string
linkSpeedInMbps Link speed. int

IPConfigurationBgpPeeringAddress

Name Description Value
customBgpIpAddresses The list of custom BGP peering addresses which belong to IP configuration. string[]
ipconfigurationId The ID of IP configuration which belongs to gateway. string

O365BreakOutCategoryPolicies

Name Description Value
allow Flag to control allow category. bool
default Flag to control default category. bool
optimize Flag to control optimize category. bool

O365PolicyProperties

Name Description Value
breakOutCategories Office365 breakout categories. O365BreakOutCategoryPolicies

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource ID. string

VpnLinkBgpSettings

Name Description Value
asn The BGP speaker's ASN. int
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string

VpnLinkProviderProperties

Name Description Value
linkProviderName Name of the link provider. string
linkSpeedInMbps Link speed. int
Name Description Value
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the VPN site link. VpnSiteLinkProperties

VpnSiteLinkProperties

Name Description Value
bgpProperties The set of bgp properties. VpnLinkBgpSettings
fqdn FQDN of vpn-site-link. string
ipAddress The ip-address for the vpn-site-link. string
linkProperties The link provider properties. VpnLinkProviderProperties

VpnSiteProperties

Name Description Value
addressSpace The AddressSpace that contains an array of IP address ranges. AddressSpace
bgpProperties The set of bgp properties. BgpSettings
deviceProperties The device properties. DeviceProperties
ipAddress The ip-address for the vpn-site. string
isSecuritySite IsSecuritySite flag. bool
o365Policy Office365 Policy. O365PolicyProperties
siteKey The key for vpn-site that can be used for connections. string
virtualWan The VirtualWAN to which the vpnSite belongs. SubResource
vpnSiteLinks List of all vpn site links. VpnSiteLink[]

Usage Examples

Azure Quickstart Templates

The following Azure Quickstart templates deploy this resource type.

Template Description
Creates Virtual WAN resources

Deploy to Azure
This template allows you to create virtual WAN resources including Virtual WAN, Virtual Hub, VPN Gateway, VPN Site and a VPN Connecton.

Terraform (AzAPI provider) resource definition

The vpnSites resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnSites resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/vpnSites@2023-04-01"
  name = "string"
  parent_id = "string"
  ___location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    properties = {
      addressSpace = {
        addressPrefixes = [
          "string"
        ]
      }
      bgpProperties = {
        asn = int
        bgpPeeringAddress = "string"
        bgpPeeringAddresses = [
          {
            customBgpIpAddresses = [
              "string"
            ]
            ipconfigurationId = "string"
          }
        ]
        peerWeight = int
      }
      deviceProperties = {
        deviceModel = "string"
        deviceVendor = "string"
        linkSpeedInMbps = int
      }
      ipAddress = "string"
      isSecuritySite = bool
      o365Policy = {
        breakOutCategories = {
          allow = bool
          default = bool
          optimize = bool
        }
      }
      siteKey = "string"
      virtualWan = {
        id = "string"
      }
      vpnSiteLinks = [
        {
          id = "string"
          name = "string"
          properties = {
            bgpProperties = {
              asn = int
              bgpPeeringAddress = "string"
            }
            fqdn = "string"
            ipAddress = "string"
            linkProperties = {
              linkProviderName = "string"
              linkSpeedInMbps = int
            }
          }
        }
      ]
    }
  }
}

Property Values

Microsoft.Network/vpnSites

Name Description Value
___location Resource ___location. string
name The resource name string (required)
parent_id The ID of the resource to apply this extension resource to. string (required)
properties Properties of the VPN site. VpnSiteProperties
tags Resource tags Dictionary of tag names and values.
type The resource type "Microsoft.Network/vpnSites@2023-04-01"

AddressSpace

Name Description Value
addressPrefixes A list of address blocks reserved for this virtual network in CIDR notation. string[]

BgpSettings

Name Description Value
asn The BGP speaker's ASN. int

Constraints:
Min value = 0
Max value = 4294967295
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string
bgpPeeringAddresses BGP peering address with IP configuration ID for virtual network gateway. IPConfigurationBgpPeeringAddress[]
peerWeight The weight added to routes learned from this BGP speaker. int

DeviceProperties

Name Description Value
deviceModel Model of the device. string
deviceVendor Name of the device Vendor. string
linkSpeedInMbps Link speed. int

IPConfigurationBgpPeeringAddress

Name Description Value
customBgpIpAddresses The list of custom BGP peering addresses which belong to IP configuration. string[]
ipconfigurationId The ID of IP configuration which belongs to gateway. string

O365BreakOutCategoryPolicies

Name Description Value
allow Flag to control allow category. bool
default Flag to control default category. bool
optimize Flag to control optimize category. bool

O365PolicyProperties

Name Description Value
breakOutCategories Office365 breakout categories. O365BreakOutCategoryPolicies

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource ID. string

VpnLinkBgpSettings

Name Description Value
asn The BGP speaker's ASN. int
bgpPeeringAddress The BGP peering address and BGP identifier of this BGP speaker. string

VpnLinkProviderProperties

Name Description Value
linkProviderName Name of the link provider. string
linkSpeedInMbps Link speed. int
Name Description Value
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the VPN site link. VpnSiteLinkProperties

VpnSiteLinkProperties

Name Description Value
bgpProperties The set of bgp properties. VpnLinkBgpSettings
fqdn FQDN of vpn-site-link. string
ipAddress The ip-address for the vpn-site-link. string
linkProperties The link provider properties. VpnLinkProviderProperties

VpnSiteProperties

Name Description Value
addressSpace The AddressSpace that contains an array of IP address ranges. AddressSpace
bgpProperties The set of bgp properties. BgpSettings
deviceProperties The device properties. DeviceProperties
ipAddress The ip-address for the vpn-site. string
isSecuritySite IsSecuritySite flag. bool
o365Policy Office365 Policy. O365PolicyProperties
siteKey The key for vpn-site that can be used for connections. string
virtualWan The VirtualWAN to which the vpnSite belongs. SubResource
vpnSiteLinks List of all vpn site links. VpnSiteLink[]

Usage Examples

Terraform Samples

A basic example of deploying VPN Site.

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
  }
}

provider "azapi" {
  skip_provider_registration = false
}

variable "resource_name" {
  type    = string
  default = "acctest0001"
}

variable "___location" {
  type    = string
  default = "westeurope"
}

resource "azapi_resource" "resourceGroup" {
  type     = "Microsoft.Resources/resourceGroups@2020-06-01"
  name     = var.resource_name
  ___location = var.___location
}

resource "azapi_resource" "virtualWan" {
  type      = "Microsoft.Network/virtualWans@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      allowBranchToBranchTraffic     = true
      disableVpnEncryption           = false
      office365LocalBreakoutCategory = "None"
      type                           = "Standard"
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}

resource "azapi_resource" "vpnSite" {
  type      = "Microsoft.Network/vpnSites@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      addressSpace = {
        addressPrefixes = [
          "10.0.1.0/24",
        ]
      }
      virtualWan = {
        id = azapi_resource.virtualWan.id
      }
      vpnSiteLinks = [
        {
          name = "link1"
          properties = {
            fqdn      = ""
            ipAddress = "10.0.1.1"
            linkProperties = {
              linkProviderName = ""
              linkSpeedInMbps  = 0
            }
          }
        },
        {
          name = "link2"
          properties = {
            fqdn      = ""
            ipAddress = "10.0.1.2"
            linkProperties = {
              linkProviderName = ""
              linkSpeedInMbps  = 0
            }
          }
        },
      ]
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}