Share via


Microsoft.Network loadBalancers/inboundNatRules 2023-11-01

Bicep resource definition

The loadBalancers/inboundNatRules resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers/inboundNatRules resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/loadBalancers/inboundNatRules@2023-11-01' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    backendAddressPool: {
      id: 'string'
    }
    backendPort: int
    enableFloatingIP: bool
    enableTcpReset: bool
    frontendIPConfiguration: {
      id: 'string'
    }
    frontendPort: int
    frontendPortRangeEnd: int
    frontendPortRangeStart: int
    idleTimeoutInMinutes: int
    protocol: 'string'
  }
}

Property Values

Microsoft.Network/loadBalancers/inboundNatRules

Name Description Value
name The resource name string (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: loadBalancers
properties Properties of load balancer inbound NAT rule. InboundNatRulePropertiesFormat

InboundNatRulePropertiesFormat

Name Description Value
backendAddressPool A reference to backendAddressPool resource. SubResource
backendPort The port used for the internal endpoint. Acceptable values range from 1 to 65535. int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. bool
enableTcpReset Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. bool
frontendIPConfiguration A reference to frontend IP addresses. SubResource
frontendPort The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. int
frontendPortRangeEnd The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
frontendPortRangeStart The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
idleTimeoutInMinutes The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. int
protocol The reference to the transport protocol used by the load balancing rule. 'All'
'Tcp'
'Udp'

SubResource

Name Description Value
id Resource ID. string

Usage Examples

Azure Quickstart Samples

The following Azure Quickstart templates contain Bicep samples for deploying this resource type.

Bicep File Description
2 VMs in a Load Balancer and configure NAT rules on the LB This template allows you to create 2 Virtual Machines in an Availability Set and configure NAT rules through the load balancer. This template also deploys a Storage Account, Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
VMs in Availability Zones with a Load Balancer and NAT This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
VMSS Flexible Orchestration Mode Quickstart Linux This template deploys a simple VM Scale Set with instances behind an Azure Load Balancer. The VM Scale set is in Flexible Orchestration Mode. Use the os parameter to choose Linux (Ubuntu) or Windows (Windows Server Datacenter 2019) deployment. NOTE: This quickstart template enables network access to VM management ports (SSH, RDP) from any internet address, and should not be used for production deployments.

ARM template resource definition

The loadBalancers/inboundNatRules resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers/inboundNatRules resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/loadBalancers/inboundNatRules",
  "apiVersion": "2023-11-01",
  "name": "string",
  "properties": {
    "backendAddressPool": {
      "id": "string"
    },
    "backendPort": "int",
    "enableFloatingIP": "bool",
    "enableTcpReset": "bool",
    "frontendIPConfiguration": {
      "id": "string"
    },
    "frontendPort": "int",
    "frontendPortRangeEnd": "int",
    "frontendPortRangeStart": "int",
    "idleTimeoutInMinutes": "int",
    "protocol": "string"
  }
}

Property Values

Microsoft.Network/loadBalancers/inboundNatRules

Name Description Value
apiVersion The api version '2023-11-01'
name The resource name string (required)
properties Properties of load balancer inbound NAT rule. InboundNatRulePropertiesFormat
type The resource type 'Microsoft.Network/loadBalancers/inboundNatRules'

InboundNatRulePropertiesFormat

Name Description Value
backendAddressPool A reference to backendAddressPool resource. SubResource
backendPort The port used for the internal endpoint. Acceptable values range from 1 to 65535. int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. bool
enableTcpReset Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. bool
frontendIPConfiguration A reference to frontend IP addresses. SubResource
frontendPort The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. int
frontendPortRangeEnd The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
frontendPortRangeStart The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
idleTimeoutInMinutes The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. int
protocol The reference to the transport protocol used by the load balancing rule. 'All'
'Tcp'
'Udp'

SubResource

Name Description Value
id Resource ID. string

Usage Examples

Azure Quickstart Templates

The following Azure Quickstart templates deploy this resource type.

Template Description
2 VMs in a Load Balancer and configure NAT rules on the LB

Deploy to Azure
This template allows you to create 2 Virtual Machines in an Availability Set and configure NAT rules through the load balancer. This template also deploys a Storage Account, Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
Azure Container Service Engine (acs-engine) - Swarm Mode

Deploy to Azure
The Azure Container Service Engine (acs-engine) generates ARM (Azure Resource Manager) templates for Docker enabled clusters on Microsoft Azure with your choice of DC/OS, Kubernetes, Swarm Mode, or Swarm orchestrators. The input to the tool is a cluster definition. The cluster definition is very similar to (in many cases the same as) the ARM template syntax used to deploy a Microsoft Azure Container Service cluster.
Barracuda Web Application Firewall with Backend IIS Servers

Deploy to Azure
This Azure quickstart template deploys a Barracuda Web Application Firewall Solution on Azure with required number of backend Windows 2012 based IIS Web Servers.Templates includes latest Barracuda WAF with Pay as you go license and latest Windows 2012 R2 Azure Image for IIS.The Barracuda Web Application Firewall inspects inbound web traffic and blocks SQL injections, Cross-Site Scripting, malware uploads & application DDoS and other attacks targeted at your web applications. One External LB is deployed with NAT rules to enable Remote desktop access to backend web servers. Please follow post deployment configuration guide available in GitHub template directory to learn more about post deployment steps related to Barracuda web application firewall and web applications publishing.
Deploy Open edX Dogwood (Multi-VM)

Deploy to Azure
This template creates a network of Ubuntu VMs, and deploys Open edX Dogwood on them. Deployment supports 1-9 application VMs and backend Mongo and MySQL VMs.
Docker Swarm Cluster

Deploy to Azure
This template creates a high-availability Docker Swarm cluster
GlassFish on SUSE

Deploy to Azure
This template deploys a load balanced GlassFish (v3 or v4) cluster, consisting of a user defined number of SUSE (OpenSUSE or SLES) VMs.
KEMP LoadMaster HA Pair

Deploy to Azure
This template deploys a KEMP LoadMaster HA Pair
VMs in Availability Zones with a Load Balancer and NAT

Deploy to Azure
This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
VMSS Flexible Orchestration Mode Quickstart Linux

Deploy to Azure
This template deploys a simple VM Scale Set with instances behind an Azure Load Balancer. The VM Scale set is in Flexible Orchestration Mode. Use the os parameter to choose Linux (Ubuntu) or Windows (Windows Server Datacenter 2019) deployment. NOTE: This quickstart template enables network access to VM management ports (SSH, RDP) from any internet address, and should not be used for production deployments.

Terraform (AzAPI provider) resource definition

The loadBalancers/inboundNatRules resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers/inboundNatRules resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/loadBalancers/inboundNatRules@2023-11-01"
  name = "string"
  parent_id = "string"
  body = {
    properties = {
      backendAddressPool = {
        id = "string"
      }
      backendPort = int
      enableFloatingIP = bool
      enableTcpReset = bool
      frontendIPConfiguration = {
        id = "string"
      }
      frontendPort = int
      frontendPortRangeEnd = int
      frontendPortRangeStart = int
      idleTimeoutInMinutes = int
      protocol = "string"
    }
  }
}

Property Values

Microsoft.Network/loadBalancers/inboundNatRules

Name Description Value
name The resource name string (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: loadBalancers
properties Properties of load balancer inbound NAT rule. InboundNatRulePropertiesFormat
type The resource type "Microsoft.Network/loadBalancers/inboundNatRules@2023-11-01"

InboundNatRulePropertiesFormat

Name Description Value
backendAddressPool A reference to backendAddressPool resource. SubResource
backendPort The port used for the internal endpoint. Acceptable values range from 1 to 65535. int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. bool
enableTcpReset Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. bool
frontendIPConfiguration A reference to frontend IP addresses. SubResource
frontendPort The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534. int
frontendPortRangeEnd The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
frontendPortRangeStart The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534. int
idleTimeoutInMinutes The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. int
protocol The reference to the transport protocol used by the load balancing rule. 'All'
'Tcp'
'Udp'

SubResource

Name Description Value
id Resource ID. string