Azure
/
vdc
зеркало из https://github.com/Azure/vdc.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
vdc/Modules/VirtualNetworkGateway/deploy.json

314 строки
12 KiB
JSON
Исходник Ответственный История

{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualNetworkGatewayName": {
"type": "string",
"metadata": {
"description": "Required. Specifies the Virtual Network Gateway name."
}
},
"virtualNetworkGatewayType": {
"type": "string",
"metadata": {
"description": "Required. Specifies the gateway type. E.g. VPN, ExpressRoute"
}
},
"virtualNetworkGatewaySku": {
"type": "string",
"metadata": {
"description": "Required. The Sku of the Gateway. This must be one of Basic, Standard or HighPerformance."
}
},
"vpnType": {
"type": "string",
"metadata": {
"description": "Required. Specifies the VPN type"
}
},
"vNetId": {
"type": "string",
"metadata": {
"description": "Required. Virtual Network resource Id"
}
},
"enableBgp": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Optional. Value to specify if BGP is enabled or not"
}
},
"asn": {
"type": "int",
"defaultValue": 65815,
"metadata": {
"description": "Optional. ASN value"
}
},
"vpnClientAddressPoolPrefix": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network."
}
},
"clientRootCertData": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. Client root certificate data used to authenticate VPN clients."
}
},
"clientRevokedCertThumbprint": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. Thumbprint of the revoked certificate. This would revoke VPN client certificates matching this thumbprint from connecting to the VNet."
}
},
"diagnosticLogsRetentionInDays": {
"type": "int",
"defaultValue": 365,
"minValue": 0,
"maxValue": 365,
"metadata": {
"description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely."
}
},
"diagnosticStorageAccountId": {
"type": "string",
"metadata": {
"description": "Required. Resource identifier of the Diagnostic Storage Account."
}
},
"workspaceId": {
"type": "string",
"metadata": {
"description": "Required. Resource identifier of Log Analytics."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Optional. Location for all resources."
}
}
},
"variables": {
"gatewayPipName": "[concat(parameters('virtualNetworkGatewayName'), '-pip')]",
"gatewayPipResourceName": "[concat('Microsoft.Network/publicIpAddresses/',variables('gatewayPipName'))]",
"gatewaySubnetId": "[concat(parameters('vNetId'), '/subnets/GatewaySubnet')]",
"gatewayPipId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('gatewayPipName'))]",
"gatewayPip": {
"id": "[variables('gatewayPipId')]"
},
"vpnClientRootCertificates": [{
"name": "RootCert1",
"properties": {
"PublicCertData": "[parameters('clientRootCertData')]"
}
}],
"vpmClientRevokedCertificates": [{
"name": "RevokedCert1",
"properties": {
"Thumbprint": "[parameters('clientRevokedCertThumbprint')]"
}
}],
"vpnClientConfiguration": {
"vpnClientAddressPool": {
"addressPrefixes": [
"[parameters('vpnClientAddressPoolPrefix')]"
]
},
"vpnClientRootCertificates": "[if(empty(parameters('clientRootCertData')), json('null'), variables('vpnClientRootCertificates'))]",
"vpnClientRevokedCertificates": "[if(empty(parameters('clientRevokedCertThumbprint')), json('null'), variables('vpmClientRevokedCertificates'))]"
}
},
"resources": [
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('gatewayPipName')]",
"location": "[parameters('location')]",
"tags": {},
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"type": "Microsoft.Network/publicIPAddresses/providers/diagnosticSettings",
"apiVersion": "2017-05-01-preview",
"location": "[parameters('location')]",
"name": "[concat(variables('gatewayPipName'), '/Microsoft.Insights/service')]",
"dependsOn": [
"[variables('gatewayPipName')]"
],
"properties": {
"storageAccountId": "[parameters('diagnosticStorageAccountId')]",
"workspaceId": "[parameters('workspaceId')]",
"metrics": [
{
"category": "AllMetrics",
"timeGrain": null,
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
}
],
"logs": [
{
"category": "DDoSProtectionNotifications",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "DDoSMitigationFlowLogs",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "DDoSMitigationReports",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
}
]
}
},
{
"name": "[parameters('virtualNetworkGatewayName')]",
"type": "Microsoft.Network/virtualNetworkGateways",
"apiVersion": "2015-06-15",
"location": "[parameters('location')]",
"dependsOn": [
"[variables('gatewayPipResourceName')]"
],
"properties": {
"ipConfigurations": [
{
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('gatewaySubnetId')]"
},
"publicIPAddress": "[variables('gatewayPip')]"
},
"name": "vNetGatewayConfig"
}
],
"enableBgp": "[parameters('enableBgp')]",
"bgpSettings": {
"asn": "[parameters('asn')]"
},
"sku": {
"name": "[parameters('virtualNetworkGatewaySku')]",
"tier": "[parameters('virtualNetworkGatewaySku')]"
},
"gatewayType": "[parameters('virtualNetworkGatewayType')]",
"vpnType": "[parameters('vpnType')]",
"vpnClientConfiguration": "[if(empty(parameters('vpnClientAddressPoolPrefix')), json('null'), variables('vpnClientConfiguration'))]"
}
},
{
"type": "Microsoft.Network/virtualNetworkGateways/providers/diagnosticSettings",
"apiVersion": "2017-05-01-preview",
"location": "[parameters('location')]",
"name": "[concat(parameters('virtualNetworkGatewayName'), '/Microsoft.Insights/service')]",
"dependsOn": [
"[parameters('virtualNetworkGatewayName')]"
],
"properties": {
"storageAccountId": "[parameters('diagnosticStorageAccountId')]",
"workspaceId": "[parameters('workspaceId')]",
"metrics": [
{
"category": "AllMetrics",
"timeGrain": null,
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
}
],
"logs": [
{
"category": "GatewayDiagnosticLog",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "TunnelDiagnosticLog",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "RouteDiagnosticLog",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "IKEDiagnosticLog",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
},
{
"category": "P2SDiagnosticLog",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": "[parameters('diagnosticLogsRetentionInDays')]"
}
}
]
}
}
],
"outputs": {
"virtualNetworkGatewayResourceGroup": {
"type": "string",
"value": "[resourceGroup().name]",
"metadata": {
"description": "The Resource Group the Virtual Network Gateway was deployed."
}
},
"virtualNetworkGatewayName": {
"type": "string",
"value": "[parameters('virtualNetworkGatewayName')]",
"metadata": {
"description": "The Name of the Virtual Network Gateway."
}
},
"virtualNetworkGatewayId": {
"type": "string",
"value": "[resourceId('Microsoft.Network/virtualNetworkGateways', parameters('virtualNetworkGatewayName'))]",
"metadata": {
"description": "The Resource Id of the Virtual Network Gateway."
}
}
}
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку