"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" | |
contentVersion: "1.0.0.20" | |
parameters: | |
location: | |
type: stri | |
description: "The region to deploy the resources into" | |
srcIPInboundNSG: | |
type: string | |
metadata: | |
description: "Your source public IP address. Added to the inbound NSG on eth0 (MGMT)" | |
defaultValue: "0.0.0.0/0" | |
customData: | |
type: string | |
defaultValue: "echo customData" | |
metadata: | |
description: "String passed down to the Virtual Machine." | |
vmName: | |
type: string | |
metadata: | |
description: "Name of VM-Series VM in the Azure portal" | |
defaultValue: "VM-Series" | |
imageVersion: | |
type: string | |
allowedValues: | |
- latest | |
- "8.1.0" | |
- "8.0.0" | |
- "7.1.1" | |
metadata: | |
description: "Version number of VM-Series VM in the Azure portal" | |
defaultValue: latest | |
vmSize: | |
type: string | |
allowedValues: | |
- Standard_D3 | |
- Standard_D4 | |
- Standard_D3_v2 | |
- Standard_D4_v2 | |
- Standard_D5_v2 | |
- Standard_A4 | |
metadata: | |
description: "Azure VM size for VM-Series" | |
defaultValue: Standard_D3_v2 | |
virtualNetworkName: | |
type: string | |
metadata: | |
description: "Name of the Virtual Network (VNET)" | |
defaultValue: fwVNET | |
vnetNewOrExisting: | |
type: string | |
defaultValue: new | |
allowedValues: | |
- new | |
- existing | |
metadata: | |
description: "Use new or existing VNET" | |
virtualNetworkAddressPrefixes: | |
type: array | |
defaultValue: "[array('192.168.0.0/16')]" | |
metadata: | |
description: "Virtual network address CIDR" | |
virtualNetworkExistingRGName: | |
type: string | |
defaultValue: "" | |
metadata: | |
description: "Name of resource group of existing VNET (if applicable)" | |
subnet0Name: | |
type: string | |
defaultValue: Mgmt | |
metadata: | |
description: "Subnet for Management" | |
subnet1Name: | |
type: string | |
defaultValue: Untrust | |
metadata: | |
description: "Subnet for Untrust" | |
subnet2Name: | |
type: string | |
defaultValue: Trust | |
metadata: | |
description: "Subnet for Trust" | |
subnet0Prefix: | |
type: string | |
defaultValue: "192.168.0.0/24" | |
metadata: | |
description: "Mgmt subnet CIDR" | |
subnet1Prefix: | |
type: string | |
defaultValue: "192.168.1.0/24" | |
metadata: | |
description: "Untrust subnet CIDR" | |
subnet2Prefix: | |
type: string | |
defaultValue: "192.168.2.0/24" | |
metadata: | |
description: "Trust subnet CIDR" | |
subnet0StartAddress: | |
type: string | |
defaultValue: "192.168.0.4" | |
metadata: | |
description: "Mgmt subnet start address" | |
subnet1StartAddress: | |
type: string | |
defaultValue: "192.168.1.4" | |
metadata: | |
description: "Untrust subnet start address" | |
subnet2StartAddress: | |
type: string | |
defaultValue: "192.168.2.4" | |
metadata: | |
description: "Trust subnet start address" | |
adminUsername: | |
type: string | |
metadata: | |
description: "Username of the administrator account of VM-Series" | |
adminPassword: | |
type: securestring | |
defaultValue: "" | |
metadata: | |
description: "Password for the administrator account of VM-Series" | |
baseUrl: | |
type: string | |
metadata: | |
artifactsBaseUrl: "" | |
description: "URL to acquire other VM-Series for Azure templates" | |
defaultValue: "https://mprpdfartifactstore.azureedge.net/publicartifacts/paloaltonetworks.vmseries-ngfw-7ef69be7-5c44-44b4-aeac-f1311b93893f-bundle1/Artifacts" | |
PublicIPNewOrExisting: | |
type: string | |
defaultValue: new | |
allowedValues: | |
- new | |
- existing | |
metadata: | |
description: "Public IP for mgmt interface is new or existing" | |
PublicIPRGName: | |
type: string | |
defaultValue: "" | |
metadata: | |
description: "Resource Group containing existing public IP" | |
publicIPAddressName: | |
type: string | |
metadata: | |
description: "Name of existing public IP resource" | |
storageAccountName: | |
type: string | |
metadata: | |
description: "Name prefix of the new storage account created to store the VM's disks" | |
storageAccountNewOrExisting: | |
type: string | |
defaultValue: new | |
allowedValues: | |
- new | |
- existing | |
metadata: | |
Description: "Storage Account is new or existing" | |
storageAccountExistingRG: | |
type: string | |
defaultValue: "[resourceGroup().name]" | |
metadata: | |
description: "Storage's Resource Group for existing VM." | |
storageAccountType: | |
type: string | |
allowedValues: | |
- Standard_LRS | |
- Standard_GRS | |
- Standard_RAGRS | |
metadata: | |
description: "Type of the storage account created" | |
defaultValue: Standard_LRS | |
bootstrap: | |
type: string | |
defaultValue: no | |
allowedValues: | |
- yes | |
- no | |
metadata: | |
description: "Pass bootstrap data to VM" | |
authenticationType: | |
type: string | |
metadata: | |
descritpion: "Type of administrator user authentication " | |
allowedValues: | |
- sshPublicKey | |
- password | |
defaultValue: password | |
sshKey: | |
type: string | |
defaultValue: "" | |
metadata: | |
description: "SSH rsa public key file as a string." | |
variables: | |
imagePublisher: paloaltonetworks | |
imageSku: bundle1 | |
imageOffer: vmseries1 | |
nsgName: DefaultNSG | |
nicName: "[concat(parameters('vmName'), '-', parameters('publicIPAddressName'), '-eth')]" | |
FWPrivateIPAddressUntrust: "[parameters('subnet1StartAddress')]" | |
FWPrivateIPAddressTrust: "[parameters('subnet2StartAddress')]" | |
vnetID: "[resourceId(parameters('virtualNetworkExistingRGName'),concat('Microsoft.Network','/','virtualNetworks'),parameters('virtualNetworkName'))]" | |
subnet0Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]" | |
subnet1Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]" | |
subnet2Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet2Name'))]" | |
publicIPAddressType: Dynamic | |
virtualNetworkAddressPrefix: "[parameters('virtualNetworkAddressPrefixes')[0]]" | |
subnets: | |
- name: "[parameters('subnet0Name')]" | |
properties: | |
addressPrefix: "[parameters('subnet0Prefix')]" | |
networkSecurityGroup: | |
id: "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsgName'))]" | |
- name: "[parameters('subnet1Name')]" | |
properties: | |
addressPrefix: "[parameters('subnet1Prefix')]" | |
- name: "[parameters('subnet2Name')]" | |
properties: | |
addressPrefix: "[parameters('subnet2Prefix')]" | |
storageAccountSetupURL: "[concat(parameters('baseUrl'),'/storageAccount-',parameters('storageAccountNewOrExisting'),'.json')]" | |
nsgSetupURL: "[concat(parameters('baseUrl'),'/nsg-new.json')]" | |
SettingUpPublicIPUrl: "[concat(parameters('baseUrl'),'/publicip-',parameters('PublicIPNewOrExisting'),'.json')]" | |
vnetSetupURL: "[concat(parameters('baseUrl'),'/vnet-', parameters('vnetNewOrExisting'),'.json')]" | |
setupNICsURL: "[concat(parameters('baseUrl'),'/setupNICS-', parameters('vnetNewOrExisting'),'.json')]" | |
vmTemplateUrl: "[concat(parameters('baseUrl'), '/virtual-machine-', parameters('authenticationType'),'-bs-', parameters('bootstrap'), '.json')]" | |
resources: | |
- apiVersion: "2017-05-10" | |
name: "pid-5C789549-0D4A-46A4-BF95-51CDED58B0F0" | |
type: "Microsoft.Resources/deployments" | |
properties: | |
mode: Incremental | |
template: | |
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" | |
contentVersion: "1.0.0.0" | |
resources: | |
[] | |
- name: SettingUpStorageAccount | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('storageAccountSetupURL')]" | |
contentVersion: "1.0.0.1" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
storageAccountType: | |
value: "[parameters('storageAccountType')]" | |
storageAccountName: | |
value: "[parameters('storageAccountName')]" | |
storageAccountExistingRG: | |
value: "[parameters('storageAccountExistingRG')]" | |
- name: SettingUpPublicIPs | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('SettingUpPublicIPUrl')]" | |
contentVersion: "1.0.0.2" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
publicIPAddressName: | |
value: "[parameters('publicIPAddressName')]" | |
publicIPAddressType: | |
value: "[variables('publicIPAddressType')]" | |
publicIpRGName: | |
value: "[parameters('PublicIPRGName')]" | |
- name: "[variables('nsgName')]" | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('nsgSetupURL')]" | |
contentVersion: "1.0.0.1" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
nsgName: | |
value: "[variables('nsgName')]" | |
srcIPInboundNSG: | |
value: "[parameters('srcIPInboundNSG')]" | |
virtualNetworkAddressPrefix: | |
value: "[variables('virtualNetworkAddressPrefix')]" | |
- name: SettingUpVirtualNetwork | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
dependsOn: | |
- "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('vnetSetupURL')]" | |
contentVersion: "1.0.0.1" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
nsgName: | |
value: "[variables('nsgName')]" | |
virtualNetworkName: | |
value: "[parameters('virtualNetworkName')]" | |
virtualNetworkAddressPrefix: | |
value: "[variables('virtualNetworkAddressPrefix')]" | |
subnets: | |
value: "[variables('subnets')]" | |
virtualNetworkExistingRGName: | |
value: "[parameters('virtualNetworkExistingRGName')]" | |
- name: SetupNetworkInterfaces | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
dependsOn: | |
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork" | |
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('setupNICsURL')]" | |
contentVersion: "1.0.0.2" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
nicName: | |
value: "[variables('nicName')]" | |
subnet0Name: | |
value: "[parameters('subnet0Name')]" | |
subnet0StartAddress: | |
value: "[parameters('subnet0StartAddress')]" | |
subnet1Name: | |
value: "[parameters('subnet1Name')]" | |
subnet1StartAddress: | |
value: "[parameters('subnet1StartAddress')]" | |
subnet2Name: | |
value: "[parameters('subnet2Name')]" | |
subnet2StartAddress: | |
value: "[parameters('subnet2StartAddress')]" | |
virtualNetworkName: | |
value: "[parameters('virtualNetworkName')]" | |
virtualNetworkExistingRGName: | |
value: "[parameters('virtualNetworkExistingRGName')]" | |
PublicIPResourceId: | |
value: "[reference('SettingUpPublicIPs').outputs.publicIpId.value]" | |
- name: "PAN-VM" | |
type: "Microsoft.Resources/deployments" | |
apiVersion: "2017-05-10" | |
dependsOn: | |
- "Microsoft.Resources/deployments/SettingUpStorageAccount" | |
- "Microsoft.Resources/deployments/SettingUpPublicIPs" | |
- "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]" | |
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork" | |
- "Microsoft.Resources/deployments/SetupNetworkInterfaces" | |
properties: | |
mode: Incremental | |
templateLink: | |
uri: "[variables('vmTemplateUrl')]" | |
contentVersion: "1.0.0.5" | |
parameters: | |
location: | |
value: "[parameters('location')]" | |
customData: | |
value: "[parameters('customData')]" | |
vmName: | |
value: "[parameters('vmName')]" | |
publicIPAddressName: | |
value: "[parameters('publicIPAddressName')]" | |
imageSku: | |
value: "[variables('imageSku')]" | |
imageOffer: | |
value: "[variables('imageOffer')]" | |
imagePublisher: | |
value: "[variables('imagePublisher')]" | |
imageVersion: | |
value: "[parameters('imageVersion')]" | |
nicName: | |
value: "[variables('nicName')]" | |
vmSize: | |
value: "[parameters('vmSize')]" | |
adminUsername: | |
value: "[parameters('adminUsername')]" | |
adminPassword: | |
value: "[parameters('adminPassword')]" | |
storageAccountName: | |
value: "[parameters('storageAccountName')]" | |
storageAccountExistingRG: | |
value: "[parameters('storageAccountExistingRG')]" | |
sshKey: | |
value: "[parameters('sshKey')]" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment