palo_vm.json

## palo_vm.json
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#"
contentVersion: "1.0.0.20"
parameters:
  location:
    type: stri
      description: "The region to deploy the resources into"
  srcIPInboundNSG:
    type: string
    metadata:
      description: "Your source public IP address. Added to the inbound NSG on eth0 (MGMT)"
    defaultValue: "0.0.0.0/0"
  customData:
    type: string
    defaultValue: "echo customData"
    metadata:
      description: "String passed down to the Virtual Machine."
  vmName:
    type: string
    metadata:
      description: "Name of VM-Series VM in the Azure portal"
    defaultValue: "VM-Series"
  imageVersion:
    type: string
    allowedValues:
      - latest
      - "8.1.0"
      - "8.0.0"
      - "7.1.1"
    metadata:
      description: "Version number of VM-Series VM in the Azure portal"
    defaultValue: latest
  vmSize:
    type: string
    allowedValues:
      - Standard_D3
      - Standard_D4
      - Standard_D3_v2
      - Standard_D4_v2
      - Standard_D5_v2
      - Standard_A4
    metadata:
      description: "Azure VM size for VM-Series"
    defaultValue: Standard_D3_v2
  virtualNetworkName:
    type: string
    metadata:
      description: "Name of the Virtual Network (VNET)"
    defaultValue: fwVNET
  vnetNewOrExisting:
    type: string
    defaultValue: new
    allowedValues:
      - new
      - existing
    metadata:
      description: "Use new or existing VNET"
  virtualNetworkAddressPrefixes:
    type: array
    defaultValue: "[array('192.168.0.0/16')]"
    metadata:
      description: "Virtual network address CIDR"
  virtualNetworkExistingRGName:
    type: string
    defaultValue: ""
    metadata:
      description: "Name of resource group of existing VNET (if applicable)"
  subnet0Name:
    type: string
    defaultValue: Mgmt
    metadata:
      description: "Subnet for Management"
  subnet1Name:
    type: string
    defaultValue: Untrust
    metadata:
      description: "Subnet for Untrust"
  subnet2Name:
    type: string
    defaultValue: Trust
    metadata:
      description: "Subnet for Trust"
  subnet0Prefix:
    type: string
    defaultValue: "192.168.0.0/24"
    metadata:
      description: "Mgmt subnet CIDR"
  subnet1Prefix:
    type: string
    defaultValue: "192.168.1.0/24"
    metadata:
      description: "Untrust subnet CIDR"
  subnet2Prefix:
    type: string
    defaultValue: "192.168.2.0/24"
    metadata:
      description: "Trust subnet CIDR"
  subnet0StartAddress:
    type: string
    defaultValue: "192.168.0.4"
    metadata:
      description: "Mgmt subnet start address"
  subnet1StartAddress:
    type: string
    defaultValue: "192.168.1.4"
    metadata:
      description: "Untrust subnet start address"
  subnet2StartAddress:
    type: string
    defaultValue: "192.168.2.4"
    metadata:
      description: "Trust subnet start address"
  adminUsername:
    type: string
    metadata:
      description: "Username of the administrator account of VM-Series"
  adminPassword:
    type: securestring
    defaultValue: ""
    metadata:
      description: "Password for the administrator account of VM-Series"
  baseUrl:
    type: string
    metadata:
      artifactsBaseUrl: ""
      description: "URL to acquire other VM-Series for Azure templates"
    defaultValue: "https://mprpdfartifactstore.azureedge.net/publicartifacts/paloaltonetworks.vmseries-ngfw-7ef69be7-5c44-44b4-aeac-f1311b93893f-bundle1/Artifacts"
  PublicIPNewOrExisting:
    type: string
    defaultValue: new
    allowedValues:
      - new
      - existing
    metadata:
      description: "Public IP for mgmt interface is new or existing"
  PublicIPRGName:
    type: string
    defaultValue: ""
    metadata:
      description: "Resource Group containing existing public IP"
  publicIPAddressName:
    type: string
    metadata:
      description: "Name of existing public IP resource"
  storageAccountName:
    type: string
    metadata:
      description: "Name prefix of the new storage account created to store the VM's disks"
  storageAccountNewOrExisting:
    type: string
    defaultValue: new
    allowedValues:
      - new
      - existing
    metadata:
      Description: "Storage Account is new or existing"
  storageAccountExistingRG:
    type: string
    defaultValue: "[resourceGroup().name]"
    metadata:
      description: "Storage's Resource Group for existing VM."
  storageAccountType:
    type: string
    allowedValues:
      - Standard_LRS
      - Standard_GRS
      - Standard_RAGRS
    metadata:
      description: "Type of the storage account created"
    defaultValue: Standard_LRS
  bootstrap:
    type: string
    defaultValue: no
    allowedValues:
      - yes
      - no
    metadata:
      description: "Pass bootstrap data to VM"
  authenticationType:
    type: string
    metadata:
      descritpion: "Type of administrator user authentication "
    allowedValues:
      - sshPublicKey
      - password
    defaultValue: password
  sshKey:
    type: string
    defaultValue: ""
    metadata:
      description: "SSH rsa public key file as a string."
variables:
  imagePublisher: paloaltonetworks
  imageSku: bundle1
  imageOffer: vmseries1
  nsgName: DefaultNSG
  nicName: "[concat(parameters('vmName'), '-', parameters('publicIPAddressName'), '-eth')]"
  FWPrivateIPAddressUntrust: "[parameters('subnet1StartAddress')]"
  FWPrivateIPAddressTrust: "[parameters('subnet2StartAddress')]"
  vnetID: "[resourceId(parameters('virtualNetworkExistingRGName'),concat('Microsoft.Network','/','virtualNetworks'),parameters('virtualNetworkName'))]"
  subnet0Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]"
  subnet1Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]"
  subnet2Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet2Name'))]"
  publicIPAddressType: Dynamic
  virtualNetworkAddressPrefix: "[parameters('virtualNetworkAddressPrefixes')[0]]"
  subnets:
    - name: "[parameters('subnet0Name')]"
      properties:
        addressPrefix: "[parameters('subnet0Prefix')]"
        networkSecurityGroup:
          id: "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsgName'))]"
    - name: "[parameters('subnet1Name')]"
      properties:
        addressPrefix: "[parameters('subnet1Prefix')]"
    - name: "[parameters('subnet2Name')]"
      properties:
        addressPrefix: "[parameters('subnet2Prefix')]"
  storageAccountSetupURL: "[concat(parameters('baseUrl'),'/storageAccount-',parameters('storageAccountNewOrExisting'),'.json')]"
  nsgSetupURL: "[concat(parameters('baseUrl'),'/nsg-new.json')]"
  SettingUpPublicIPUrl: "[concat(parameters('baseUrl'),'/publicip-',parameters('PublicIPNewOrExisting'),'.json')]"
  vnetSetupURL: "[concat(parameters('baseUrl'),'/vnet-', parameters('vnetNewOrExisting'),'.json')]"
  setupNICsURL: "[concat(parameters('baseUrl'),'/setupNICS-', parameters('vnetNewOrExisting'),'.json')]"
  vmTemplateUrl: "[concat(parameters('baseUrl'), '/virtual-machine-', parameters('authenticationType'),'-bs-', parameters('bootstrap'), '.json')]"
resources:
  - apiVersion: "2017-05-10"
    name: "pid-5C789549-0D4A-46A4-BF95-51CDED58B0F0"
    type: "Microsoft.Resources/deployments"
    properties:
      mode: Incremental
      template:
        "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#"
        contentVersion: "1.0.0.0"
        resources:
          []
  - name: SettingUpStorageAccount
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('storageAccountSetupURL')]"
        contentVersion: "1.0.0.1"
      parameters:
        location:
          value: "[parameters('location')]"
        storageAccountType:
          value: "[parameters('storageAccountType')]"
        storageAccountName:
          value: "[parameters('storageAccountName')]"
        storageAccountExistingRG:
          value: "[parameters('storageAccountExistingRG')]"
  - name: SettingUpPublicIPs
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('SettingUpPublicIPUrl')]"
        contentVersion: "1.0.0.2"
      parameters:
        location:
          value: "[parameters('location')]"
        publicIPAddressName:
          value: "[parameters('publicIPAddressName')]"
        publicIPAddressType:
          value: "[variables('publicIPAddressType')]"
        publicIpRGName:
          value: "[parameters('PublicIPRGName')]"
  - name: "[variables('nsgName')]"
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('nsgSetupURL')]"
        contentVersion: "1.0.0.1"
      parameters:
        location:
          value: "[parameters('location')]"
        nsgName:
          value: "[variables('nsgName')]"
        srcIPInboundNSG:
          value: "[parameters('srcIPInboundNSG')]"
        virtualNetworkAddressPrefix:
          value: "[variables('virtualNetworkAddressPrefix')]"
  - name: SettingUpVirtualNetwork
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    dependsOn:
      - "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('vnetSetupURL')]"
        contentVersion: "1.0.0.1"
      parameters:
        location:
          value: "[parameters('location')]"
        nsgName:
          value: "[variables('nsgName')]"
        virtualNetworkName:
          value: "[parameters('virtualNetworkName')]"
        virtualNetworkAddressPrefix:
          value: "[variables('virtualNetworkAddressPrefix')]"
        subnets:
          value: "[variables('subnets')]"
        virtualNetworkExistingRGName:
          value: "[parameters('virtualNetworkExistingRGName')]"
  - name: SetupNetworkInterfaces
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    dependsOn:
      - "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
      - "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('setupNICsURL')]"
        contentVersion: "1.0.0.2"
      parameters:
        location:
          value: "[parameters('location')]"
        nicName:
          value: "[variables('nicName')]"
        subnet0Name:
          value: "[parameters('subnet0Name')]"
        subnet0StartAddress:
          value: "[parameters('subnet0StartAddress')]"
        subnet1Name:
          value: "[parameters('subnet1Name')]"
        subnet1StartAddress:
          value: "[parameters('subnet1StartAddress')]"
        subnet2Name:
          value: "[parameters('subnet2Name')]"
        subnet2StartAddress:
          value: "[parameters('subnet2StartAddress')]"
        virtualNetworkName:
          value: "[parameters('virtualNetworkName')]"
        virtualNetworkExistingRGName:
          value: "[parameters('virtualNetworkExistingRGName')]"
        PublicIPResourceId:
          value: "[reference('SettingUpPublicIPs').outputs.publicIpId.value]"
  - name: "PAN-VM"
    type: "Microsoft.Resources/deployments"
    apiVersion: "2017-05-10"
    dependsOn:
      - "Microsoft.Resources/deployments/SettingUpStorageAccount"
      - "Microsoft.Resources/deployments/SettingUpPublicIPs"
      - "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]"
      - "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
      - "Microsoft.Resources/deployments/SetupNetworkInterfaces"
    properties:
      mode: Incremental
      templateLink:
        uri: "[variables('vmTemplateUrl')]"
        contentVersion: "1.0.0.5"
      parameters:
        location:
          value: "[parameters('location')]"
        customData:
          value: "[parameters('customData')]"
        vmName:
          value: "[parameters('vmName')]"
        publicIPAddressName:
          value: "[parameters('publicIPAddressName')]"
        imageSku:
          value: "[variables('imageSku')]"
        imageOffer:
          value: "[variables('imageOffer')]"
        imagePublisher:
          value: "[variables('imagePublisher')]"
        imageVersion:
          value: "[parameters('imageVersion')]"
        nicName:
          value: "[variables('nicName')]"
        vmSize:
          value: "[parameters('vmSize')]"
        adminUsername:
          value: "[parameters('adminUsername')]"
        adminPassword:
          value: "[parameters('adminPassword')]"
        storageAccountName:
          value: "[parameters('storageAccountName')]"
        storageAccountExistingRG:
          value: "[parameters('storageAccountExistingRG')]"
        sshKey:
          value: "[parameters('sshKey')]"