Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#"
contentVersion: "1.0.0.20"
parameters:
location:
type: stri
description: "The region to deploy the resources into"
srcIPInboundNSG:
type: string
metadata:
description: "Your source public IP address. Added to the inbound NSG on eth0 (MGMT)"
defaultValue: "0.0.0.0/0"
customData:
type: string
defaultValue: "echo customData"
metadata:
description: "String passed down to the Virtual Machine."
vmName:
type: string
metadata:
description: "Name of VM-Series VM in the Azure portal"
defaultValue: "VM-Series"
imageVersion:
type: string
allowedValues:
- latest
- "8.1.0"
- "8.0.0"
- "7.1.1"
metadata:
description: "Version number of VM-Series VM in the Azure portal"
defaultValue: latest
vmSize:
type: string
allowedValues:
- Standard_D3
- Standard_D4
- Standard_D3_v2
- Standard_D4_v2
- Standard_D5_v2
- Standard_A4
metadata:
description: "Azure VM size for VM-Series"
defaultValue: Standard_D3_v2
virtualNetworkName:
type: string
metadata:
description: "Name of the Virtual Network (VNET)"
defaultValue: fwVNET
vnetNewOrExisting:
type: string
defaultValue: new
allowedValues:
- new
- existing
metadata:
description: "Use new or existing VNET"
virtualNetworkAddressPrefixes:
type: array
defaultValue: "[array('192.168.0.0/16')]"
metadata:
description: "Virtual network address CIDR"
virtualNetworkExistingRGName:
type: string
defaultValue: ""
metadata:
description: "Name of resource group of existing VNET (if applicable)"
subnet0Name:
type: string
defaultValue: Mgmt
metadata:
description: "Subnet for Management"
subnet1Name:
type: string
defaultValue: Untrust
metadata:
description: "Subnet for Untrust"
subnet2Name:
type: string
defaultValue: Trust
metadata:
description: "Subnet for Trust"
subnet0Prefix:
type: string
defaultValue: "192.168.0.0/24"
metadata:
description: "Mgmt subnet CIDR"
subnet1Prefix:
type: string
defaultValue: "192.168.1.0/24"
metadata:
description: "Untrust subnet CIDR"
subnet2Prefix:
type: string
defaultValue: "192.168.2.0/24"
metadata:
description: "Trust subnet CIDR"
subnet0StartAddress:
type: string
defaultValue: "192.168.0.4"
metadata:
description: "Mgmt subnet start address"
subnet1StartAddress:
type: string
defaultValue: "192.168.1.4"
metadata:
description: "Untrust subnet start address"
subnet2StartAddress:
type: string
defaultValue: "192.168.2.4"
metadata:
description: "Trust subnet start address"
adminUsername:
type: string
metadata:
description: "Username of the administrator account of VM-Series"
adminPassword:
type: securestring
defaultValue: ""
metadata:
description: "Password for the administrator account of VM-Series"
baseUrl:
type: string
metadata:
artifactsBaseUrl: ""
description: "URL to acquire other VM-Series for Azure templates"
defaultValue: "https://mprpdfartifactstore.azureedge.net/publicartifacts/paloaltonetworks.vmseries-ngfw-7ef69be7-5c44-44b4-aeac-f1311b93893f-bundle1/Artifacts"
PublicIPNewOrExisting:
type: string
defaultValue: new
allowedValues:
- new
- existing
metadata:
description: "Public IP for mgmt interface is new or existing"
PublicIPRGName:
type: string
defaultValue: ""
metadata:
description: "Resource Group containing existing public IP"
publicIPAddressName:
type: string
metadata:
description: "Name of existing public IP resource"
storageAccountName:
type: string
metadata:
description: "Name prefix of the new storage account created to store the VM's disks"
storageAccountNewOrExisting:
type: string
defaultValue: new
allowedValues:
- new
- existing
metadata:
Description: "Storage Account is new or existing"
storageAccountExistingRG:
type: string
defaultValue: "[resourceGroup().name]"
metadata:
description: "Storage's Resource Group for existing VM."
storageAccountType:
type: string
allowedValues:
- Standard_LRS
- Standard_GRS
- Standard_RAGRS
metadata:
description: "Type of the storage account created"
defaultValue: Standard_LRS
bootstrap:
type: string
defaultValue: no
allowedValues:
- yes
- no
metadata:
description: "Pass bootstrap data to VM"
authenticationType:
type: string
metadata:
descritpion: "Type of administrator user authentication "
allowedValues:
- sshPublicKey
- password
defaultValue: password
sshKey:
type: string
defaultValue: ""
metadata:
description: "SSH rsa public key file as a string."
variables:
imagePublisher: paloaltonetworks
imageSku: bundle1
imageOffer: vmseries1
nsgName: DefaultNSG
nicName: "[concat(parameters('vmName'), '-', parameters('publicIPAddressName'), '-eth')]"
FWPrivateIPAddressUntrust: "[parameters('subnet1StartAddress')]"
FWPrivateIPAddressTrust: "[parameters('subnet2StartAddress')]"
vnetID: "[resourceId(parameters('virtualNetworkExistingRGName'),concat('Microsoft.Network','/','virtualNetworks'),parameters('virtualNetworkName'))]"
subnet0Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]"
subnet1Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]"
subnet2Ref: "[concat(variables('vnetID'),'/subnets/',parameters('subnet2Name'))]"
publicIPAddressType: Dynamic
virtualNetworkAddressPrefix: "[parameters('virtualNetworkAddressPrefixes')[0]]"
subnets:
- name: "[parameters('subnet0Name')]"
properties:
addressPrefix: "[parameters('subnet0Prefix')]"
networkSecurityGroup:
id: "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsgName'))]"
- name: "[parameters('subnet1Name')]"
properties:
addressPrefix: "[parameters('subnet1Prefix')]"
- name: "[parameters('subnet2Name')]"
properties:
addressPrefix: "[parameters('subnet2Prefix')]"
storageAccountSetupURL: "[concat(parameters('baseUrl'),'/storageAccount-',parameters('storageAccountNewOrExisting'),'.json')]"
nsgSetupURL: "[concat(parameters('baseUrl'),'/nsg-new.json')]"
SettingUpPublicIPUrl: "[concat(parameters('baseUrl'),'/publicip-',parameters('PublicIPNewOrExisting'),'.json')]"
vnetSetupURL: "[concat(parameters('baseUrl'),'/vnet-', parameters('vnetNewOrExisting'),'.json')]"
setupNICsURL: "[concat(parameters('baseUrl'),'/setupNICS-', parameters('vnetNewOrExisting'),'.json')]"
vmTemplateUrl: "[concat(parameters('baseUrl'), '/virtual-machine-', parameters('authenticationType'),'-bs-', parameters('bootstrap'), '.json')]"
resources:
- apiVersion: "2017-05-10"
name: "pid-5C789549-0D4A-46A4-BF95-51CDED58B0F0"
type: "Microsoft.Resources/deployments"
properties:
mode: Incremental
template:
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#"
contentVersion: "1.0.0.0"
resources:
[]
- name: SettingUpStorageAccount
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
properties:
mode: Incremental
templateLink:
uri: "[variables('storageAccountSetupURL')]"
contentVersion: "1.0.0.1"
parameters:
location:
value: "[parameters('location')]"
storageAccountType:
value: "[parameters('storageAccountType')]"
storageAccountName:
value: "[parameters('storageAccountName')]"
storageAccountExistingRG:
value: "[parameters('storageAccountExistingRG')]"
- name: SettingUpPublicIPs
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
properties:
mode: Incremental
templateLink:
uri: "[variables('SettingUpPublicIPUrl')]"
contentVersion: "1.0.0.2"
parameters:
location:
value: "[parameters('location')]"
publicIPAddressName:
value: "[parameters('publicIPAddressName')]"
publicIPAddressType:
value: "[variables('publicIPAddressType')]"
publicIpRGName:
value: "[parameters('PublicIPRGName')]"
- name: "[variables('nsgName')]"
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
properties:
mode: Incremental
templateLink:
uri: "[variables('nsgSetupURL')]"
contentVersion: "1.0.0.1"
parameters:
location:
value: "[parameters('location')]"
nsgName:
value: "[variables('nsgName')]"
srcIPInboundNSG:
value: "[parameters('srcIPInboundNSG')]"
virtualNetworkAddressPrefix:
value: "[variables('virtualNetworkAddressPrefix')]"
- name: SettingUpVirtualNetwork
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
dependsOn:
- "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]"
properties:
mode: Incremental
templateLink:
uri: "[variables('vnetSetupURL')]"
contentVersion: "1.0.0.1"
parameters:
location:
value: "[parameters('location')]"
nsgName:
value: "[variables('nsgName')]"
virtualNetworkName:
value: "[parameters('virtualNetworkName')]"
virtualNetworkAddressPrefix:
value: "[variables('virtualNetworkAddressPrefix')]"
subnets:
value: "[variables('subnets')]"
virtualNetworkExistingRGName:
value: "[parameters('virtualNetworkExistingRGName')]"
- name: SetupNetworkInterfaces
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
dependsOn:
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
properties:
mode: Incremental
templateLink:
uri: "[variables('setupNICsURL')]"
contentVersion: "1.0.0.2"
parameters:
location:
value: "[parameters('location')]"
nicName:
value: "[variables('nicName')]"
subnet0Name:
value: "[parameters('subnet0Name')]"
subnet0StartAddress:
value: "[parameters('subnet0StartAddress')]"
subnet1Name:
value: "[parameters('subnet1Name')]"
subnet1StartAddress:
value: "[parameters('subnet1StartAddress')]"
subnet2Name:
value: "[parameters('subnet2Name')]"
subnet2StartAddress:
value: "[parameters('subnet2StartAddress')]"
virtualNetworkName:
value: "[parameters('virtualNetworkName')]"
virtualNetworkExistingRGName:
value: "[parameters('virtualNetworkExistingRGName')]"
PublicIPResourceId:
value: "[reference('SettingUpPublicIPs').outputs.publicIpId.value]"
- name: "PAN-VM"
type: "Microsoft.Resources/deployments"
apiVersion: "2017-05-10"
dependsOn:
- "Microsoft.Resources/deployments/SettingUpStorageAccount"
- "Microsoft.Resources/deployments/SettingUpPublicIPs"
- "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]"
- "Microsoft.Resources/deployments/SettingUpVirtualNetwork"
- "Microsoft.Resources/deployments/SetupNetworkInterfaces"
properties:
mode: Incremental
templateLink:
uri: "[variables('vmTemplateUrl')]"
contentVersion: "1.0.0.5"
parameters:
location:
value: "[parameters('location')]"
customData:
value: "[parameters('customData')]"
vmName:
value: "[parameters('vmName')]"
publicIPAddressName:
value: "[parameters('publicIPAddressName')]"
imageSku:
value: "[variables('imageSku')]"
imageOffer:
value: "[variables('imageOffer')]"
imagePublisher:
value: "[variables('imagePublisher')]"
imageVersion:
value: "[parameters('imageVersion')]"
nicName:
value: "[variables('nicName')]"
vmSize:
value: "[parameters('vmSize')]"
adminUsername:
value: "[parameters('adminUsername')]"
adminPassword:
value: "[parameters('adminPassword')]"
storageAccountName:
value: "[parameters('storageAccountName')]"
storageAccountExistingRG:
value: "[parameters('storageAccountExistingRG')]"
sshKey:
value: "[parameters('sshKey')]"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.