| { | |
| "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.20", | |
| "parameters": { | |
| "location": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "The region to deploy the resources into" | |
| } | |
| }, | |
| "srcIPInboundNSG": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Your source public IP address. Added to the inbound NSG on eth0 (MGMT)" | |
| }, | |
| "defaultValue": "0.0.0.0/0" | |
| }, | |
| "customData": { | |
| "type": "string", | |
| "defaultValue": "echo customData", | |
| "metadata": { | |
| "description": "String passed down to the Virtual Machine." | |
| } | |
| }, | |
| "vmName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of VM-Series VM in the Azure portal" | |
| }, | |
| "defaultValue": "VM-Series" | |
| }, | |
| "imageVersion": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "latest", | |
| "8.1.0", | |
| "8.0.0", | |
| "7.1.1" | |
| ], | |
| "metadata": { | |
| "description": "Version number of VM-Series VM in the Azure portal" | |
| }, | |
| "defaultValue": "latest" | |
| }, | |
| "vmSize": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Standard_D3", | |
| "Standard_D4", | |
| "Standard_D3_v2", | |
| "Standard_D4_v2", | |
| "Standard_D5_v2", | |
| "Standard_A4" | |
| ], | |
| "metadata": { | |
| "description": "Azure VM size for VM-Series" | |
| }, | |
| "defaultValue": "Standard_D3_v2" | |
| }, | |
| "virtualNetworkName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of the Virtual Network (VNET)" | |
| }, | |
| "defaultValue": "fwVNET" | |
| }, | |
| "vnetNewOrExisting": { | |
| "type": "string", | |
| "defaultValue": "new", | |
| "allowedValues": [ | |
| "new", | |
| "existing" | |
| ], | |
| "metadata": { | |
| "description": "Use new or existing VNET" | |
| } | |
| }, | |
| "virtualNetworkAddressPrefixes": { | |
| "type": "array", | |
| "defaultValue": "[array('192.168.0.0/16')]", | |
| "metadata": { | |
| "description": "Virtual network address CIDR" | |
| } | |
| }, | |
| "virtualNetworkExistingRGName": { | |
| "type": "string", | |
| "defaultValue": "", | |
| "metadata": { | |
| "description": "Name of resource group of existing VNET (if applicable)" | |
| } | |
| }, | |
| "subnet0Name": { | |
| "type": "string", | |
| "defaultValue": "Mgmt", | |
| "metadata": { | |
| "description": "Subnet for Management" | |
| } | |
| }, | |
| "subnet1Name": { | |
| "type": "string", | |
| "defaultValue": "Untrust", | |
| "metadata": { | |
| "description": "Subnet for Untrust" | |
| } | |
| }, | |
| "subnet2Name": { | |
| "type": "string", | |
| "defaultValue": "Trust", | |
| "metadata": { | |
| "description": "Subnet for Trust" | |
| } | |
| }, | |
| "subnet0Prefix": { | |
| "type": "string", | |
| "defaultValue": "192.168.0.0/24", | |
| "metadata": { | |
| "description": "Mgmt subnet CIDR" | |
| } | |
| }, | |
| "subnet1Prefix": { | |
| "type": "string", | |
| "defaultValue": "192.168.1.0/24", | |
| "metadata": { | |
| "description": "Untrust subnet CIDR" | |
| } | |
| }, | |
| "subnet2Prefix": { | |
| "type": "string", | |
| "defaultValue": "192.168.2.0/24", | |
| "metadata": { | |
| "description": "Trust subnet CIDR" | |
| } | |
| }, | |
| "subnet0StartAddress": { | |
| "type": "string", | |
| "defaultValue": "192.168.0.4", | |
| "metadata": { | |
| "description": "Mgmt subnet start address" | |
| } | |
| }, | |
| "subnet1StartAddress": { | |
| "type": "string", | |
| "defaultValue": "192.168.1.4", | |
| "metadata": { | |
| "description": "Untrust subnet start address" | |
| } | |
| }, | |
| "subnet2StartAddress": { | |
| "type": "string", | |
| "defaultValue": "192.168.2.4", | |
| "metadata": { | |
| "description": "Trust subnet start address" | |
| } | |
| }, | |
| "adminUsername": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Username of the administrator account of VM-Series" | |
| } | |
| }, | |
| "adminPassword": { | |
| "type": "securestring", | |
| "defaultValue": "", | |
| "metadata": { | |
| "description": "Password for the administrator account of VM-Series" | |
| } | |
| }, | |
| "baseUrl": { | |
| "type": "string", | |
| "metadata": { | |
| "artifactsBaseUrl": "", | |
| "description": "URL to acquire other VM-Series for Azure templates" | |
| }, | |
| "defaultValue": "https://mprpdfartifactstore.azureedge.net/publicartifacts/paloaltonetworks.vmseries-ngfw-7ef69be7-5c44-44b4-aeac-f1311b93893f-byol/Artifacts" | |
| }, | |
| "PublicIPNewOrExisting": { | |
| "type": "string", | |
| "defaultValue": "new", | |
| "allowedValues": [ | |
| "new", | |
| "existing" | |
| ], | |
| "metadata": { | |
| "description": "Public IP for mgmt interface is new or existing" | |
| } | |
| }, | |
| "PublicIPRGName": { | |
| "type": "string", | |
| "defaultValue": "", | |
| "metadata": { | |
| "description": "Resource Group containing existing public IP" | |
| } | |
| }, | |
| "publicIPAddressName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of existing public IP resource" | |
| } | |
| }, | |
| "storageAccountName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name prefix of the new storage account created to store the VM's disks" | |
| } | |
| }, | |
| "storageAccountNewOrExisting": { | |
| "type": "string", | |
| "defaultValue": "new", | |
| "allowedValues": [ | |
| "new", | |
| "existing" | |
| ], | |
| "metadata": { | |
| "Description": "Storage Account is new or existing" | |
| } | |
| }, | |
| "storageAccountExistingRG": { | |
| "type": "string", | |
| "defaultValue": "[resourceGroup().name]", | |
| "metadata": { | |
| "description": "Storage's Resource Group for existing VM." | |
| } | |
| }, | |
| "storageAccountType": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Standard_LRS", | |
| "Standard_GRS", | |
| "Standard_RAGRS" | |
| ], | |
| "metadata": { | |
| "description": "Type of the storage account created" | |
| }, | |
| "defaultValue": "Standard_LRS" | |
| }, | |
| "bootstrap": { | |
| "type": "string", | |
| "defaultValue": "no", | |
| "allowedValues": [ | |
| "yes", | |
| "no" | |
| ], | |
| "metadata": { | |
| "description": "Pass bootstrap data to VM" | |
| } | |
| }, | |
| "authenticationType": { | |
| "type": "string", | |
| "metadata": { | |
| "descritpion": "Type of administrator user authentication " | |
| }, | |
| "allowedValues": [ | |
| "sshPublicKey", | |
| "password" | |
| ], | |
| "defaultValue": "password" | |
| }, | |
| "sshKey": { | |
| "type": "string", | |
| "defaultValue": "", | |
| "metadata": { | |
| "description": "SSH rsa public key file as a string." | |
| } | |
| } | |
| }, | |
| "variables": { | |
| "imagePublisher": "paloaltonetworks", | |
| "imageSku": "byol", | |
| "imageOffer": "vmseries1", | |
| "nsgName": "DefaultNSG", | |
| "nicName": "[concat(parameters('vmName'), '-', parameters('publicIPAddressName'), '-eth')]", | |
| "FWPrivateIPAddressUntrust": "[parameters('subnet1StartAddress')]", | |
| "FWPrivateIPAddressTrust": "[parameters('subnet2StartAddress')]", | |
| "vnetID": "[resourceId(parameters('virtualNetworkExistingRGName'),concat('Microsoft.Network','/','virtualNetworks'),parameters('virtualNetworkName'))]", | |
| "subnet0Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]", | |
| "subnet1Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]", | |
| "subnet2Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet2Name'))]", | |
| "publicIPAddressType": "Dynamic", | |
| "virtualNetworkAddressPrefix": "[parameters('virtualNetworkAddressPrefixes')[0]]", | |
| "subnets": [ | |
| { | |
| "name": "[parameters('subnet0Name')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('subnet0Prefix')]", | |
| "networkSecurityGroup": { | |
| "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsgName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "name": "[parameters('subnet1Name')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('subnet1Prefix')]" | |
| } | |
| }, | |
| { | |
| "name": "[parameters('subnet2Name')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('subnet2Prefix')]" | |
| } | |
| } | |
| ], | |
| "storageAccountSetupURL": "[concat(parameters('baseUrl'),'/storageAccount-',parameters('storageAccountNewOrExisting'),'.json')]", | |
| "nsgSetupURL": "[concat(parameters('baseUrl'),'/nsg-new.json')]", | |
| "SettingUpPublicIPUrl": "[concat(parameters('baseUrl'),'/publicip-',parameters('PublicIPNewOrExisting'),'.json')]", | |
| "vnetSetupURL": "[concat(parameters('baseUrl'),'/vnet-', parameters('vnetNewOrExisting'),'.json')]", | |
| "setupNICsURL": "[concat(parameters('baseUrl'),'/setupNICS-', parameters('vnetNewOrExisting'),'.json')]", | |
| "vmTemplateUrl": "[concat(parameters('baseUrl'), '/virtual-machine-', parameters('authenticationType'),'-bs-', parameters('bootstrap'), '.json')]" | |
| }, | |
| "resources": [ | |
| { | |
| "apiVersion": "2017-05-10", | |
| "name": "pid-ADB0E49C-84A5-421C-B6DC-52AA207049D1", | |
| "type": "Microsoft.Resources/deployments", | |
| "properties": { | |
| "mode": "Incremental", | |
| "template": { | |
| "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "resources": [] | |
| } | |
| } | |
| }, | |
| { | |
| "name": "SettingUpStorageAccount", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('storageAccountSetupURL')]", | |
| "contentVersion": "1.0.0.1" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "storageAccountType": { | |
| "value": "[parameters('storageAccountType')]" | |
| }, | |
| "storageAccountName": { | |
| "value": "[parameters('storageAccountName')]" | |
| }, | |
| "storageAccountExistingRG": { | |
| "value": "[parameters('storageAccountExistingRG')]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "SettingUpPublicIPs", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('SettingUpPublicIPUrl')]", | |
| "contentVersion": "1.0.0.2" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "publicIPAddressName": { | |
| "value": "[parameters('publicIPAddressName')]" | |
| }, | |
| "publicIPAddressType": { | |
| "value": "[variables('publicIPAddressType')]" | |
| }, | |
| "publicIpRGName": { | |
| "value": "[parameters('PublicIPRGName')]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "[variables('nsgName')]", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('nsgSetupURL')]", | |
| "contentVersion": "1.0.0.1" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "nsgName": { | |
| "value": "[variables('nsgName')]" | |
| }, | |
| "srcIPInboundNSG": { | |
| "value": "[parameters('srcIPInboundNSG')]" | |
| }, | |
| "virtualNetworkAddressPrefix": { | |
| "value": "[variables('virtualNetworkAddressPrefix')]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "SettingUpVirtualNetwork", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]" | |
| ], | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('vnetSetupURL')]", | |
| "contentVersion": "1.0.0.1" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "nsgName": { | |
| "value": "[variables('nsgName')]" | |
| }, | |
| "virtualNetworkName": { | |
| "value": "[parameters('virtualNetworkName')]" | |
| }, | |
| "virtualNetworkAddressPrefix": { | |
| "value": "[variables('virtualNetworkAddressPrefix')]" | |
| }, | |
| "subnets": { | |
| "value": "[variables('subnets')]" | |
| }, | |
| "virtualNetworkExistingRGName": { | |
| "value": "[parameters('virtualNetworkExistingRGName')]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "SetupNetworkInterfaces", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "dependsOn": [ | |
| "Microsoft.Resources/deployments/SettingUpVirtualNetwork", | |
| "Microsoft.Resources/deployments/SettingUpVirtualNetwork" | |
| ], | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('setupNICsURL')]", | |
| "contentVersion": "1.0.0.2" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "nicName": { | |
| "value": "[variables('nicName')]" | |
| }, | |
| "subnet0Name": { | |
| "value": "[parameters('subnet0Name')]" | |
| }, | |
| "subnet0StartAddress": { | |
| "value": "[parameters('subnet0StartAddress')]" | |
| }, | |
| "subnet1Name": { | |
| "value": "[parameters('subnet1Name')]" | |
| }, | |
| "subnet1StartAddress": { | |
| "value": "[parameters('subnet1StartAddress')]" | |
| }, | |
| "subnet2Name": { | |
| "value": "[parameters('subnet2Name')]" | |
| }, | |
| "subnet2StartAddress": { | |
| "value": "[parameters('subnet2StartAddress')]" | |
| }, | |
| "virtualNetworkName": { | |
| "value": "[parameters('virtualNetworkName')]" | |
| }, | |
| "virtualNetworkExistingRGName": { | |
| "value": "[parameters('virtualNetworkExistingRGName')]" | |
| }, | |
| "PublicIPResourceId": { | |
| "value": "[reference('SettingUpPublicIPs').outputs.publicIpId.value]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "PAN-VM", | |
| "type": "Microsoft.Resources/deployments", | |
| "apiVersion": "2017-05-10", | |
| "dependsOn": [ | |
| "Microsoft.Resources/deployments/SettingUpStorageAccount", | |
| "Microsoft.Resources/deployments/SettingUpPublicIPs", | |
| "[concat('Microsoft.Resources/deployments/', variables('nsgName'))]", | |
| "Microsoft.Resources/deployments/SettingUpVirtualNetwork", | |
| "Microsoft.Resources/deployments/SetupNetworkInterfaces" | |
| ], | |
| "properties": { | |
| "mode": "Incremental", | |
| "templateLink": { | |
| "uri": "[variables('vmTemplateUrl')]", | |
| "contentVersion": "1.0.0.5" | |
| }, | |
| "parameters": { | |
| "location": { | |
| "value": "[parameters('location')]" | |
| }, | |
| "customData": { | |
| "value": "[parameters('customData')]" | |
| }, | |
| "vmName": { | |
| "value": "[parameters('vmName')]" | |
| }, | |
| "publicIPAddressName": { | |
| "value": "[parameters('publicIPAddressName')]" | |
| }, | |
| "imageSku": { | |
| "value": "[variables('imageSku')]" | |
| }, | |
| "imageOffer": { | |
| "value": "[variables('imageOffer')]" | |
| }, | |
| "imagePublisher": { | |
| "value": "[variables('imagePublisher')]" | |
| }, | |
| "imageVersion": { | |
| "value": "[parameters('imageVersion')]" | |
| }, | |
| "nicName": { | |
| "value": "[variables('nicName')]" | |
| }, | |
| "vmSize": { | |
| "value": "[parameters('vmSize')]" | |
| }, | |
| "adminUsername": { | |
| "value": "[parameters('adminUsername')]" | |
| }, | |
| "adminPassword": { | |
| "value": "[parameters('adminPassword')]" | |
| }, | |
| "storageAccountName": { | |
| "value": "[parameters('storageAccountName')]" | |
| }, | |
| "storageAccountExistingRG": { | |
| "value": "[parameters('storageAccountExistingRG')]" | |
| }, | |
| "sshKey": { | |
| "value": "[parameters('sshKey')]" | |
| } | |
| } | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
edit