The Azure Quickstart templates are currently available in English
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering.
Bu Azure Resource Manager (ARM) şablonu Microsoft tarafından değil bir topluluk üyesi tarafından oluşturulmuştur. Her bir ARM şablonu size Microsoft tarafından değil, bir lisans sözleşmesi altında sahibi tarafından lisanslanmıştır. Microsoft, topluluk üyeleri tarafından sağlanan ve lisanslanan ARM şablonlarından sorumlu değildir ve güvenlik, uyumluluk ve performans denetimi yapmaz. Topluluk ARM şablonları herhangi bir Microsoft destek programı veya hizmeti altında desteklenmez ve herhangi bir garanti olmaksızın OLDUĞU GİBİ kullanıma sunulur.
Parametreler
| Parametre Adı | Açıklama |
|---|---|
| adlsStorageAccountName | Specifies the globally unique DNS Name for the ADLS Gen 2 storage account. |
| blobStorageAccountName | Specifies the globally unique name for the storage account used to store the test file system and the boot diagnostics logs of the virtual machines. |
| adlsStorageAccountNetworkAclsDefaultAction | Specifies the default action of allow or deny when no other rules match for the ADLS storage account. |
| blobStorageAccountNetworkAclsDefaultAction | Allow or disallow public access to all blobs or containers in the Blob storage account. The default interpretation is true for this property. |
| adlsStorageAccountAllowBlobPublicAccess | Allow or disallow public access to all blobs or containers in the ADLS storage account. The default interpretation is true for this property. |
| blobStorageAccountAllowBlobPublicAccess | Allow or disallow public access to all blobs or containers in the Blob storage account. The default interpretation is true for this property. |
| deployCustomDnsForwarder | Specify whether deploy a custom DNS forwarder in the Hub Virtual Network. Default value is false. |
| dnsAvailabilitySetName | Name of the Availability Set used by the DNS virtual machine. |
| dnsVmName | Specifies the name of the DNS virtual machine. |
| devVmName | Specifies the name of the virtual machine in the Development Virtual Network. |
| prodVmName | Specifies the name of the virtual machine in the Production Virtual Network. |
| vmSize | Specifies the size of the virtual machine. |
| imagePublisher | Specifies the image publisher of the disk image used to create the virtual machine. |
| imageOffer | Specifies the offer of the platform image or marketplace image used to create the virtual machine. |
| imageSku | Specifies the Ubuntu version for the VM. This will pick a fully patched image of this given Ubuntu version. |
| authenticationType | Specifies the type of authentication when accessing the Virtual Machine. SSH key is recommended. |
| adminUsername | Specifies the name of the administrator account of the virtual machine. |
| adminPasswordOrKey | Specifies the SSH Key or password for the virtual machine. SSH key is recommended. |
| diskStorageAccounType | Defines the storage account type for OS and data disk. |
| numDataDisks | Specifies the number of data disks of the virtual machine. |
| osDiskSize | The size in GB of the OS disk of the VM. |
| dataDiskSize | Specifies the size in GB of the OS disk of the virtual machine. |
| dataDiskCaching | Specifies the caching requirements for the data disks. |
| _artifactsLocation | Specifies the base URI where artifacts required by this template are located including a trailing '/' |
| _artifactsLocationSasToken | Specifies the sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured. |
| adlsStorageAccountAdlsPrivateEndpointName | Specifies the name of the adls private endpoint to the adls storage account. |
| adlsStorageAccountBlobPrivateEndpointName | Specifies the name of the blob private endpoint to the adls storage account. |
| blobStorageAccountBlobPrivateEndpointName | Specifies the name of the blob private endpoint to the boot diagnostics storage account. |
| privateDnsZoneName | Private DNS Zone name. |
| workspaceName | the name of the Log Analytics workspace. |
| workspaceSku | The sku of the Log Analytics workspace. |
| firewallName | The name of the Azure Firewall. |
| firewallAvailabilityZones | Zone numbers e.g. 1,2,3. |
| numberOfFirewallPublicIPAddresses | Number of public IP addresses for the Azure Firewall |
| createDnatRuleCollection | Specifies whether create DNAT rule collection in the Azure Firewall policy or not. |
| deployVpnGateway | Specifies whether deploy a VPN Gateway in the Hub or not. |
| gatewaySku | The SKU of the Gateway, if deployed |
| gatewayType | The type of this virtual network gateway. - Vpn or ExpressRoute |
| vpnType | The type of this virtual network gateway. - PolicyBased or RouteBased |
| enableBgp | Whether BGP is enabled for this virtual network gateway or not. |
| location | Location for all resources. |
| hubVnetName | (açıklama yok) |
| hubVnetAddressPrefix | (açıklama yok) |
| hubVnetFirewallSubnetName | The name of the Firewall subnet. |
| hubVnetFirewallSubnetPrefix | The address prefix of the Firewall subnet. |
| hubVnetCommonSubnetName | The name of the Management subnet. |
| hubVnetCommonSubnetPrefix | The address prefix of the Management subnet. |
| hubVnetGatewaySubnetName | The name of the Development Virtual Network. |
| hubVnetGatewaySubnetPrefix | The address prefix of the Gateway subnet. |
| gatewayName | The name of gateway. |
| devVnetName | The name of the Development Virtual Network. |
| devVnetAddressPrefix | The address prefix of the Development Virtual Network. |
| prodVnetName | The name of the Production Virtual Network. |
| prodVnetAddressPrefix | The address prefix of the Production Virtual Network. |
| devVnetDefaultSubnetName | The name of the Workload subnet. |
| devVNetDefaultSubnetPrefix | The address prefix of the Workload subnet in the Development Virtual Network. |
| prodVnetDefaultSubnetName | The name of the Workload subnet. |
| prodVNetDefaultSubnetPrefix | The address prefix of the Workload subnet in the Production Virtual Network. |
| hubVnetBastionSubnetPrefix | Specifies the Bastion subnet IP prefix. This prefix must be within vnet IP prefix address space. |
| bastionHostName | Specifies the name of the Azure Bastion resource. |
| firewallPolicyName | The name of the Firewall Policy uased by the Azure Firewall |
Şablonu kullanın
PowerShell
New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deploymentAzure PowerShell'i yükleme ve yapılandırma
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/azure-firewall-dns-proxy/azuredeploy.json
Komut satırı
az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deploymentAzure Platformlar Arası Komut Satırı Arabirimini Yükleme ve Yapılandırma
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/azure-firewall-dns-proxy/azuredeploy.json