How to fix vNet peering template - azure

I am using nested templates to create a hub and spoke Azure networking deployment. I have 3 nested templates and currently it creates 1 at a time. When I create the vNet peerings, the other virtual networks have not created, therefore the first nested template doesn't complete because it's trying to reference a vNet that doesn't exist. I have tried a depends on before the vNet peerings, although it fails saying the resources are never mentioned in the templates.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"type": "string",
"metadata": {
"description": "VNet name"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"internalvNetName": {
"type": "string",
"metadata": {
"description": "Internal vNet Name"
}
},
"internalvNetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Internal vNet Address Prefix"
}
},
"internal-subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"internal-subnet1": {
"type": "string",
"metadata": {
"description": "internal Subnet 1 Name"
}
},
"internal-NSG": {
"type": "string",
"metadata": {
"description": "internal NSG Name"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"internalServersRG": {
"type": "string",
"metadata": {
"description": "resource group for Internal servers"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('internalserversrg')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('vnetname'), '/peered-to-', parameters('dmzvnet'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('DMZresourcegroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('DMZvNet'))]"
}
}
},
{
"name": "[concat(parameters('vnetname'), '/peered-to-', parameters('internalvNetName'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('internalServersRG'), '/providers/Microsoft.Network/virtualNetworks/', parameters('internalvNetName'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.1.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.1.1.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
],
"outputs": {}
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]",
"HUBTemplate"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('dmzvnet'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('dmzvnet'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('HUBResourceGroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetname'))]"
}
}
},
{
"name": "[concat(parameters('dmzvnet'), '/peered-to-', parameters('internalvNetName'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('dmzvnet'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('internalServersRG'), '/providers/Microsoft.Network/virtualNetworks/', parameters('internalvNetName'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('DMZNSG')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
}
]
}
}
],
"outputs": {}
}
}
},
{
"apiVersion": "2017-05-10",
"name": "internalserverstemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('internalserversrg')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('internalserversrg'))]",
"DMZTemplate"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('internalvNetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('internalvNetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('internal-subnet1')]",
"properties": {
"addressPrefix": "[parameters('internal-subnet1Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('internalvNetName'), '/peered-to-', parameters('dmzvnet'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('internalvNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('DMZresourceGroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('DMZvNet'))]"
}
}
},
{
"name": "[concat(parameters('internalvNetName'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('internalvNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('HUBresourceGroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetname'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('internal-NSG')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
}
]
}
}
],
"outputs": {}
}
}
}
]
}

I would do almost exactly what you are doing, but I would create nested templates for peerings, because you have chicken and egg problem. you need to create vnet, wait for its neighbour vnet to come up and then create peering. but in a deployment you can only wait for the resources in the same deployment, so its essentially impossible, unless you create all the vnets "at once" and only start to peer things together once all the vnets are ready.

Related

getting error "The schedule should be created" while creating VM shutdown schedule using ARM template

I am getting the following error when I tried creating a shutdown schedule for VM in azure using the ARM template.
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.",
"details": [
{
"code": "InvalidScheduleId",
"message": "The schedule should be created in subscription xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, resource group shared-infra-rc-rg and with name shutdown-computevm-xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx-pg-rc."
}
]
}
Part of my ARM template
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2019-03-01",
"name": "[variables('vmName')]",
"location": "[parameters('location')]",
"tags": {"envId":"[parameters('envId')]"},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces/', variables('networkInterfaceName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('VmSize')]"
},
"storageProfile": {
"osDisk": {
"createOption": "fromImage",
"managedDisk": {
"storageAccountType": "[variables('osDiskType')]"
}
},
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "[parameters('ubuntuOSVersion')]",
"version": "latest"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('networkInterfaceName'))]"
}
]
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPasswordOrKey')]",
"linuxConfiguration": "[if(equals(parameters('authenticationType'), 'password'), json('null'), variables('linuxConfiguration'))]",
"customData": "[parameters('customData')]"
}
}
},
{
"name": "[variables('autoshutdownScheduleName')]",
"type": "Microsoft.DevTestLab/schedules",
"apiVersion": "2018-09-15",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', variables('vmName'))]"
],
"properties": {
"status": "[parameters('autoShutdownStatus')]",
"taskType": "ComputeVmShutdownTask",
"dailyRecurrence": {
"time": "[parameters('autoShutdownTime')]"
},
"timeZoneId": "[parameters('autoShutdownTimeZone')]",
"targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', variables('vmName'))]",
"notificationSettings": {
"status": "Disabled",
"notificationLocale": "en"
}
}
}
Other observations
all other resources are getting created except the schedule.
Edits
The name needs to be exactly 'shutdown-computevm-${vmName}'
bicep sample:
resource vmScheduledShutdown 'microsoft.devtestlab/schedules#2018-09-15' = {
name: 'shutdown-computevm-${vmName}'
location: Location
properties: {
status: 'Enabled'
taskType: 'ComputeVmShutdownTask'
dailyRecurrence: {
time: '0400'
}
timeZoneId: 'Central European Standard Time'
targetResourceId: resourceId('Microsoft.Compute/virtualMachines', vmName)
}
dependsOn:[
vm
]
}
We have tried to create VM with auto shutdown enabled using the below ARM template and we are able to deploy it successfully .
ARM template :-
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"adminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adminPassword": {
"type": "secureString",
"metadata": {
"description": "Password for the Virtual Machine."
}
},
"dnsLabelPrefix": {
"type": "string",
"defaultValue": "[toLower(format('{0}-{1}', parameters('vmName'), uniqueString(resourceGroup().id, parameters('vmName'))))]",
"metadata": {
"description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
}
},
"publicIpName": {
"type": "string",
"defaultValue": "myPublicIP",
"metadata": {
"description": "Name for the Public IP used to access the Virtual Machine."
}
},
"publicIPAllocationMethod": {
"type": "string",
"defaultValue": "Dynamic",
"allowedValues": [
"Dynamic",
"Static"
],
"metadata": {
"description": "Allocation method for the Public IP used to access the Virtual Machine."
}
},
"publicIpSku": {
"type": "string",
"defaultValue": "Basic",
"allowedValues": [
"Basic",
"Standard"
],
"metadata": {
"description": "SKU for the Public IP used to access the Virtual Machine."
}
},
"OSVersion": {
"type": "string",
"defaultValue": "2019-datacenter-gensecond",
"allowedValues": [
"2019-datacenter-gensecond",
"2019-datacenter-core-gensecond",
"2019-datacenter-core-smalldisk-gensecond",
"2019-datacenter-core-with-containers-gensecond",
"2019-datacenter-core-with-containers-smalldisk-g2",
"2019-datacenter-smalldisk-gensecond",
"2019-datacenter-with-containers-gensecond",
"2019-datacenter-with-containers-smalldisk-g2",
"2016-datacenter-gensecond"
],
"metadata": {
"description": "The Windows version for the VM. This will pick a fully patched Gen2 image of this given Windows version."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D2s_v3",
"metadata": {
"description": "Size of the virtual machine."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"vmName": {
"type": "string",
"defaultValue": "simple-vm",
"metadata": {
"description": "Name of the virtual machine."
}
},
"autoShutdownStatus": {
"type": "string",
"defaultValue": "Enabled"
},
"autoShutdownTime": {
"type": "string",
"defaultValue": "19:00"
},
"autoShutdownTimeZone": {
"type": "string",
"defaultValue": "UTC"
},
"autoShutdownNotificationStatus": {
"type": "string",
"defaultValue": "Enabled"
},
"autoShutdownNotificationLocale": {
"type": "string",
"defaultValue": "en"
},
"autoShutdownNotificationEmail": {
"type": "string",
"defaultValue": "youremailID#microsoft.com"
}
},
"variables": {
"storageAccountName": "[format('bootdiags{0}', uniqueString(resourceGroup().id))]",
"nicName": "myVMNic",
"addressPrefix": "10.0.0.0/16",
"subnetName": "Subnet",
"subnetPrefix": "10.0.0.0/24",
"virtualNetworkName": "MyVNET",
"networkSecurityGroupName": "default-NSG"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2021-04-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage"
},
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2021-02-01",
"name": "[parameters('publicIpName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('publicIpSku')]"
},
"properties": {
"publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]",
"dnsSettings": {
"domainNameLabel": "[parameters('dnsLabelPrefix')]"
}
}
},
{
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2021-02-01",
"name": "[variables('networkSecurityGroupName')]",
"location": "[parameters('location')]",
"properties": {
"securityRules": [
{
"name": "default-allow-3389",
"properties": {
"priority": 1000,
"access": "Allow",
"direction": "Inbound",
"destinationPortRange": "3389",
"protocol": "Tcp",
"sourcePortRange": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*"
}
}
]
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-02-01",
"name": "[variables('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
}
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
]
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2021-02-01",
"name": "[variables('nicName')]",
"location": "[parameters('location')]",
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]"
}
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-03-01",
"name": "[parameters('vmName')]",
"location": "[parameters('location')]",
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "[parameters('OSVersion')]",
"version": "latest"
},
"osDisk": {
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS"
}
},
"dataDisks": [
{
"diskSizeGB": 1023,
"lun": 0,
"createOption": "Empty"
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))).primaryEndpoints.blob]"
}
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
]
},
{
"name": "[concat('shutdown-computevm-', parameters('vmName'))]",
"type": "Microsoft.DevTestLab/schedules",
"apiVersion": "2017-04-26-preview",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
],
"properties": {
"status": "[parameters('autoShutdownStatus')]",
"taskType": "ComputeVmShutdownTask",
"dailyRecurrence": {
"time": "[parameters('autoShutdownTime')]"
},
"timeZoneId": "[parameters('autoShutdownTimeZone')]",
"targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('vmName'))]",
"notificationSettings": {
"status": "[parameters('autoShutdownNotificationStatus')]",
"notificationLocale": "[parameters('autoShutdownNotificationLocale')]",
"timeInMinutes": "30",
"emailRecipient": "[parameters('autoShutdownNotificationEmail')]"
}
}
}
],
"outputs": {
"hostname": {
"type": "string",
"value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))).dnsSettings.fqdn]"
}
}
}
Sample OUTPUT for reference:-
Auto shut down enabled:
For more information refer this MS Q&A as suggested by JamesTran-MSFT

How do I output a generated adminPassword for a Virtual Machine?

I've created a Virtual Machine resource with a uniqueString() to generate a password. I now want to display the password in the "outputs". How do I do this?
Note: It does not seem possible to let the Parameters generate a uniqueString(), hence I need to retrieve the password from the VM somehow.
Just try the template below to create a windows VM with auto-generated password and account info output:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"adminUsername": {
"type": "string",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adminPassword": {
"type": "securestring",
"defaultValue": "[concat('P', uniqueString(resourceGroup().id, parameters('adminUsername')), 'x', '!')]",
"metadata": {
"description": "Password for the Virtual Machine."
}
},
"dnsLabelPrefix": {
"type": "string",
"defaultValue": "[toLower(concat(parameters('vmName'),'-', uniqueString(resourceGroup().id, parameters('vmName'))))]",
"metadata": {
"description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
}
},
"publicIpName": {
"type": "string",
"defaultValue": "myPublicIP",
"metadata": {
"description": "Name for the Public IP used to access the Virtual Machine."
}
},
"publicIPAllocationMethod": {
"type": "string",
"defaultValue": "Dynamic",
"allowedValues": [
"Dynamic",
"Static"
],
"metadata": {
"description": "Allocation method for the Public IP used to access the Virtual Machine."
}
},
"publicIpSku": {
"type": "string",
"defaultValue": "Basic",
"allowedValues": [
"Basic",
"Standard"
],
"metadata": {
"description": "SKU for the Public IP used to access the Virtual Machine."
}
},
"OSVersion": {
"type": "string",
"defaultValue": "2019-Datacenter",
"allowedValues": [
"2008-R2-SP1",
"2012-Datacenter",
"2012-R2-Datacenter",
"2016-Nano-Server",
"2016-Datacenter-with-Containers",
"2016-Datacenter",
"2019-Datacenter",
"2019-Datacenter-Core",
"2019-Datacenter-Core-smalldisk",
"2019-Datacenter-Core-with-Containers",
"2019-Datacenter-Core-with-Containers-smalldisk",
"2019-Datacenter-smalldisk",
"2019-Datacenter-with-Containers",
"2019-Datacenter-with-Containers-smalldisk"
],
"metadata": {
"description": "The Windows version for the VM. This will pick a fully patched image of this given Windows version."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D2_v3",
"metadata": {
"description": "Size of the virtual machine."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"vmName": {
"type": "string",
"defaultValue": "simple-vm",
"metadata": {
"description": "Name of the virtual machine."
}
}
},
"variables": {
"storageAccountName": "[concat('bootdiags', uniquestring(resourceGroup().id))]",
"nicName": "myVMNic",
"addressPrefix": "10.0.0.0/16",
"subnetName": "Subnet",
"subnetPrefix": "10.0.0.0/24",
"virtualNetworkName": "MyVNET",
"subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]",
"networkSecurityGroupName": "default-NSG"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-06-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"properties": {}
},
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2020-06-01",
"name": "[parameters('publicIPName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('publicIpSku')]"
},
"properties": {
"publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]",
"dnsSettings": {
"domainNameLabel": "[parameters('dnsLabelPrefix')]"
}
}
},
{
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2020-06-01",
"name": "[variables('networkSecurityGroupName')]",
"location": "[parameters('location')]",
"properties": {
"securityRules": [
{
"name": "default-allow-3389",
"properties": {
"priority": 1000,
"access": "Allow",
"direction": "Inbound",
"destinationPortRange": "3389",
"protocol": "Tcp",
"sourcePortRange": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*"
}
}
]
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2020-06-01",
"name": "[variables('virtualNetworkName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
}
}
}
]
}
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2020-06-01",
"name": "[variables('nicName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPName'))]"
},
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
]
}
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2020-06-01",
"name": "[parameters('vmName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]",
"[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[parameters('vmName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "[parameters('OSVersion')]",
"version": "latest"
},
"osDisk": {
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "StandardSSD_LRS"
}
},
"dataDisks": [
{
"diskSizeGB": 1023,
"lun": 0,
"createOption": "Empty"
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))).primaryEndpoints.blob]"
}
}
}
}
],
"outputs": {
"hostname": {
"type": "string",
"value": "[reference(parameters('publicIPName')).dnsSettings.fqdn]"
},
"adminUsername": {
"type": "string",
"value": "[parameters('adminUsername')]"
},
"adminPassword": {
"type": "string",
"value": "[parameters('adminPassword')]"
}
}
}
deploy result by PowerShell:
The only thing that you need to specify is adminUserName.
Connect to the VM my URL and account :
Example on how you can output the value generated by uniqueString() in parameters:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"uniqueRG": {
"defaultValue": "[uniqueString(resourceGroup().id)]",
"type": "String"
}
},
"resources": [],
"outputs": {
"uniqueValue": {
"type": "String",
"value": "[parameters('uniqueRG')]"
}
}
}

Subnet DemoSubnet is in use and cannot be updated

I have created a DemoSubnet and an ElasticIP, then I am trying to deploy a ARM template which has a Virtual machine which is trying to attach with that existing elastic IP. The template works fine initially, and after some time its failing due to below error
"At least one resource deployment operation failed. Please list
deployment operations for details"
Here is the detailed error message from the arm template deployment:
Details=[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n
\"code\": \"InUseSubnetCannotBeUpdated\",\r\n \"message\": \"Subnet
DemoSubnet is in use and cannot be updated.\",\r\n \"details\":
[]\r\n }\r\n}"}]
ARM Temaplate
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"addressPrefixes": {
"defaultValue": [
"10.0.0.0/16"
],
"type": "Array",
"metadata": {
"description": "Address prefix of the virtual network"
}
},
"location": {
"defaultValue": "[resourceGroup().location]",
"type": "String",
"metadata": {
"description": "Location for all resources."
}
},
"publicIpNewOrExisting": {
"defaultValue": "existing",
"type": "String",
"metadata": {
"description": "Determines whether or not a new public ip should be provisioned."
}
},
"publicIpResourceGroupName": {
"defaultValue": "[resourceGroup().name]",
"type": "String",
"metadata": {
"description": "Name of the resource group for the public ip address"
}
},
"storageAccountResourceGroupName": {
"defaultValue": "[resourceGroup().name]",
"type": "String",
"metadata": {
"description": "Name of the resource group for the existing storage account"
}
},
"storageNewOrExisting": {
"defaultValue": "existing",
"type": "String",
"metadata": {
"description": "Determines whether or not a new storage account should be provisioned."
}
},
"subnetPrefix": {
"defaultValue": "10.0.0.0/24",
"type": "String",
"metadata": {
"description": "Subnet prefix of the virtual network"
}
},
"virtualNetworkNewOrExisting": {
"defaultValue": "existing",
"type": "String",
"metadata": {
"description": "Determines whether or not a new virtual network should be provisioned."
}
},
"virtualNetworkResourceGroupName": {
"defaultValue": "[resourceGroup().name]",
"type": "String",
"metadata": {
"description": "Name of the resource group for the existing virtual network"
}
}
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2018-10-01",
"name": "SampleVM",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId(parameters('storageAccountResourceGroupName'),'Microsoft.Storage/storageAccounts/', 'SampleStorageAccnt')]",
"[resourceId('Microsoft.Network/networkInterfaces/', 'SampleNIF')]"
],
"properties": {
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId(parameters('storageAccountResourceGroupName'),'Microsoft.Storage/storageAccounts/', 'SampleStorageAccnt')).primaryEndpoints.blob]"
}
},
"hardwareProfile": {
"vmSize": "Standard_A2"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces','SampleNIF')]"
}
]
},
"osProfile": {
"adminPassword": "rajnikaur#253",
"adminUsername": "adminuser",
"computerName": "SampleVM"
},
"storageProfile": {
"dataDisks": [
{
"createOption": "Empty",
"diskSizeGB": 1023,
"lun": 0
}
],
"imageReference": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
"sku": "2016-Datacenter",
"version": "latest"
},
"osDisk": {
"createOption": "FromImage"
}
}
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-04-01",
"name": "SampleStorageAccnt",
"location": "[parameters('location')]",
"kind": "Storage",
"condition": "[equals(parameters('storageNewOrExisting'), 'existing')]"
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2019-09-01",
"name": "SampleNIF",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId(parameters('virtualNetworkResourceGroupName'),'Microsoft.Network/virtualNetworks/', 'sampleVnet')]",
"[resourceId(parameters('publicIpResourceGroupName'),'Microsoft.Network/publicIPAddresses', 'DemoEIP')]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId(parameters('publicIpResourceGroupName'),'Microsoft.Network/publicIPAddresses', 'DemoEIP')]"
},
"subnet": {
"id": "[resourceId(parameters('virtualNetworkResourceGroupName'),'Microsoft.Network/virtualNetworks/subnets', 'sampleVnet', 'DemoSubnet')]"
}
}
}
]
}
},
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2017-09-01",
"name": "DemoEIP",
"location": "[parameters('location')]",
"properties": {
"publicIPAllocationMethod": "Static"
},
"condition": "[equals(parameters('publicIpNewOrExisting'), 'existing')]"
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2017-09-01",
"name": "sampleVnet",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": "[parameters('addressPrefixes')]"
},
"subnets": [
{
"name": "DemoSubnet",
"properties": {
"addressPrefix": "[parameters('subnetPrefix')]"
}
}
]
},
"condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]"
}
]
}

Attach public ip to nic base on parameter like public or privateonly with multiple VM'S [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
How to attach public ip based on parameter privateonly or public, trying to create it with multiple vms. I am giving here full template which i am running.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for the resources."
}
},
"vmName": {
"type": "string",
"defaultValue": "vm",
"metadata": {
"description": "Name for the Virtual Machine."
}
},
"ClusterType": {
"type": "string",
"defaultValue": "3 vm apache",
"metadata": {
"description": "Type of cluster to deploy, this is using a single storage account"
}
},
"adminUsername": {
"type": "string",
"defaultValue": "centos",
"metadata": {
"description": "User name for the Virtual Machine."
}
},
"adminPasswordOrKey": {
"type": "string"
},
"vmSize": {
"type": "string",
"metadata": {
"description": "Size for the Virtual Machine."
}
},
"storageNewOrExisting": {
"type": "string",
"defaultValue": "new"
},
"storageAccountName": {
"type": "string",
"defaultValue": "[concat('storage', uniqueString(resourceGroup().id))]",
"metadata": {
"description": "Name of the storage account"
}
},
"storageAccountType": {
"type": "string",
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Storage account type"
}
},
"storageAccountResourceGroupName": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "Name of the resource group for the existing storage account"
}
},
"virtualNetworkNewOrExisting": {
"type": "string",
"defaultValue": "new",
"metadata": {
"description": "Determines whether or not a new virtual network should be provisioned."
}
},
"virtualNetworkName": {
"type": "string",
"defaultValue": "VirtualNetwork",
"metadata": {
"description": "Name of the virtual network"
}
},
"addressPrefixes": {
"type": "array",
"defaultValue": [
"10.0.0.0/16"
],
"metadata": {
"description": "Address prefix of the virtual network"
}
},
"subnetName": {
"type": "string",
"defaultValue": "default",
"metadata": {
"description": "Name of the subnet"
}
},
"subnetPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/24",
"metadata": {
"description": "Subnet prefix of the virtual network"
}
},
"virtualNetworkResourceGroupName": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "Name of the resource group for the existing virtual network"
}
},
"vmDataDiskSize":{
"type": "string",
"defaultValue": "50",
"metadata": {
"description": "Minimum data disk size should be 50 GB"
},
"publicIpName": {
"type": "string",
"defaultValue": "rxnode",
"metadata": {
"description": "Name of public IP Address"
}
}
},
"variables": {
"publisher": "OpenLogic",
"offer": "CentOS",
"sku": "7.3",
"version": "latest",
"vmBootDiskSize": 50,
"nicName": "[concat(parameters('vmName'), '-nic-')]",
"numberOfVM": "[int(first(parameters('ClusterType')))]",
"apacheinstallation": "[contains(parameters('ClusterType'), 'apache')]",
"networkSecurityGroupName": "[concat(parameters('vmName'), '-nsg-ssh')]",
"publicIpName": "[concat(parameters('vmName'),'-publicip')]"
"privateIp": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId(parameters('virtualNetworkResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets/', parameters('virtualNetworkName'), parameters('subnetName'))]"
}
},
"copy": [
{
"name": "publicIPAddress",
"count": "[variables('numberOfVM')]",
"input": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIpName'), copyIndex('publicIPAddress')))]"
}
}
]
},
"resources": [
{
"condition": "[equals(parameters('storageNewOrExisting'), 'new')]",
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2018-02-01",
"name": "[parameters('storageAccountName')]",
"location": "[parameters('location')]",
"kind": "Storage",
"sku": {
"name": "[parameters('storageAccountType')]"
}
},
{
"condition": "[equals(parameters('publicIpName'), 'None')]",
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2018-04-01",
"name": "[concat(variables('publicIpName'), copyIndex())]",
"location": "[parameters('location')]",
"copy": {
"name": "ipLoop",
"count": "[variables('numberOfVM')]"
},
"sku": {
"name": "Basic"
},
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'new')]",
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2018-04-01",
"name": "[parameters('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": "[parameters('addressPrefixes')]"
},
"subnets": [
{
"name": "[parameters('subnetName')]",
"properties": {
"addressPrefix": "[parameters('subnetPrefix')]"
}
}
]
}
},
{
"name": "[variables('networkSecurityGroupName')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2018-04-01",
"location": "[parameters('location')]",
"properties": {
"securityRules": [
{
"name": "default-allow-ssh",
"properties": {
"priority": 1000,
"sourceAddressPrefix": "*",
"protocol": "Tcp",
"destinationPortRange": "22",
"access": "Allow",
"direction": "Inbound",
"sourcePortRange": "*",
"destinationAddressPrefix": "*"
}
},
{
"name": "allow-webport-8080",
"properties": {
"priority": 1200,
"sourceAddressPrefix": "*",
"protocol": "Tcp",
"destinationPortRange": "8080",
"access": "Allow",
"direction": "Inbound",
"sourcePortRange": "*",
"destinationAddressPrefix": "*"
}
}
]
}
},
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Network/networkInterfaces",
"name": "[concat(variables('nicName'), copyIndex())]",
"location": "[parameters('location')]",
"copy": {
"name": "nicLoop",
"count": "[variables('numberOfVM')]"
},
"dependsOn": [
"ipLoop",
"[parameters('virtualNetworkName')]",
"[variables('networkSecurityGroupName')]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": "[if(equals(variables('publicipName'), 'None'), variables('privateIp'), union(variables('privateIp'), variables('publicIPAddress')[copyIndex()]))]" }
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
}
}
},
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Compute/virtualMachines",
"name": "[concat(parameters('vmName'), copyIndex())]",
"location": "[parameters('location')]",
"copy": {
"name": "virtualMachineLoop",
"count": "[variables('numberOfVM')]"
},
"dependsOn": [
"[parameters('storageAccountName')]",
"nicLoop"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[concat(parameters('vmName'), copyIndex())]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPasswordOrKey')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
"keyData": "[parameters('adminPasswordOrKey')]"
}
]
}
}
},
"storageProfile": {
"imageReference": {
"publisher": "[variables('publisher')]",
"offer": "[variables('offer')]",
"sku": "[variables('sku')]",
"version": "[variables('version')]"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"diskSizeGB": "[variables('vmBootDiskSize')]"
},
"copy": [
{
"name": "dataDisks",
"count": 1,
"input": {
"caching": "ReadWrite",
"diskSizeGB": "[parameters('vmDataDiskSize')]",
"lun": "[copyIndex('dataDisks')]",
"name": "[concat(parameters('vmName'), '-datadisk', copyIndex(), copyIndex('dataDisks'))]",
"createOption": "Empty"
}
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('nicName'), copyindex()))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId(parameters('storageAccountResourceGroupName'), 'Microsoft.Storage/storageAccounts/', parameters('storageAccountName')), '2018-02-01').primaryEndpoints.blob]"
}
}
}
}
],
"outputs": {
}
}
Here I am putting json context into if condition. If needs to attach public ip then it will pass json context to publicIPAddress else it will pass null value.
you can use union() function with predefined variables to achieve that. a lot cleaner + I'm not sure your way will work with all the escapes (i think you are not allowed to build real json with json() function; at least whatever I tried - failed).
"variables": {
"publicIP": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('publicIpName')))]"
}
},
"privateIp": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId(parameters('virtualNetworkResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets/', parameters('virtualNetworkName'), parameters('subnetName'))]"
}
}
}
and then in your ipConfigurations you can do this:
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": "[if(equals(variables('publicipName'), 'None'), variables('privateIp'), union(variables('privateIp'), variables('publicIp'))]"
}
],
this will use privateIp variable when no public IP is needed and it will add public IP when its needed.
EDIT: if using copyIndex with publicIp you need to do this:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {
"name": "testo",
"copy": [
{
"name": "publicIPAddress",
"count": 3,
"input": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('name'), '-ip-', copyIndex('publicIPAddress')))]"
}
}
}
],
"privateIp": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "resourceId"
}
}
},
"resources": [
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat(variables('name'), '-ip-', copyIndex())]",
"location": "[resourceGroup().location]",
"copy": {
"name": "ipLoop",
"count": 3
},
"properties": {
"publicIPAllocationMethod": "Dynamic"
}
},
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Network/networkInterfaces",
"name": "[concat(variables('name'), copyIndex())]",
"location": "[resourceGroup().location]",
"dependsOn": [
"ipLoop"
],
"copy": {
"name": "nicLoop",
"count": 3
},
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": "[union(variables('privateIp'), variables('publicIPAddress')[copyIndex()])]"
}
]
}
}
]
}

Unable to add vNet peering to nested ARM template

I am trying to create an ARM template which creates 2 resource groups, and then deploys vNets and creates a peering between them. The vNet peering resource in the template is not working. I keep getting the same error and I believe it's because i'm trying to create a peering with a VNET which is in a different VNET/Resource group than the one i'm deploying into.
I am using nested templates to deploy into separate resource groups.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"type": "string",
"metadata": {
"description": "VNet name"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('dmzvnet'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": true,
"remoteVirtualNetwork": {
"id": "/subscriptions/d01e22a2-bdb3-4c7a-92a2-613cc0dc1f30/resourceGroups/dmz-rg/providers/Microsoft.Network/virtualNetworks/dmz-vnet"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
This is the error I am receiving
New-AzureRmDeployment : 16:13:36 - Resource
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
'DMZ-VNET/peered-to-HUB-VNET' failed with message '{ "error": {
"code": "ResourceNotFound",
"message": "The Resource 'Microsoft.Network/virtualNetworks/DMZ-VNET' under resource group
'HUB-RG' was not found." } }' At line:1 char:1
+ New-AzureRmDeployment -Name $jobname -location $location -TemplatePar ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implement
ation.NewAzureDeploymentCmdlet
first of all, you can amend "outputs": {} everywhere, they dont really add anything useful, only clatter the template :). ok, there's just too much stuff going on here, to get into details of everything, unfortunately, here's a working template, you can diff yours and figure out what is wrong. if you need some questions answered, just get back to me here.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json",
"contentVersion": "1.0.0.0",
"parameters": {
"VNetName": {
"type": "string",
"metadata": {
"description": "vnetname"
}
},
"vnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "Address prefix"
}
},
"DMZResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for DMZ environment"
}
},
"HUBResourceGroup": {
"type": "string",
"metadata": {
"description": "resource group for HUB environment"
}
},
"DMZvnet": {
"type": "string",
"metadata": {
"description": "VNet for DMZ environment"
}
},
"DMZvnetAddressPrefix": {
"type": "string",
"metadata": {
"description": "DMZ VNet Address prefix"
}
},
"DMZFESubnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Front-End subnet"
}
},
"DMZBESubnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet1 for DMZ environment. This is the Back-End subnet"
}
},
"DMZNSG": {
"type": "string",
"metadata": {
"description": "NSG for DMZ environment"
}
},
"DMZFEsubnetName": {
"type": "string",
"metadata": {
"description": "Front-End subnet for DMZ environment"
}
},
"DMZBEsubnetName": {
"type": "string",
"metadata": {
"description": "Back-End subnet for DMZ environment"
}
},
"subnet1Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 1 prefix"
}
},
"subnet1Name": {
"type": "string",
"metadata": {
"description": "Subnet 1 Name"
}
},
"subnet2Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 2 Prefix"
}
},
"subnet2Name": {
"type": "string",
"metadata": {
"description": "Subnet 2 Name"
}
},
"subnet3Prefix": {
"type": "string",
"metadata": {
"description": "Subnet 3 Prefix"
}
},
"subnet3Name": {
"type": "string",
"metadata": {
"description": "Subnet 3 Name"
}
},
"networkSecurityGroupName": {
"type": "string"
}
},
"variables": {
"location": "West Europe",
"HUBvNettoDMZvNet": "[concat(parameters('VNetName'), '-', parameters('DMZvnet'))]",
"DMZvNettoHUBvNet": "[concat(parameters('DMZvnet'), '-', parameters('VNetName'))]"
},
"resources": [
{
"name": "[parameters('DMZResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"name": "[parameters('HUBResourceGroup')]",
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2018-05-01",
"location": "[variables('Location')]",
"tags": {},
"properties": {}
},
{
"apiVersion": "2017-05-10",
"name": "hubtemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('Hubresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('HUBResourceGroup'))]",
"dmztemplate"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetName')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnetAddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
},
{
"name": "[parameters('subnet2Name')]",
"properties": {
"addressPrefix": "[parameters('subnet2Prefix')]"
}
},
{
"name": "[parameters('subnet3Name')]",
"properties": {
"addressPrefix": "[parameters('subnet3Prefix')]"
}
}
]
}
},
{
"name": "[concat(parameters('vnetName'), '/peered-to-', parameters('vnetname'))]",
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2018-08-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('VNetName'))]"
],
"properties": {
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"useRemoteGateways": false,
"remoteVirtualNetwork": {
"id": "[concat(subscription().id, '/resourceGroups/', parameters('DMZresourcegroup'), '/providers/Microsoft.Network/virtualNetworks/', parameters('DMZvNet'))]"
}
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('networkSecurityGroupName')]",
"location": "[variables('location')]",
"properties": {
"securityRules": [
{
"name": "allow-rdp",
"properties": {
"description": "allow rdp",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.1.0",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "allow-smb",
"properties": {
"description": "allow smb",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "445",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "10.0.2.0",
"access": "Allow",
"priority": 112,
"direction": "Inbound"
}
}
]
}
}
]
}
}
},
{
"apiVersion": "2017-05-10",
"name": "dmztemplate",
"type": "Microsoft.Resources/deployments",
"resourceGroup": "[parameters('DMZresourcegroup')]",
"dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups/', parameters('DMZResourceGroup'))]"
],
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentversion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('DMZvNet')]",
"location": "[variables('Location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('DMZvNetaddressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('DMZFEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZFESubnet1Prefix')]"
}
},
{
"name": "[parameters('DMZBEsubnetName')]",
"properties": {
"addressPrefix": "[parameters('DMZBESubnet2Prefix')]"
}
}
]
}
}
]
}
}
}
]
}
resourceId() in subscription level deployments: https://learn.microsoft.com/en-us/azure/azure-resource-manager/deploy-to-subscription#using-template-functions
ps. I'm sure you need peerings on both vnets.

Resources