Microsoft.Network loadBalancers template reference

Template format

To create a Microsoft.Network/loadBalancers resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/loadBalancers",
  "apiVersion": "2019-04-01",
  "location": "string",
  "tags": {},
  "sku": {
    "name": "string"
  },
  "properties": {
    "frontendIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "privateIPAddressVersion": "string",
          "subnet": {
            "id": "string",
            "properties": {
              "addressPrefix": "string",
              "addressPrefixes": [
                "string"
              ],
              "networkSecurityGroup": {
                "id": "string",
                "location": "string",
                "tags": {},
                "properties": {
                  "securityRules": [
                    {
                      "id": "string",
                      "properties": {
                        "description": "string",
                        "protocol": "string",
                        "sourcePortRange": "string",
                        "destinationPortRange": "string",
                        "sourceAddressPrefix": "string",
                        "sourceAddressPrefixes": [
                          "string"
                        ],
                        "sourceApplicationSecurityGroups": [
                          {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "properties": {}
                          }
                        ],
                        "destinationAddressPrefix": "string",
                        "destinationAddressPrefixes": [
                          "string"
                        ],
                        "destinationApplicationSecurityGroups": [
                          {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "properties": {}
                          }
                        ],
                        "sourcePortRanges": [
                          "string"
                        ],
                        "destinationPortRanges": [
                          "string"
                        ],
                        "access": "string",
                        "priority": "integer",
                        "direction": "string"
                      },
                      "name": "string"
                    }
                  ],
                  "defaultSecurityRules": [
                    {
                      "id": "string",
                      "properties": {
                        "description": "string",
                        "protocol": "string",
                        "sourcePortRange": "string",
                        "destinationPortRange": "string",
                        "sourceAddressPrefix": "string",
                        "sourceAddressPrefixes": [
                          "string"
                        ],
                        "sourceApplicationSecurityGroups": [
                          {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "properties": {}
                          }
                        ],
                        "destinationAddressPrefix": "string",
                        "destinationAddressPrefixes": [
                          "string"
                        ],
                        "destinationApplicationSecurityGroups": [
                          {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "properties": {}
                          }
                        ],
                        "sourcePortRanges": [
                          "string"
                        ],
                        "destinationPortRanges": [
                          "string"
                        ],
                        "access": "string",
                        "priority": "integer",
                        "direction": "string"
                      },
                      "name": "string"
                    }
                  ],
                  "resourceGuid": "string"
                }
              },
              "routeTable": {
                "id": "string",
                "location": "string",
                "tags": {},
                "properties": {
                  "routes": [
                    {
                      "id": "string",
                      "properties": {
                        "addressPrefix": "string",
                        "nextHopType": "string",
                        "nextHopIpAddress": "string"
                      },
                      "name": "string"
                    }
                  ],
                  "disableBgpRoutePropagation": "boolean"
                }
              },
              "natGateway": {
                "id": "string"
              },
              "serviceEndpoints": [
                {
                  "service": "string",
                  "locations": [
                    "string"
                  ]
                }
              ],
              "serviceEndpointPolicies": [
                {
                  "id": "string",
                  "location": "string",
                  "tags": {},
                  "properties": {
                    "serviceEndpointPolicyDefinitions": [
                      {
                        "id": "string",
                        "properties": {
                          "description": "string",
                          "service": "string",
                          "serviceResources": [
                            "string"
                          ]
                        },
                        "name": "string"
                      }
                    ]
                  }
                }
              ],
              "resourceNavigationLinks": [
                {
                  "id": "string",
                  "properties": {
                    "linkedResourceType": "string",
                    "link": "string"
                  },
                  "name": "string"
                }
              ],
              "serviceAssociationLinks": [
                {
                  "id": "string",
                  "properties": {
                    "linkedResourceType": "string",
                    "link": "string",
                    "allowDelete": "boolean",
                    "locations": [
                      "string"
                    ]
                  },
                  "name": "string",
                  "type": "string"
                }
              ],
              "delegations": [
                {
                  "id": "string",
                  "properties": {
                    "serviceName": "string",
                    "actions": [
                      "string"
                    ]
                  },
                  "name": "string"
                }
              ]
            },
            "name": "string"
          },
          "publicIPAddress": {
            "id": "string",
            "location": "string",
            "tags": {},
            "sku": {
              "name": "string"
            },
            "properties": {
              "publicIPAllocationMethod": "string",
              "publicIPAddressVersion": "string",
              "dnsSettings": {
                "domainNameLabel": "string",
                "fqdn": "string",
                "reverseFqdn": "string"
              },
              "ddosSettings": {
                "ddosCustomPolicy": {
                  "id": "string"
                },
                "protectionCoverage": "string"
              },
              "ipTags": [
                {
                  "ipTagType": "string",
                  "tag": "string"
                }
              ],
              "ipAddress": "string",
              "publicIPPrefix": {
                "id": "string"
              },
              "idleTimeoutInMinutes": "integer",
              "resourceGuid": "string"
            },
            "zones": [
              "string"
            ]
          },
          "publicIPPrefix": {
            "id": "string"
          }
        },
        "name": "string",
        "zones": [
          "string"
        ]
      }
    ],
    "backendAddressPools": [
      {
        "id": "string",
        "properties": {
        },
        "name": "string"
      }
    ],
    "loadBalancingRules": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "backendAddressPool": {
            "id": "string"
          },
          "probe": {
            "id": "string"
          },
          "protocol": "string",
          "loadDistribution": "string",
          "frontendPort": "integer",
          "backendPort": "integer",
          "idleTimeoutInMinutes": "integer",
          "enableFloatingIP": "boolean",
          "enableTcpReset": "boolean",
          "disableOutboundSnat": "boolean"
        },
        "name": "string"
      }
    ],
    "probes": [
      {
        "id": "string",
        "properties": {
          "protocol": "string",
          "port": "integer",
          "intervalInSeconds": "integer",
          "numberOfProbes": "integer",
          "requestPath": "string"
        },
        "name": "string"
      }
    ],
    "inboundNatRules": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "protocol": "string",
          "frontendPort": "integer",
          "backendPort": "integer",
          "idleTimeoutInMinutes": "integer",
          "enableFloatingIP": "boolean",
          "enableTcpReset": "boolean"
        },
        "name": "string"
      }
    ],
    "inboundNatPools": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "protocol": "string",
          "frontendPortRangeStart": "integer",
          "frontendPortRangeEnd": "integer",
          "backendPort": "integer",
          "idleTimeoutInMinutes": "integer",
          "enableFloatingIP": "boolean",
          "enableTcpReset": "boolean"
        },
        "name": "string"
      }
    ],
    "outboundRules": [
      {
        "id": "string",
        "properties": {
          "allocatedOutboundPorts": "integer",
          "frontendIPConfigurations": [
            {
              "id": "string"
            }
          ],
          "backendAddressPool": {
            "id": "string"
          },
          "protocol": "string",
          "enableTcpReset": "boolean",
          "idleTimeoutInMinutes": "integer"
        },
        "name": "string"
      }
    ],
    "resourceGuid": "string"
  },
  "resources": []
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/loadBalancers object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Network/loadBalancers
apiVersion enum Yes 2019-04-01
location string No Resource location.
tags object No Resource tags.
sku object No The load balancer SKU. - LoadBalancerSku object
properties object Yes Properties of load balancer. - LoadBalancerPropertiesFormat object
resources array No inboundNatRules

LoadBalancerSku object

Name Type Required Value
name enum No Name of a load balancer SKU. - Basic or Standard

LoadBalancerPropertiesFormat object

Name Type Required Value
frontendIPConfigurations array No Object representing the frontend IPs to be used for the load balancer. - FrontendIPConfiguration object
backendAddressPools array No Collection of backend address pools used by a load balancer. - BackendAddressPool object
loadBalancingRules array No Object collection representing the load balancing rules Gets the provisioning. - LoadBalancingRule object
probes array No Collection of probe objects used in the load balancer. - Probe object
inboundNatRules array No Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules. - InboundNatRule object
inboundNatPools array No Defines an external port range for inbound NAT to a single backend port on NICs associated with a load balancer. Inbound NAT rules are created automatically for each NIC associated with the Load Balancer using an external port from this range. Defining an Inbound NAT pool on your Load Balancer is mutually exclusive with defining inbound Nat rules. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an inbound NAT pool. They have to reference individual inbound NAT rules. - InboundNatPool object
outboundRules array No The outbound rules. - OutboundRule object
resourceGuid string No The resource GUID property of the load balancer resource.

FrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the load balancer probe. - FrontendIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

BackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer backend address pool. - BackendAddressPoolPropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

LoadBalancingRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer load balancing rule. - LoadBalancingRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

Probe object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer probe. - ProbePropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

InboundNatRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer inbound nat rule. - InboundNatRulePropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

InboundNatPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer inbound nat pool. - InboundNatPoolPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

OutboundRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer outbound rule. - OutboundRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

FrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No The private IP address of the IP configuration.
privateIPAllocationMethod enum No The Private IP allocation method. - Static or Dynamic
privateIPAddressVersion enum No It represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. - IPv4 or IPv6
subnet object No The reference of the subnet resource. - Subnet object
publicIPAddress object No The reference of the Public IP resource. - PublicIPAddress object
publicIPPrefix object No The reference of the Public IP Prefix resource. - SubResource object

BackendAddressPoolPropertiesFormat object

Name Type Required Value

LoadBalancingRulePropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
backendAddressPool object No A reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs. - SubResource object
probe object No The reference of the load balancer probe used by the load balancing rule. - SubResource object
protocol enum Yes The reference to the transport protocol used by the load balancing rule. - Udp, Tcp, All
loadDistribution enum No The load distribution policy for this rule. - Default, SourceIP, SourceIPProtocol
frontendPort integer Yes The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 0 and 65534. Note that value 0 enables "Any Port".
backendPort integer No The port used for internal connections on the endpoint. Acceptable values are between 0 and 65535. Note that value 0 enables "Any Port".
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.
disableOutboundSnat boolean No Configures SNAT for the VMs in the backend pool to use the publicIP address specified in the frontend of the load balancing rule.

ProbePropertiesFormat object

Name Type Required Value
protocol enum Yes The protocol of the end point. If 'Tcp' is specified, a received ACK is required for the probe to be successful. If 'Http' or 'Https' is specified, a 200 OK response from the specifies URI is required for the probe to be successful. - Http, Tcp, Https
port integer Yes The port for communicating the probe. Possible values range from 1 to 65535, inclusive.
intervalInSeconds integer No The interval, in seconds, for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period (in seconds) which allows two full probes before taking the instance out of rotation. The default value is 15, the minimum value is 5.
numberOfProbes integer No The number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure.
requestPath string No The URI used for requesting health status from the VM. Path is required if a protocol is set to http. Otherwise, it is not allowed. There is no default value.

InboundNatRulePropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
protocol enum No The reference to the transport protocol used by the load balancing rule. - Udp, Tcp, All
frontendPort integer No The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.
backendPort integer No The port used for the internal endpoint. Acceptable values range from 1 to 65535.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.

InboundNatPoolPropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
protocol enum Yes The reference to the transport protocol used by the inbound NAT pool. - Udp, Tcp, All
frontendPortRangeStart integer Yes The first port number in the range of external ports that will be used to provide Inbound Nat to NICs associated with a load balancer. Acceptable values range between 1 and 65534.
frontendPortRangeEnd integer Yes The last port number in the range of external ports that will be used to provide Inbound Nat to NICs associated with a load balancer. Acceptable values range between 1 and 65535.
backendPort integer Yes The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.

OutboundRulePropertiesFormat object

Name Type Required Value
allocatedOutboundPorts integer No The number of outbound ports to be used for NAT.
frontendIPConfigurations array Yes The Frontend IP addresses of the load balancer. - SubResource object
backendAddressPool object Yes A reference to a pool of DIPs. Outbound traffic is randomly load balanced across IPs in the backend IPs. - SubResource object
protocol enum Yes The protocol for the outbound rule in load balancer. - Tcp, Udp, All
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection.

Subnet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - SubnetPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

PublicIPAddress object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
sku object No The public IP address SKU. - PublicIPAddressSku object
properties object No Public IP address properties. - PublicIPAddressPropertiesFormat object
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

SubResource object

Name Type Required Value
id string No Resource ID.

SubnetPropertiesFormat object

Name Type Required Value
addressPrefix string No The address prefix for the subnet.
addressPrefixes array No List of address prefixes for the subnet. - string
networkSecurityGroup object No The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable object No The reference of the RouteTable resource. - RouteTable object
natGateway object No Nat gateway associated with this subnet. - SubResource object
serviceEndpoints array No An array of service endpoints. - ServiceEndpointPropertiesFormat object
serviceEndpointPolicies array No An array of service endpoint policies. - ServiceEndpointPolicy object
resourceNavigationLinks array No Gets an array of references to the external resources using subnet. - ResourceNavigationLink object
serviceAssociationLinks array No Gets an array of references to services injecting into this subnet. - ServiceAssociationLink object
delegations array No Gets an array of references to the delegations on the subnet. - Delegation object

PublicIPAddressSku object

Name Type Required Value
name enum No Name of a public IP address SKU. - Basic or Standard

PublicIPAddressPropertiesFormat object

Name Type Required Value
publicIPAllocationMethod enum No The public IP address allocation method. - Static or Dynamic
publicIPAddressVersion enum No The public IP address version. - IPv4 or IPv6
dnsSettings object No The FQDN of the DNS record associated with the public IP address. - PublicIPAddressDnsSettings object
ddosSettings object No The DDoS protection custom policy associated with the public IP address. - DdosSettings object
ipTags array No The list of tags associated with the public IP address. - IpTag object
ipAddress string No The IP address associated with the public IP address resource.
publicIPPrefix object No The Public IP Prefix this Public IP Address should be allocated from. - SubResource object
idleTimeoutInMinutes integer No The idle timeout of the public IP address.
resourceGuid string No The resource GUID property of the public IP resource.

NetworkSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the network security group. - NetworkSecurityGroupPropertiesFormat object

RouteTable object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the route table. - RouteTablePropertiesFormat object

ServiceEndpointPropertiesFormat object

Name Type Required Value
service string No The type of the endpoint service.
locations array No A list of locations. - string

ServiceEndpointPolicy object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the service end point policy. - ServiceEndpointPolicyPropertiesFormat object
Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ResourceNavigationLinkFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ServiceAssociationLinkPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Resource type.

Delegation object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - ServiceDelegationPropertiesFormat object
name string No The name of the resource that is unique within a subnet. This name can be used to access the resource.

PublicIPAddressDnsSettings object

Name Type Required Value
domainNameLabel string No Gets or sets the Domain name label.The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.
fqdn string No Gets the FQDN, Fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
reverseFqdn string No Gets or Sets the Reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

DdosSettings object

Name Type Required Value
ddosCustomPolicy object No The DDoS custom policy associated with the public IP. - SubResource object
protectionCoverage enum No The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. - Basic or Standard

IpTag object

Name Type Required Value
ipTagType string No Gets or sets the ipTag type: Example FirstPartyUsage.
tag string No Gets or sets value of the IpTag associated with the public IP. Example SQL, Storage etc.

NetworkSecurityGroupPropertiesFormat object

Name Type Required Value
securityRules array No A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules array No The default security rules of network security group. - SecurityRule object
resourceGuid string No The resource GUID property of the network security group resource.

RouteTablePropertiesFormat object

Name Type Required Value
routes array No Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation boolean No Gets or sets whether to disable the routes learned by BGP on that route table. True means disable.

ServiceEndpointPolicyPropertiesFormat object

Name Type Required Value
serviceEndpointPolicyDefinitions array No A collection of service endpoint policy definitions of the service endpoint policy. - ServiceEndpointPolicyDefinition object

ResourceNavigationLinkFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource.

ServiceAssociationLinkPropertiesFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource.
allowDelete boolean No If true, the resource can be deleted.
locations array No A list of locations. - string

ServiceDelegationPropertiesFormat object

Name Type Required Value
serviceName string No The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).
actions array No Describes the actions permitted to the service upon delegation. - string

SecurityRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the security rule. - SecurityRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

Route object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the route. - RoutePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ServiceEndpointPolicyDefinition object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the service endpoint policy definition. - ServiceEndpointPolicyDefinitionPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

SecurityRulePropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
protocol enum Yes Network protocol this rule applies to. - Tcp, Udp, Icmp, Esp, *
sourcePortRange string No The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
destinationPortRange string No The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
sourceAddressPrefix string No The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes array No The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups array No The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix string No The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes array No The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups array No The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges array No The source port ranges. - string
destinationPortRanges array No The destination port ranges. - string
access enum Yes The network traffic is allowed or denied. - Allow or Deny
priority integer No The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction enum Yes The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. - Inbound or Outbound

RoutePropertiesFormat object

Name Type Required Value
addressPrefix string No The destination CIDR to which the route applies.
nextHopType enum Yes The type of Azure hop the packet should be sent to. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress string No The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

ServiceEndpointPolicyDefinitionPropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
service string No Service endpoint name.
serviceResources array No A list of service resources. - string

ApplicationSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the application security group. - ApplicationSecurityGroupPropertiesFormat object

Quickstart templates

The following quickstart templates deploy this resource type.