Microsoft.Network networkProfiles template reference
07/14/2020
11 minutes to read
In this article
To create a Microsoft.Network/networkProfiles resource, add the following JSON to the resources section of your template.
{
"name": "string",
"type": "Microsoft.Network/networkProfiles",
"apiVersion": "2019-07-01",
"location": "string",
"tags": {},
"properties": {
"containerNetworkInterfaces": [
{
"id": "string",
"properties": {
"containerNetworkInterfaceConfiguration": {
"id": "string",
"properties": {
"ipConfigurations": [
{
"id": "string",
"properties": {
"subnet": {
"id": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [
"string"
],
"networkSecurityGroup": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"securityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"defaultSecurityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"resourceGuid": "string"
}
},
"routeTable": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"routes": [
{
"id": "string",
"properties": {
"addressPrefix": "string",
"nextHopType": "string",
"nextHopIpAddress": "string"
},
"name": "string"
}
],
"disableBgpRoutePropagation": "boolean"
}
},
"natGateway": {
"id": "string"
},
"serviceEndpoints": [
{
"service": "string",
"locations": [
"string"
]
}
],
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [
"string"
]
},
"name": "string"
}
]
}
}
],
"resourceNavigationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string"
},
"name": "string"
}
],
"serviceAssociationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string",
"allowDelete": "boolean",
"locations": [
"string"
]
},
"name": "string",
"type": "string"
}
],
"delegations": [
{
"id": "string",
"properties": {
"serviceName": "string",
"actions": [
"string"
]
},
"name": "string"
}
],
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
},
"name": "string"
}
},
"name": "string"
}
],
"containerNetworkInterfaces": [
{
"id": "string"
}
]
},
"name": "string"
},
"container": {
"id": "string"
},
"ipConfigurations": [
{
"properties": {},
"name": "string"
}
]
},
"name": "string"
}
],
"containerNetworkInterfaceConfigurations": [
{
"id": "string",
"properties": {
"ipConfigurations": [
{
"id": "string",
"properties": {
"subnet": {
"id": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [
"string"
],
"networkSecurityGroup": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"securityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"defaultSecurityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"resourceGuid": "string"
}
},
"routeTable": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"routes": [
{
"id": "string",
"properties": {
"addressPrefix": "string",
"nextHopType": "string",
"nextHopIpAddress": "string"
},
"name": "string"
}
],
"disableBgpRoutePropagation": "boolean"
}
},
"natGateway": {
"id": "string"
},
"serviceEndpoints": [
{
"service": "string",
"locations": [
"string"
]
}
],
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [
"string"
]
},
"name": "string"
}
]
}
}
],
"resourceNavigationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string"
},
"name": "string"
}
],
"serviceAssociationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string",
"allowDelete": "boolean",
"locations": [
"string"
]
},
"name": "string",
"type": "string"
}
],
"delegations": [
{
"id": "string",
"properties": {
"serviceName": "string",
"actions": [
"string"
]
},
"name": "string"
}
],
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
},
"name": "string"
}
},
"name": "string"
}
],
"containerNetworkInterfaces": [
{
"id": "string"
}
]
},
"name": "string"
}
]
}
}
Property values
The following tables describe the values you need to set in the schema.
Microsoft.Network/networkProfiles object
Name
Type
Required
Value
name
string
Yes
The name of the network profile.
type
enum
Yes
Microsoft.Network/networkProfiles
apiVersion
enum
Yes
2019-07-01
location
string
Yes
Resource location.
tags
object
No
Resource tags.
properties
object
Yes
Network profile properties. - NetworkProfilePropertiesFormat object
ContainerNetworkInterface object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Container network interface properties. - ContainerNetworkInterfacePropertiesFormat object
name
string
No
The name of the resource. This name can be used to access the resource.
ContainerNetworkInterfaceConfiguration object
Name
Type
Required
Value
ipConfigurations
array
No
A list of ip configurations of the container network interface configuration. - IPConfigurationProfile object
containerNetworkInterfaces
array
No
A list of container network interfaces created from this container network interface configuration. - SubResource object
Container object
Name
Type
Required
Value
id
string
No
Resource ID.
ContainerNetworkInterfaceIpConfiguration object
IPConfigurationProfile object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the IP configuration profile. - IPConfigurationProfilePropertiesFormat object
name
string
No
The name of the resource. This name can be used to access the resource.
SubResource object
Name
Type
Required
Value
id
string
No
Resource ID.
Name
Type
Required
Value
subnet
object
No
The reference of the subnet resource to create a container network interface ip configuration. - Subnet object
Subnet object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the subnet. - SubnetPropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
Name
Type
Required
Value
addressPrefix
string
No
The address prefix for the subnet.
addressPrefixes
array
No
List of address prefixes for the subnet. - string
networkSecurityGroup
object
No
The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable
object
No
The reference of the RouteTable resource. - RouteTable object
natGateway
object
No
Nat gateway associated with this subnet. - SubResource object
serviceEndpoints
array
No
An array of service endpoints. - ServiceEndpointPropertiesFormat object
serviceEndpointPolicies
array
No
An array of service endpoint policies. - ServiceEndpointPolicy object
resourceNavigationLinks
array
No
An array of references to the external resources using subnet. - ResourceNavigationLink object
serviceAssociationLinks
array
No
An array of references to services injecting into this subnet. - ServiceAssociationLink object
delegations
array
No
An array of references to the delegations on the subnet. - Delegation object
privateEndpointNetworkPolicies
string
No
Enable or Disable apply network policies on private end point in the subnet.
privateLinkServiceNetworkPolicies
string
No
Enable or Disable apply network policies on private link service in the subnet.
NetworkSecurityGroup object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the network security group. - NetworkSecurityGroupPropertiesFormat object
RouteTable object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the route table. - RouteTablePropertiesFormat object
Name
Type
Required
Value
service
string
No
The type of the endpoint service.
locations
array
No
A list of locations. - string
ServiceEndpointPolicy object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the service end point policy. - ServiceEndpointPolicyPropertiesFormat object
ResourceNavigationLink object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Resource navigation link properties format. - ResourceNavigationLinkFormat object
name
string
No
Name of the resource that is unique within a resource group. This name can be used to access the resource.
ServiceAssociationLink object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Resource navigation link properties format. - ServiceAssociationLinkPropertiesFormat object
name
string
No
Name of the resource that is unique within a resource group. This name can be used to access the resource.
type
string
No
Resource type.
Delegation object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the subnet. - ServiceDelegationPropertiesFormat object
name
string
No
The name of the resource that is unique within a subnet. This name can be used to access the resource.
Name
Type
Required
Value
securityRules
array
No
A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules
array
No
The default security rules of network security group. - SecurityRule object
resourceGuid
string
No
The resource GUID property of the network security group resource.
Name
Type
Required
Value
routes
array
No
Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation
boolean
No
Whether to disable the routes learned by BGP on that route table. True means disable.
Name
Type
Required
Value
serviceEndpointPolicyDefinitions
array
No
A collection of service endpoint policy definitions of the service endpoint policy. - ServiceEndpointPolicyDefinition object
Name
Type
Required
Value
linkedResourceType
string
No
Resource type of the linked resource.
link
string
No
Link to the external resource.
Name
Type
Required
Value
linkedResourceType
string
No
Resource type of the linked resource.
link
string
No
Link to the external resource.
allowDelete
boolean
No
If true, the resource can be deleted.
locations
array
No
A list of locations. - string
Name
Type
Required
Value
serviceName
string
No
The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).
actions
array
No
Describes the actions permitted to the service upon delegation. - string
SecurityRule object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the security rule. - SecurityRulePropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
Route object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the route. - RoutePropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
ServiceEndpointPolicyDefinition object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the service endpoint policy definition. - ServiceEndpointPolicyDefinitionPropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
Name
Type
Required
Value
description
string
No
A description for this rule. Restricted to 140 chars.
protocol
enum
Yes
Network protocol this rule applies to. - Tcp, Udp, Icmp, Esp, *
sourcePortRange
string
No
The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
destinationPortRange
string
No
The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
sourceAddressPrefix
string
No
The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes
array
No
The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups
array
No
The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix
string
No
The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes
array
No
The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups
array
No
The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges
array
No
The source port ranges. - string
destinationPortRanges
array
No
The destination port ranges. - string
access
enum
Yes
The network traffic is allowed or denied. - Allow or Deny
priority
integer
No
The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction
enum
Yes
The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. - Inbound or Outbound
Name
Type
Required
Value
addressPrefix
string
No
The destination CIDR to which the route applies.
nextHopType
enum
Yes
The type of Azure hop the packet should be sent to. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress
string
No
The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.
Name
Type
Required
Value
description
string
No
A description for this rule. Restricted to 140 chars.
service
string
No
Service endpoint name.
serviceResources
array
No
A list of service resources. - string
ApplicationSecurityGroup object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the application security group. - ApplicationSecurityGroupPropertiesFormat object
Quickstart templates
The following quickstart templates deploy this resource type.
