Microsoft.Network virtualNetworkTaps template reference
07/14/2020
17 minutes to read
In this article
To create a Microsoft.Network/virtualNetworkTaps resource, add the following JSON to the resources section of your template.
{
"name": "string",
"type": "Microsoft.Network/virtualNetworkTaps",
"apiVersion": "2019-07-01",
"location": "string",
"tags": {},
"properties": {
"destinationNetworkInterfaceIPConfiguration": {
"id": "string",
"properties": {
"virtualNetworkTaps": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": "VirtualNetworkTapPropertiesFormat"
}
],
"applicationGatewayBackendAddressPools": [
{
"id": "string",
"properties": {
"backendIPConfigurations": [
"NetworkInterfaceIPConfiguration"
],
"backendAddresses": [
{
"fqdn": "string",
"ipAddress": "string"
}
]
},
"name": "string",
"type": "string"
}
],
"loadBalancerBackendAddressPools": [
{
"id": "string",
"properties": {
},
"name": "string"
}
],
"loadBalancerInboundNatRules": [
{
"id": "string",
"properties": {
"frontendIPConfiguration": {
"id": "string"
},
"protocol": "string",
"frontendPort": "integer",
"backendPort": "integer",
"idleTimeoutInMinutes": "integer",
"enableFloatingIP": "boolean",
"enableTcpReset": "boolean"
},
"name": "string"
}
],
"privateIPAddress": "string",
"privateIPAllocationMethod": "string",
"privateIPAddressVersion": "string",
"subnet": {
"id": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [
"string"
],
"networkSecurityGroup": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"securityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"defaultSecurityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"resourceGuid": "string"
}
},
"routeTable": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"routes": [
{
"id": "string",
"properties": {
"addressPrefix": "string",
"nextHopType": "string",
"nextHopIpAddress": "string"
},
"name": "string"
}
],
"disableBgpRoutePropagation": "boolean"
}
},
"natGateway": {
"id": "string"
},
"serviceEndpoints": [
{
"service": "string",
"locations": [
"string"
]
}
],
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [
"string"
]
},
"name": "string"
}
]
}
}
],
"resourceNavigationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string"
},
"name": "string"
}
],
"serviceAssociationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string",
"allowDelete": "boolean",
"locations": [
"string"
]
},
"name": "string",
"type": "string"
}
],
"delegations": [
{
"id": "string",
"properties": {
"serviceName": "string",
"actions": [
"string"
]
},
"name": "string"
}
],
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
},
"name": "string"
},
"primary": "boolean",
"publicIPAddress": {
"id": "string",
"location": "string",
"tags": {},
"sku": {
"name": "string"
},
"properties": {
"publicIPAllocationMethod": "string",
"publicIPAddressVersion": "string",
"dnsSettings": {
"domainNameLabel": "string",
"fqdn": "string",
"reverseFqdn": "string"
},
"ddosSettings": {
"ddosCustomPolicy": {
"id": "string"
},
"protectionCoverage": "string"
},
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"ipAddress": "string",
"publicIPPrefix": {
"id": "string"
},
"idleTimeoutInMinutes": "integer",
"resourceGuid": "string"
},
"zones": [
"string"
]
},
"applicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
]
},
"name": "string"
},
"destinationLoadBalancerFrontEndIPConfiguration": {
"id": "string",
"properties": {
"privateIPAddress": "string",
"privateIPAllocationMethod": "string",
"privateIPAddressVersion": "string",
"subnet": {
"id": "string",
"properties": {
"addressPrefix": "string",
"addressPrefixes": [
"string"
],
"networkSecurityGroup": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"securityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"defaultSecurityRules": [
{
"id": "string",
"properties": {
"description": "string",
"protocol": "string",
"sourcePortRange": "string",
"destinationPortRange": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [
"string"
],
"sourceApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [
"string"
],
"destinationApplicationSecurityGroups": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {}
}
],
"sourcePortRanges": [
"string"
],
"destinationPortRanges": [
"string"
],
"access": "string",
"priority": "integer",
"direction": "string"
},
"name": "string"
}
],
"resourceGuid": "string"
}
},
"routeTable": {
"id": "string",
"location": "string",
"tags": {},
"properties": {
"routes": [
{
"id": "string",
"properties": {
"addressPrefix": "string",
"nextHopType": "string",
"nextHopIpAddress": "string"
},
"name": "string"
}
],
"disableBgpRoutePropagation": "boolean"
}
},
"natGateway": {
"id": "string"
},
"serviceEndpoints": [
{
"service": "string",
"locations": [
"string"
]
}
],
"serviceEndpointPolicies": [
{
"id": "string",
"location": "string",
"tags": {},
"properties": {
"serviceEndpointPolicyDefinitions": [
{
"id": "string",
"properties": {
"description": "string",
"service": "string",
"serviceResources": [
"string"
]
},
"name": "string"
}
]
}
}
],
"resourceNavigationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string"
},
"name": "string"
}
],
"serviceAssociationLinks": [
{
"id": "string",
"properties": {
"linkedResourceType": "string",
"link": "string",
"allowDelete": "boolean",
"locations": [
"string"
]
},
"name": "string",
"type": "string"
}
],
"delegations": [
{
"id": "string",
"properties": {
"serviceName": "string",
"actions": [
"string"
]
},
"name": "string"
}
],
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
},
"name": "string"
},
"publicIPAddress": {
"id": "string",
"location": "string",
"tags": {},
"sku": {
"name": "string"
},
"properties": {
"publicIPAllocationMethod": "string",
"publicIPAddressVersion": "string",
"dnsSettings": {
"domainNameLabel": "string",
"fqdn": "string",
"reverseFqdn": "string"
},
"ddosSettings": {
"ddosCustomPolicy": {
"id": "string"
},
"protectionCoverage": "string"
},
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"ipAddress": "string",
"publicIPPrefix": {
"id": "string"
},
"idleTimeoutInMinutes": "integer",
"resourceGuid": "string"
},
"zones": [
"string"
]
},
"publicIPPrefix": {
"id": "string"
}
},
"name": "string",
"zones": [
"string"
]
},
"destinationPort": "integer"
}
}
Property values
The following tables describe the values you need to set in the schema.
Microsoft.Network/virtualNetworkTaps object
Name
Type
Required
Value
name
string
Yes
The name of the virtual network tap.
type
enum
Yes
Microsoft.Network/virtualNetworkTaps
apiVersion
enum
Yes
2019-07-01
location
string
Yes
Resource location.
tags
object
No
Resource tags.
properties
object
Yes
Virtual Network Tap Properties. - VirtualNetworkTapPropertiesFormat object
Name
Type
Required
Value
destinationNetworkInterfaceIPConfiguration
object
No
The reference to the private IP Address of the collector nic that will receive the tap. - NetworkInterfaceIPConfiguration object
destinationLoadBalancerFrontEndIPConfiguration
object
No
The reference to the private IP address on the internal Load Balancer that will receive the tap. - FrontendIPConfiguration object
destinationPort
integer
No
The VXLAN destination port that will receive the tapped traffic.
NetworkInterfaceIPConfiguration object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Network interface IP configuration properties. - NetworkInterfaceIPConfigurationPropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
FrontendIPConfiguration object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the load balancer probe. - FrontendIPConfigurationPropertiesFormat object
name
string
No
The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource.
zones
array
No
A list of availability zones denoting the IP allocated for the resource needs to come from. - string
Name
Type
Required
Value
virtualNetworkTaps
array
No
The reference to Virtual Network Taps. - VirtualNetworkTapModel object
applicationGatewayBackendAddressPools
array
No
The reference of ApplicationGatewayBackendAddressPool resource. - ApplicationGatewayBackendAddressPool object
loadBalancerBackendAddressPools
array
No
The reference of LoadBalancerBackendAddressPool resource. - BackendAddressPool object
loadBalancerInboundNatRules
array
No
A list of references of LoadBalancerInboundNatRules. - InboundNatRule object
privateIPAddress
string
No
Private IP address of the IP configuration.
privateIPAllocationMethod
enum
No
The private IP address allocation method. - Static or Dynamic
privateIPAddressVersion
enum
No
Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4. - IPv4 or IPv6
subnet
object
No
Subnet bound to the IP configuration. - Subnet object
primary
boolean
No
Whether this is a primary customer address on the network interface.
publicIPAddress
object
No
Public IP address bound to the IP configuration. - PublicIPAddress object
applicationSecurityGroups
array
No
Application security groups in which the IP configuration is included. - ApplicationSecurityGroup object
Name
Type
Required
Value
privateIPAddress
string
No
The private IP address of the IP configuration.
privateIPAllocationMethod
enum
No
The Private IP allocation method. - Static or Dynamic
privateIPAddressVersion
enum
No
Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. - IPv4 or IPv6
subnet
object
No
The reference of the subnet resource. - Subnet object
publicIPAddress
object
No
The reference of the Public IP resource. - PublicIPAddress object
publicIPPrefix
object
No
The reference of the Public IP Prefix resource. - SubResource object
VirtualNetworkTapModel object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Virtual Network Tap Properties. - VirtualNetworkTapPropertiesFormat object
ApplicationGatewayBackendAddressPool object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the application gateway backend address pool. - ApplicationGatewayBackendAddressPoolPropertiesFormat object
name
string
No
Name of the backend address pool that is unique within an Application Gateway.
type
string
No
Type of the resource.
BackendAddressPool object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of load balancer backend address pool. - BackendAddressPoolPropertiesFormat object
name
string
No
The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource.
InboundNatRule object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of load balancer inbound nat rule. - InboundNatRulePropertiesFormat object
name
string
No
The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource.
Subnet object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the subnet. - SubnetPropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
PublicIPAddress object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
sku
object
No
The public IP address SKU. - PublicIPAddressSku object
properties
object
No
Public IP address properties. - PublicIPAddressPropertiesFormat object
zones
array
No
A list of availability zones denoting the IP allocated for the resource needs to come from. - string
ApplicationSecurityGroup object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the application security group. - ApplicationSecurityGroupPropertiesFormat object
SubResource object
Name
Type
Required
Value
id
string
No
Resource ID.
Name
Type
Required
Value
frontendIPConfiguration
object
No
A reference to frontend IP addresses. - SubResource object
protocol
enum
No
The reference to the transport protocol used by the load balancing rule. - Udp, Tcp, All
frontendPort
integer
No
The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.
backendPort
integer
No
The port used for the internal endpoint. Acceptable values range from 1 to 65535.
idleTimeoutInMinutes
integer
No
The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP
boolean
No
Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset
boolean
No
Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.
Name
Type
Required
Value
addressPrefix
string
No
The address prefix for the subnet.
addressPrefixes
array
No
List of address prefixes for the subnet. - string
networkSecurityGroup
object
No
The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable
object
No
The reference of the RouteTable resource. - RouteTable object
natGateway
object
No
Nat gateway associated with this subnet. - SubResource object
serviceEndpoints
array
No
An array of service endpoints. - ServiceEndpointPropertiesFormat object
serviceEndpointPolicies
array
No
An array of service endpoint policies. - ServiceEndpointPolicy object
resourceNavigationLinks
array
No
An array of references to the external resources using subnet. - ResourceNavigationLink object
serviceAssociationLinks
array
No
An array of references to services injecting into this subnet. - ServiceAssociationLink object
delegations
array
No
An array of references to the delegations on the subnet. - Delegation object
privateEndpointNetworkPolicies
string
No
Enable or Disable apply network policies on private end point in the subnet.
privateLinkServiceNetworkPolicies
string
No
Enable or Disable apply network policies on private link service in the subnet.
PublicIPAddressSku object
Name
Type
Required
Value
name
enum
No
Name of a public IP address SKU. - Basic or Standard
Name
Type
Required
Value
publicIPAllocationMethod
enum
No
The public IP address allocation method. - Static or Dynamic
publicIPAddressVersion
enum
No
The public IP address version. - IPv4 or IPv6
dnsSettings
object
No
The FQDN of the DNS record associated with the public IP address. - PublicIPAddressDnsSettings object
ddosSettings
object
No
The DDoS protection custom policy associated with the public IP address. - DdosSettings object
ipTags
array
No
The list of tags associated with the public IP address. - IpTag object
ipAddress
string
No
The IP address associated with the public IP address resource.
publicIPPrefix
object
No
The Public IP Prefix this Public IP Address should be allocated from. - SubResource object
idleTimeoutInMinutes
integer
No
The idle timeout of the public IP address.
resourceGuid
string
No
The resource GUID property of the public IP address resource.
ApplicationGatewayBackendAddress object
Name
Type
Required
Value
fqdn
string
No
Fully qualified domain name (FQDN).
ipAddress
string
No
IP address.
NetworkSecurityGroup object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the network security group. - NetworkSecurityGroupPropertiesFormat object
RouteTable object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the route table. - RouteTablePropertiesFormat object
Name
Type
Required
Value
service
string
No
The type of the endpoint service.
locations
array
No
A list of locations. - string
ServiceEndpointPolicy object
Name
Type
Required
Value
id
string
No
Resource ID.
location
string
No
Resource location.
tags
object
No
Resource tags.
properties
object
No
Properties of the service end point policy. - ServiceEndpointPolicyPropertiesFormat object
ResourceNavigationLink object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Resource navigation link properties format. - ResourceNavigationLinkFormat object
name
string
No
Name of the resource that is unique within a resource group. This name can be used to access the resource.
ServiceAssociationLink object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Resource navigation link properties format. - ServiceAssociationLinkPropertiesFormat object
name
string
No
Name of the resource that is unique within a resource group. This name can be used to access the resource.
type
string
No
Resource type.
Delegation object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the subnet. - ServiceDelegationPropertiesFormat object
name
string
No
The name of the resource that is unique within a subnet. This name can be used to access the resource.
PublicIPAddressDnsSettings object
Name
Type
Required
Value
domainNameLabel
string
No
The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.
fqdn
string
No
The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
reverseFqdn
string
No
The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.
DdosSettings object
Name
Type
Required
Value
ddosCustomPolicy
object
No
The DDoS custom policy associated with the public IP. - SubResource object
protectionCoverage
enum
No
The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. - Basic or Standard
IpTag object
Name
Type
Required
Value
ipTagType
string
No
The IP tag type. Example: FirstPartyUsage.
tag
string
No
The value of the IP tag associated with the public IP. Example: SQL.
Name
Type
Required
Value
securityRules
array
No
A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules
array
No
The default security rules of network security group. - SecurityRule object
resourceGuid
string
No
The resource GUID property of the network security group resource.
Name
Type
Required
Value
routes
array
No
Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation
boolean
No
Whether to disable the routes learned by BGP on that route table. True means disable.
Name
Type
Required
Value
serviceEndpointPolicyDefinitions
array
No
A collection of service endpoint policy definitions of the service endpoint policy. - ServiceEndpointPolicyDefinition object
Name
Type
Required
Value
linkedResourceType
string
No
Resource type of the linked resource.
link
string
No
Link to the external resource.
Name
Type
Required
Value
linkedResourceType
string
No
Resource type of the linked resource.
link
string
No
Link to the external resource.
allowDelete
boolean
No
If true, the resource can be deleted.
locations
array
No
A list of locations. - string
Name
Type
Required
Value
serviceName
string
No
The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).
actions
array
No
Describes the actions permitted to the service upon delegation. - string
SecurityRule object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the security rule. - SecurityRulePropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
Route object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the route. - RoutePropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
ServiceEndpointPolicyDefinition object
Name
Type
Required
Value
id
string
No
Resource ID.
properties
object
No
Properties of the service endpoint policy definition. - ServiceEndpointPolicyDefinitionPropertiesFormat object
name
string
No
The name of the resource that is unique within a resource group. This name can be used to access the resource.
Name
Type
Required
Value
description
string
No
A description for this rule. Restricted to 140 chars.
protocol
enum
Yes
Network protocol this rule applies to. - Tcp, Udp, Icmp, Esp, *
sourcePortRange
string
No
The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
destinationPortRange
string
No
The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
sourceAddressPrefix
string
No
The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes
array
No
The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups
array
No
The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix
string
No
The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes
array
No
The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups
array
No
The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges
array
No
The source port ranges. - string
destinationPortRanges
array
No
The destination port ranges. - string
access
enum
Yes
The network traffic is allowed or denied. - Allow or Deny
priority
integer
No
The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction
enum
Yes
The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. - Inbound or Outbound
Name
Type
Required
Value
addressPrefix
string
No
The destination CIDR to which the route applies.
nextHopType
enum
Yes
The type of Azure hop the packet should be sent to. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress
string
No
The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.
Name
Type
Required
Value
description
string
No
A description for this rule. Restricted to 140 chars.
service
string
No
Service endpoint name.
serviceResources
array
No
A list of service resources. - string
