Create a virtual network using the Azure CLI

An Azure virtual network (VNet) is a representation of your own network in the cloud. You can control your Azure network settings and define DHCP address blocks, DNS settings, security policies, and routing. You can also further segment your VNet into subnets and deploy Azure IaaS virtual machines (VMs) and PaaS role instances, in the same way you can deploy physical and virtual machines to your on-premises datacenter. In essence, you can expand your network to Azure, bringing your own IP address blocks. Read the virtual network overview if you are not familiar with VNets.

Azure has two deployment models: Azure Resource Manager and classic. Microsoft recommends creating resources through the Resource Manager deployment model. To learn more about the differences between the two models, read the Understand Azure deployment models article.

You can also create a virtual network through Resource Manager using other tools, or create a virtual network through the classic deployment model, by selecting a different option from the following list:

Scenario

To better illustrate how to create a VNet and subnets, this document will use the scenario below.

VNet scenario

In this scenario you will create a VNet named TestVNet with a reserved CIDR block of 192.168.0.0./16. Your VNet will contain the following subnets:

  • FrontEnd, using 192.168.1.0/24 as its CIDR block.
  • BackEnd, using 192.168.2.0/24 as its CIDR block.

Create a virtual network

To create a virtual network using the Azure CLI, complete the following steps:

  1. Install and configure the latest Azure CLI 2.0 and log in to an Azure account using az login.

  2. Create a resource group for your VNet using the az group create command with the --name and --location arguments:

    az group create --name TestRG --location centralus
    
  3. Create a VNet and a subnet:

    az network vnet create \
    --name TestVNet \
    --resource-group TestRG \
    --location centralus \
    --address-prefix 192.168.0.0/16 \
    --subnet-name FrontEnd \
    --subnet-prefix 192.168.1.0/24
    

    Expected output:

    {
        "newVNet": {
            "addressSpace": {
            "addressPrefixes": [
            "192.168.0.0/16"
            ]
            },
            "dhcpOptions": {
            "dnsServers": []
            },
            "provisioningState": "Succeeded",
            "resourceGuid": "<guid>",
            "subnets": [
            {
                "etag": "W/\"<guid>\"",
                "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/virtualNetworks/TestVNet/subnets/FrontEnd",
                "name": "FrontEnd",
                "properties": {
                "addressPrefix": "192.168.1.0/24",
                "provisioningState": "Succeeded"
                },
                "resourceGroup": "TestRG"
            }
            ]
            }
    }
    

    Parameters used:

    • --name TestVNet: Name of the VNet to be created.
    • --resource-group TestRG: # The resource group name that controls the resource.
    • --location centralus: The location into which to deploy.
    • --address-prefix 192.168.0.0/16: The address prefix and block.
    • --subnet-name FrontEnd: The name of the subnet.
    • --subnet-prefix 192.168.1.0/24: The address prefix and block.

      To list the basic information to use in the next command, you can query the VNet using a query filter:

      az network vnet list --query '[?name==`TestVNet`].{Where:location,Name:name,Group:resourceGroup}' -o table
      

      Which produces the following output:

      Where Name Group

      centralus TestVNet TestRG

  4. Create a subnet:

    az network vnet subnet create \
    --address-prefix 192.168.2.0/24 \
    --name BackEnd \
    --resource-group TestRG \
    --vnet-name TestVNet
    

    Expected output:

    {
    "addressPrefix": "192.168.2.0/24",
    "etag": "W/\"<guid> \"",
    "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/virtualNetworks/TestVNet/subnets/BackEnd",
    "ipConfigurations": null,
    "name": "BackEnd",
    "networkSecurityGroup": null,
    "provisioningState": "Succeeded",
    "resourceGroup": "TestRG",
    "resourceNavigationLinks": null,
    "routeTable": null
    }
    

    Parameters used:

    • --address-prefix 192.168.2.0/24: Subnet CIDR block.
    • --name BackEnd: Name of the new subnet.
    • --resource-group TestRG: The resource group.
    • --vnet-name TestVNet: The name of the owning VNet.
  5. Query the properties of the new VNet:

    az network vnet show \
    -g TestRG \
    -n TestVNet \
    --query '{Name:name,Where:location,Group:resourceGroup,Status:provisioningState,SubnetCount:subnets | length(@)}' \
    -o table
    

    Expected output:

     Name      Where      Group    Status       SubnetCount
    
     TestVNet  centralus  TestRG   Succeeded              2
    
  6. Query the properties of the subnets:

    az network vnet subnet list \
    -g TestRG \
    --vnet-name testvnet \
    --query '[].{Name:name,CIDR:addressPrefix,Status:provisioningState}' \
    -o table
    

    Expected output:

     Name      CIDR            Status
    
     FrontEnd  192.168.1.0/24  Succeeded
     BackEnd   192.168.2.0/24  Succeeded
    

Next steps

Learn how to connect: