Virtual Network Gateway Connections - Get

Reference

Service:: Network Gateway

API Version:: 2024-05-01

Gets the specified virtual network gateway connection by resource group.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/connections/{virtualNetworkGatewayConnectionName}?api-version=2024-05-01

URI Parameters

Name	In	Required	Type	Description
resourceGroupName	path	True	string	The name of the resource group.
subscriptionId	path	True	string	The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
virtualNetworkGatewayConnectionName	path	True	string	The name of the virtual network gateway connection.
api-version	query	True	string	Client API version.

Responses

Name	Type	Description
200 OK	VirtualNetworkGatewayConnection	Request successful. The operation returns the resulting VirtualNetworkGatewayConnection resource.
Other Status Codes	CloudError	Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

GetVirtualNetworkGatewayConnection

Sample request

GET https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/connections/connS2S?api-version=2024-05-01


/**
 * Samples for VirtualNetworkGatewayConnections GetByResourceGroup.
 */
public final class Main {
    /*
     * x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
     * VirtualNetworkGatewayConnectionGet.json
     */
    /**
     * Sample code: GetVirtualNetworkGatewayConnection.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void getVirtualNetworkGatewayConnection(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.networks().manager().serviceClient().getVirtualNetworkGatewayConnections()
            .getByResourceGroupWithResponse("rg1", "connS2S", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential

from azure.mgmt.network import NetworkManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-network
# USAGE
    python virtual_network_gateway_connection_get.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = NetworkManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="subid",
    )

    response = client.virtual_network_gateway_connections.get(
        resource_group_name="rg1",
        virtual_network_gateway_connection_name="connS2S",
    )
    print(response)


# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/VirtualNetworkGatewayConnectionGet.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/VirtualNetworkGatewayConnectionGet.json
func ExampleVirtualNetworkGatewayConnectionsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewVirtualNetworkGatewayConnectionsClient().Get(ctx, "rg1", "connS2S", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.VirtualNetworkGatewayConnection = armnetwork.VirtualNetworkGatewayConnection{
	// 	Name: to.Ptr("connS2S"),
	// 	Type: to.Ptr("Microsoft.Network/connections"),
	// 	ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/connections/connS2S"),
	// 	Location: to.Ptr("centralus"),
	// 	Etag: to.Ptr("W/\"00000000-0000-0000-0000-000000000000\""),
	// 	Properties: &armnetwork.VirtualNetworkGatewayConnectionPropertiesFormat{
	// 		ConnectionMode: to.Ptr(armnetwork.VirtualNetworkGatewayConnectionModeDefault),
	// 		ConnectionProtocol: to.Ptr(armnetwork.VirtualNetworkGatewayConnectionProtocolIKEv2),
	// 		ConnectionStatus: to.Ptr(armnetwork.VirtualNetworkGatewayConnectionStatusConnecting),
	// 		ConnectionType: to.Ptr(armnetwork.VirtualNetworkGatewayConnectionTypeIPsec),
	// 		DpdTimeoutSeconds: to.Ptr[int32](30),
	// 		EgressBytesTransferred: to.Ptr[int64](0),
	// 		EgressNatRules: []*armnetwork.SubResource{
	// 			{
	// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/natRules/natRule2"),
	// 		}},
	// 		EnableBgp: to.Ptr(false),
	// 		GatewayCustomBgpIPAddresses: []*armnetwork.GatewayCustomBgpIPAddressIPConfiguration{
	// 			{
	// 				CustomBgpIPAddress: to.Ptr("169.254.21.1"),
	// 				IPConfigurationID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/ipConfigurations/default"),
	// 			},
	// 			{
	// 				CustomBgpIPAddress: to.Ptr("169.254.21.3"),
	// 				IPConfigurationID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/ipConfigurations/ActiveActive"),
	// 		}},
	// 		IngressBytesTransferred: to.Ptr[int64](0),
	// 		IngressNatRules: []*armnetwork.SubResource{
	// 			{
	// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/natRules/natRule1"),
	// 		}},
	// 		IPSecPolicies: []*armnetwork.IPSecPolicy{
	// 		},
	// 		LocalNetworkGateway2: &armnetwork.LocalNetworkGateway{
	// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/localNetworkGateways/localgw"),
	// 			Properties: &armnetwork.LocalNetworkGatewayPropertiesFormat{
	// 			},
	// 		},
	// 		ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 		ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
	// 		RoutingWeight: to.Ptr[int32](0),
	// 		SharedKey: to.Ptr("Abc123"),
	// 		TrafficSelectorPolicies: []*armnetwork.TrafficSelectorPolicy{
	// 		},
	// 		UseLocalAzureIPAddress: to.Ptr(false),
	// 		UsePolicyBasedTrafficSelectors: to.Ptr(false),
	// 		VirtualNetworkGateway1: &armnetwork.VirtualNetworkGateway{
	// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw"),
	// 			Properties: &armnetwork.VirtualNetworkGatewayPropertiesFormat{
	// 			},
	// 		},
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets the specified virtual network gateway connection by resource group.
 *
 * @summary Gets the specified virtual network gateway connection by resource group.
 * x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/VirtualNetworkGatewayConnectionGet.json
 */
async function getVirtualNetworkGatewayConnection() {
  const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
  const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
  const virtualNetworkGatewayConnectionName = "connS2S";
  const credential = new DefaultAzureCredential();
  const client = new NetworkManagementClient(credential, subscriptionId);
  const result = await client.virtualNetworkGatewayConnections.get(
    resourceGroupName,
    virtualNetworkGatewayConnectionName,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;

// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/VirtualNetworkGatewayConnectionGet.json
// this example is just showing the usage of "VirtualNetworkGatewayConnections_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this VirtualNetworkGatewayConnectionResource created on azure
// for more information of creating VirtualNetworkGatewayConnectionResource, please refer to the document of VirtualNetworkGatewayConnectionResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
string virtualNetworkGatewayConnectionName = "connS2S";
ResourceIdentifier virtualNetworkGatewayConnectionResourceId = VirtualNetworkGatewayConnectionResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, virtualNetworkGatewayConnectionName);
VirtualNetworkGatewayConnectionResource virtualNetworkGatewayConnection = client.GetVirtualNetworkGatewayConnectionResource(virtualNetworkGatewayConnectionResourceId);

// invoke the operation
VirtualNetworkGatewayConnectionResource result = await virtualNetworkGatewayConnection.GetAsync();

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
VirtualNetworkGatewayConnectionData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "connS2S",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/connections/connS2S",
  "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
  "type": "Microsoft.Network/connections",
  "location": "centralus",
  "properties": {
    "provisioningState": "Succeeded",
    "resourceGuid": "00000000-0000-0000-0000-000000000000",
    "virtualNetworkGateway1": {
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw",
      "properties": {}
    },
    "localNetworkGateway2": {
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/localNetworkGateways/localgw",
      "properties": {}
    },
    "ingressNatRules": [
      {
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/natRules/natRule1"
      }
    ],
    "egressNatRules": [
      {
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/natRules/natRule2"
      }
    ],
    "connectionType": "IPsec",
    "connectionProtocol": "IKEv2",
    "routingWeight": 0,
    "dpdTimeoutSeconds": 30,
    "sharedKey": "Abc123",
    "enableBgp": false,
    "gatewayCustomBgpIpAddresses": [
      {
        "ipConfigurationId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/ipConfigurations/default",
        "customBgpIpAddress": "169.254.21.1"
      },
      {
        "ipConfigurationId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw/ipConfigurations/ActiveActive",
        "customBgpIpAddress": "169.254.21.3"
      }
    ],
    "useLocalAzureIpAddress": false,
    "usePolicyBasedTrafficSelectors": false,
    "ipsecPolicies": [],
    "trafficSelectorPolicies": [],
    "connectionStatus": "Connecting",
    "ingressBytesTransferred": 0,
    "egressBytesTransferred": 0,
    "connectionMode": "Default"
  }
}

Definitions

Name	Description
AddressSpace	AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network.
adminState	Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet
BgpSettings	BGP settings details.
CloudError	An error response from the service.
CloudErrorBody	An error response from the service.
DhGroup	The DH Groups used in IKE Phase 1 for initial SA.
ExtendedLocation	ExtendedLocation complex type.
ExtendedLocationTypes	The type of the extended location.
GatewayCustomBgpIpAddressIpConfiguration	GatewayCustomBgpIpAddressIpConfiguration for a virtual network gateway connection.
IkeEncryption	The IKE encryption algorithm (IKE phase 2).
IkeIntegrity	The IKE integrity algorithm (IKE phase 2).
IPAllocationMethod	IP address allocation method.
IpamPoolPrefixAllocation	IpamPool prefix allocation reference.
IPConfigurationBgpPeeringAddress	Properties of IPConfigurationBgpPeeringAddress.
IpsecEncryption	The IPSec encryption algorithm (IKE phase 1).
IpsecIntegrity	The IPSec integrity algorithm (IKE phase 1).
IpsecPolicy	An IPSec Policy configuration for a virtual network gateway connection.
LocalNetworkGateway	A common class for general resource information.
ManagedServiceIdentity	Identity for the resource.
PfsGroup	The Pfs Groups used in IKE Phase 2 for new child SA.
ProvisioningState	The current provisioning state.
RadiusServer	Radius Server Settings.
resiliencyModel	Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed
ResourceIdentityType	The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
SubResource	Reference to another subresource.
TrafficSelectorPolicy	An traffic selector policy for a virtual network gateway connection.
TunnelConnectionHealth	VirtualNetworkGatewayConnection properties.
UserAssignedIdentities	The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
VirtualNetworkGateway	A common class for general resource information.
VirtualNetworkGatewayAutoScaleBounds
VirtualNetworkGatewayAutoScaleConfiguration	Virtual Network Gateway Autoscale Configuration details
VirtualNetworkGatewayConnection	A common class for general resource information.
VirtualNetworkGatewayConnectionMode	Gateway connection type.
VirtualNetworkGatewayConnectionProtocol	Connection protocol used for this connection.
VirtualNetworkGatewayConnectionStatus	Virtual Network Gateway connection status.
VirtualNetworkGatewayConnectionType	Gateway connection type.
VirtualNetworkGatewayIPConfiguration	IP configuration for virtual network gateway.
VirtualNetworkGatewayNatRule	VirtualNetworkGatewayNatRule Resource.
VirtualNetworkGatewayPolicyGroup	Parameters for VirtualNetworkGatewayPolicyGroup.
VirtualNetworkGatewayPolicyGroupMember	Vpn Client Connection configuration PolicyGroup member
VirtualNetworkGatewaySku	VirtualNetworkGatewaySku details.
VirtualNetworkGatewaySkuName	Gateway SKU name.
VirtualNetworkGatewaySkuTier	Gateway SKU tier.
VirtualNetworkGatewayType	The type of this virtual network gateway.
VngClientConnectionConfiguration	A vpn client connection configuration for client connection configuration.
VpnAuthenticationType	VPN authentication types for the virtual network gateway..
VpnClientConfiguration	VpnClientConfiguration for P2S client.
VpnClientProtocol	VpnClientProtocols for Virtual network gateway.
VpnClientRevokedCertificate	VPN client revoked certificate of virtual network gateway.
VpnClientRootCertificate	VPN client root certificate of virtual network gateway.
VpnGatewayGeneration	The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.
VpnNatRuleMapping	Vpn NatRule mapping.
VpnNatRuleMode	The Source NAT direction of a VPN NAT.
VpnNatRuleType	The type of NAT rule for VPN NAT.
VpnPolicyMemberAttributeType	The Vpn Policy member attribute type.
VpnType	The type of this virtual network gateway.

AddressSpace

Object

AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network.

Name	Type	Description
addressPrefixes	string[]	A list of address blocks reserved for this virtual network in CIDR notation.
ipamPoolPrefixAllocations	IpamPoolPrefixAllocation[]	A list of IPAM Pools allocating IP address prefixes.

adminState

Enumeration

Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet

Value	Description
Disabled
Enabled

BgpSettings

Object

BGP settings details.

Name	Type	Description
asn	integer (int64) minimum: 0 maximum: 4294967295	The BGP speaker's ASN.
bgpPeeringAddress	string	The BGP peering address and BGP identifier of this BGP speaker.
bgpPeeringAddresses	IPConfigurationBgpPeeringAddress[]	BGP peering address with IP configuration ID for virtual network gateway.
peerWeight	integer (int32)	The weight added to routes learned from this BGP speaker.

CloudError

Object

An error response from the service.

Name	Type	Description
error	CloudErrorBody	Cloud error body.

CloudErrorBody

Object

An error response from the service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

DhGroup

Enumeration

The DH Groups used in IKE Phase 1 for initial SA.

Value	Description
DHGroup1
DHGroup14
DHGroup2
DHGroup2048
DHGroup24
ECP256
ECP384
None

ExtendedLocation

Object

ExtendedLocation complex type.

Name	Type	Description
name	string	The name of the extended location.
type	ExtendedLocationTypes	The type of the extended location.

ExtendedLocationTypes

Enumeration

The type of the extended location.

Value	Description
EdgeZone

GatewayCustomBgpIpAddressIpConfiguration

Object

GatewayCustomBgpIpAddressIpConfiguration for a virtual network gateway connection.

Name	Type	Description
customBgpIpAddress	string	The custom BgpPeeringAddress which belongs to IpconfigurationId.
ipConfigurationId	string	The IpconfigurationId of ipconfiguration which belongs to gateway.

IkeEncryption

Enumeration

The IKE encryption algorithm (IKE phase 2).

Value	Description
AES128
AES192
AES256
DES
DES3
GCMAES128
GCMAES256

IkeIntegrity

Enumeration

The IKE integrity algorithm (IKE phase 2).

Value	Description
GCMAES128
GCMAES256
MD5
SHA1
SHA256
SHA384

IPAllocationMethod

Enumeration

IP address allocation method.

Value	Description
Dynamic
Static

IpamPoolPrefixAllocation

Object

IpamPool prefix allocation reference.

Name	Type	Description
allocatedAddressPrefixes	string[]	List of assigned IP address prefixes in the IpamPool of the associated resource.
numberOfIpAddresses	string	Number of IP addresses to allocate.
pool.id	string (arm-id)	Resource id of the associated Azure IpamPool resource.

IPConfigurationBgpPeeringAddress

Object

Properties of IPConfigurationBgpPeeringAddress.

Name	Type	Description
customBgpIpAddresses	string[]	The list of custom BGP peering addresses which belong to IP configuration.
defaultBgpIpAddresses	string[]	The list of default BGP peering addresses which belong to IP configuration.
ipconfigurationId	string	The ID of IP configuration which belongs to gateway.
tunnelIpAddresses	string[]	The list of tunnel public IP addresses which belong to IP configuration.

IpsecEncryption

Enumeration

The IPSec encryption algorithm (IKE phase 1).

Value	Description
AES128
AES192
AES256
DES
DES3
GCMAES128
GCMAES192
GCMAES256
None

IpsecIntegrity

Enumeration

The IPSec integrity algorithm (IKE phase 1).

Value	Description
GCMAES128
GCMAES192
GCMAES256
MD5
SHA1
SHA256

IpsecPolicy

Object

An IPSec Policy configuration for a virtual network gateway connection.

Name	Type	Description
dhGroup	DhGroup	The DH Group used in IKE Phase 1 for initial SA.
ikeEncryption	IkeEncryption	The IKE encryption algorithm (IKE phase 2).
ikeIntegrity	IkeIntegrity	The IKE integrity algorithm (IKE phase 2).
ipsecEncryption	IpsecEncryption	The IPSec encryption algorithm (IKE phase 1).
ipsecIntegrity	IpsecIntegrity	The IPSec integrity algorithm (IKE phase 1).
pfsGroup	PfsGroup	The Pfs Group used in IKE Phase 2 for new child SA.
saDataSizeKilobytes	integer (int32)	The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel.
saLifeTimeSeconds	integer (int32)	The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel.

LocalNetworkGateway

Object

A common class for general resource information.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
location	string	Resource location.
name	string	Resource name.
properties.bgpSettings	BgpSettings	Local network gateway's BGP speaker settings.
properties.fqdn	string	FQDN of local network gateway.
properties.gatewayIpAddress	string	IP address of local network gateway.
properties.localNetworkAddressSpace	AddressSpace	Local network site address space.
properties.provisioningState	ProvisioningState	The provisioning state of the local network gateway resource.
properties.resourceGuid	string	The resource GUID property of the local network gateway resource.
tags	object	Resource tags.
type	string	Resource type.

ManagedServiceIdentity

Object

Identity for the resource.

Name	Type	Description
principalId	string	The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId	string	The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type	ResourceIdentityType	The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentities	UserAssignedIdentities	The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

PfsGroup

Enumeration

The Pfs Groups used in IKE Phase 2 for new child SA.

Value	Description
ECP256
ECP384
None
PFS1
PFS14
PFS2
PFS2048
PFS24
PFSMM

ProvisioningState

Enumeration

The current provisioning state.

Value	Description
Deleting
Failed
Succeeded
Updating

RadiusServer

Object

Radius Server Settings.

Name	Type	Description
radiusServerAddress	string	The address of this radius server.
radiusServerScore	integer (int64)	The initial score assigned to this radius server.
radiusServerSecret	string	The secret used for this radius server.

resiliencyModel

Enumeration

Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed

Value	Description
MultiHomed
SingleHomed

ResourceIdentityType

Enumeration

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

Value	Description
None
SystemAssigned
SystemAssigned, UserAssigned
UserAssigned

SubResource

Object

Reference to another subresource.

Name	Type	Description
id	string	Resource ID.

TrafficSelectorPolicy

Object

An traffic selector policy for a virtual network gateway connection.

Name	Type	Description
localAddressRanges	string[]	A collection of local address spaces in CIDR format.
remoteAddressRanges	string[]	A collection of remote address spaces in CIDR format.

TunnelConnectionHealth

Object

VirtualNetworkGatewayConnection properties.

Name	Type	Description
connectionStatus	VirtualNetworkGatewayConnectionStatus	Virtual Network Gateway connection status.
egressBytesTransferred	integer (int64)	The Egress Bytes Transferred in this connection.
ingressBytesTransferred	integer (int64)	The Ingress Bytes Transferred in this connection.
lastConnectionEstablishedUtcTime	string	The time at which connection was established in Utc format.
tunnel	string	Tunnel name.

UserAssignedIdentities

Object

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name	Type	Description

VirtualNetworkGateway

Object

A common class for general resource information.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
extendedLocation	ExtendedLocation	The extended location of type local virtual network gateway.
id	string	Resource ID.
identity	ManagedServiceIdentity	The identity of the virtual network gateway, if configured.
location	string	Resource location.
name	string	Resource name.
properties.activeActive	boolean	ActiveActive flag.
properties.adminState	adminState	Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet
properties.allowRemoteVnetTraffic	boolean	Configure this gateway to accept traffic from other Azure Virtual Networks. This configuration does not support connectivity to Azure Virtual WAN.
properties.allowVirtualWanTraffic	boolean	Configures this gateway to accept traffic from remote Virtual WAN networks.
properties.autoScaleConfiguration	VirtualNetworkGatewayAutoScaleConfiguration	Autoscale configuration for virutal network gateway
properties.bgpSettings	BgpSettings	Virtual network gateway's BGP speaker settings.
properties.customRoutes	AddressSpace	The reference to the address space resource which represents the custom routes address space specified by the customer for virtual network gateway and VpnClient.
properties.disableIPSecReplayProtection	boolean	disableIPSecReplayProtection flag.
properties.enableBgp	boolean	Whether BGP is enabled for this virtual network gateway or not.
properties.enableBgpRouteTranslationForNat	boolean	EnableBgpRouteTranslationForNat flag.
properties.enableDnsForwarding	boolean	Whether dns forwarding is enabled or not.
properties.enablePrivateIpAddress	boolean	Whether private IP needs to be enabled on this gateway for connections or not.
properties.gatewayDefaultSite	SubResource	The reference to the LocalNetworkGateway resource which represents local network site having default routes. Assign Null value in case of removing existing default site setting.
properties.gatewayType	VirtualNetworkGatewayType	The type of this virtual network gateway.
properties.inboundDnsForwardingEndpoint	string	The IP address allocated by the gateway to which dns requests can be sent.
properties.ipConfigurations	VirtualNetworkGatewayIPConfiguration[]	IP configurations for virtual network gateway.
properties.natRules	VirtualNetworkGatewayNatRule[]	NatRules for virtual network gateway.
properties.provisioningState	ProvisioningState	The provisioning state of the virtual network gateway resource.
properties.resiliencyModel	resiliencyModel	Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed
properties.resourceGuid	string	The resource GUID property of the virtual network gateway resource.
properties.sku	VirtualNetworkGatewaySku	The reference to the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network gateway.
properties.vNetExtendedLocationResourceId	string	Customer vnet resource id. VirtualNetworkGateway of type local gateway is associated with the customer vnet.
properties.virtualNetworkGatewayPolicyGroups	VirtualNetworkGatewayPolicyGroup[]	The reference to the VirtualNetworkGatewayPolicyGroup resource which represents the available VirtualNetworkGatewayPolicyGroup for the gateway.
properties.vpnClientConfiguration	VpnClientConfiguration	The reference to the VpnClientConfiguration resource which represents the P2S VpnClient configurations.
properties.vpnGatewayGeneration	VpnGatewayGeneration	The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.
properties.vpnType	VpnType	The type of this virtual network gateway.
tags	object	Resource tags.
type	string	Resource type.

VirtualNetworkGatewayAutoScaleBounds

Object

Name	Type	Description
max	integer	Maximum Scale Units for Autoscale configuration
min	integer	Minimum scale Units for Autoscale configuration

VirtualNetworkGatewayAutoScaleConfiguration

Object

Virtual Network Gateway Autoscale Configuration details

Name	Type	Description
bounds	VirtualNetworkGatewayAutoScaleBounds	The bounds of the autoscale configuration

VirtualNetworkGatewayConnection

Object

A common class for general resource information.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
location	string	Resource location.
name	string	Resource name.
properties.authorizationKey	string	The authorizationKey.
properties.connectionMode	VirtualNetworkGatewayConnectionMode	The connection mode for this connection.
properties.connectionProtocol	VirtualNetworkGatewayConnectionProtocol	Connection protocol used for this connection.
properties.connectionStatus	VirtualNetworkGatewayConnectionStatus	Virtual Network Gateway connection status.
properties.connectionType	VirtualNetworkGatewayConnectionType	Gateway connection type.
properties.dpdTimeoutSeconds	integer (int32)	The dead peer detection timeout of this connection in seconds.
properties.egressBytesTransferred	integer (int64)	The egress bytes transferred in this connection.
properties.egressNatRules	SubResource[]	List of egress NatRules.
properties.enableBgp	boolean	EnableBgp flag.
properties.enablePrivateLinkFastPath	boolean	Bypass the ExpressRoute gateway when accessing private-links. ExpressRoute FastPath (expressRouteGatewayBypass) must be enabled.
properties.expressRouteGatewayBypass	boolean	Bypass ExpressRoute Gateway for data forwarding.
properties.gatewayCustomBgpIpAddresses	GatewayCustomBgpIpAddressIpConfiguration[]	GatewayCustomBgpIpAddresses to be used for virtual network gateway Connection.
properties.ingressBytesTransferred	integer (int64)	The ingress bytes transferred in this connection.
properties.ingressNatRules	SubResource[]	List of ingress NatRules.
properties.ipsecPolicies	IpsecPolicy[]	The IPSec Policies to be considered by this connection.
properties.localNetworkGateway2	LocalNetworkGateway	The reference to local network gateway resource.
properties.peer	SubResource	The reference to peerings resource.
properties.provisioningState	ProvisioningState	The provisioning state of the virtual network gateway connection resource.
properties.resourceGuid	string	The resource GUID property of the virtual network gateway connection resource.
properties.routingWeight	integer (int32)	The routing weight.
properties.sharedKey	string	The IPSec shared key.
properties.trafficSelectorPolicies	TrafficSelectorPolicy[]	The Traffic Selector Policies to be considered by this connection.
properties.tunnelConnectionStatus	TunnelConnectionHealth[]	Collection of all tunnels' connection health status.
properties.useLocalAzureIpAddress	boolean	Use private local Azure IP for the connection.
properties.usePolicyBasedTrafficSelectors	boolean	Enable policy-based traffic selectors.
properties.virtualNetworkGateway1	VirtualNetworkGateway	The reference to virtual network gateway resource.
properties.virtualNetworkGateway2	VirtualNetworkGateway	The reference to virtual network gateway resource.
tags	object	Resource tags.
type	string	Resource type.

VirtualNetworkGatewayConnectionMode

Enumeration

Gateway connection type.

Value	Description
Default
InitiatorOnly
ResponderOnly

VirtualNetworkGatewayConnectionProtocol

Enumeration

Connection protocol used for this connection.

Value	Description
IKEv1
IKEv2

VirtualNetworkGatewayConnectionStatus

Enumeration

Virtual Network Gateway connection status.

Value	Description
Connected
Connecting
NotConnected
Unknown

VirtualNetworkGatewayConnectionType

Enumeration

Gateway connection type.

Value	Description
ExpressRoute
IPsec
VPNClient
Vnet2Vnet

VirtualNetworkGatewayIPConfiguration

Object

IP configuration for virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.privateIPAddress	string	Private IP Address for this gateway.
properties.privateIPAllocationMethod	IPAllocationMethod	The private IP address allocation method.
properties.provisioningState	ProvisioningState	The provisioning state of the virtual network gateway IP configuration resource.
properties.publicIPAddress	SubResource	The reference to the public IP resource.
properties.subnet	SubResource	The reference to the subnet resource.

VirtualNetworkGatewayNatRule

Object

VirtualNetworkGatewayNatRule Resource.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.externalMappings	VpnNatRuleMapping[]	The private IP address external mapping for NAT.
properties.internalMappings	VpnNatRuleMapping[]	The private IP address internal mapping for NAT.
properties.ipConfigurationId	string	The IP Configuration ID this NAT rule applies to.
properties.mode	VpnNatRuleMode	The Source NAT direction of a VPN NAT.
properties.provisioningState	ProvisioningState	The provisioning state of the NAT Rule resource.
properties.type	VpnNatRuleType	The type of NAT rule for VPN NAT.
type	string	Resource type.

VirtualNetworkGatewayPolicyGroup

Object

Parameters for VirtualNetworkGatewayPolicyGroup.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.isDefault	boolean	Shows if this is a Default VirtualNetworkGatewayPolicyGroup or not.
properties.policyMembers	VirtualNetworkGatewayPolicyGroupMember[]	Multiple PolicyMembers for VirtualNetworkGatewayPolicyGroup.
properties.priority	integer (int32)	Priority for VirtualNetworkGatewayPolicyGroup.
properties.provisioningState	ProvisioningState	The provisioning state of the VirtualNetworkGatewayPolicyGroup resource.
properties.vngClientConnectionConfigurations	SubResource[]	List of references to vngClientConnectionConfigurations.

VirtualNetworkGatewayPolicyGroupMember

Object

Vpn Client Connection configuration PolicyGroup member

Name	Type	Description
attributeType	VpnPolicyMemberAttributeType	The Vpn Policy member attribute type.
attributeValue	string	The value of Attribute used for this VirtualNetworkGatewayPolicyGroupMember.
name	string	Name of the VirtualNetworkGatewayPolicyGroupMember.

VirtualNetworkGatewaySku

Object

VirtualNetworkGatewaySku details.

Name	Type	Description
capacity	integer (int32)	The capacity.
name	VirtualNetworkGatewaySkuName	Gateway SKU name.
tier	VirtualNetworkGatewaySkuTier	Gateway SKU tier.

VirtualNetworkGatewaySkuName

Enumeration

Gateway SKU name.

Value	Description
Basic
ErGw1AZ
ErGw2AZ
ErGw3AZ
ErGwScale
HighPerformance
Standard
UltraPerformance
VpnGw1
VpnGw1AZ
VpnGw2
VpnGw2AZ
VpnGw3
VpnGw3AZ
VpnGw4
VpnGw4AZ
VpnGw5
VpnGw5AZ

VirtualNetworkGatewaySkuTier

Enumeration

Gateway SKU tier.

Value	Description
Basic
ErGw1AZ
ErGw2AZ
ErGw3AZ
ErGwScale
HighPerformance
Standard
UltraPerformance
VpnGw1
VpnGw1AZ
VpnGw2
VpnGw2AZ
VpnGw3
VpnGw3AZ
VpnGw4
VpnGw4AZ
VpnGw5
VpnGw5AZ

VirtualNetworkGatewayType

Enumeration

The type of this virtual network gateway.

Value	Description
ExpressRoute
LocalGateway
Vpn

VngClientConnectionConfiguration

Object

A vpn client connection configuration for client connection configuration.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VngClientConnectionConfiguration resource.
properties.virtualNetworkGatewayPolicyGroups	SubResource[]	List of references to virtualNetworkGatewayPolicyGroups
properties.vpnClientAddressPool	AddressSpace	The reference to the address space resource which represents Address space for P2S VpnClient.

VpnAuthenticationType

Enumeration

VPN authentication types for the virtual network gateway..

Value	Description
AAD
Certificate
Radius

VpnClientConfiguration

Object

VpnClientConfiguration for P2S client.

Name	Type	Description
aadAudience	string	The AADAudience property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
aadIssuer	string	The AADIssuer property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
aadTenant	string	The AADTenant property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
radiusServerAddress	string	The radius server address property of the VirtualNetworkGateway resource for vpn client connection.
radiusServerSecret	string	The radius secret property of the VirtualNetworkGateway resource for vpn client connection.
radiusServers	RadiusServer[]	The radiusServers property for multiple radius server configuration.
vngClientConnectionConfigurations	VngClientConnectionConfiguration[]	per ip address pool connection policy for virtual network gateway P2S client.
vpnAuthenticationTypes	VpnAuthenticationType[]	VPN authentication types for the virtual network gateway..
vpnClientAddressPool	AddressSpace	The reference to the address space resource which represents Address space for P2S VpnClient.
vpnClientIpsecPolicies	IpsecPolicy[]	VpnClientIpsecPolicies for virtual network gateway P2S client.
vpnClientProtocols	VpnClientProtocol[]	VpnClientProtocols for Virtual network gateway.
vpnClientRevokedCertificates	VpnClientRevokedCertificate[]	VpnClientRevokedCertificate for Virtual network gateway.
vpnClientRootCertificates	VpnClientRootCertificate[]	VpnClientRootCertificate for virtual network gateway.

VpnClientProtocol

Enumeration

VpnClientProtocols for Virtual network gateway.

Value	Description
IkeV2
OpenVPN
SSTP

VpnClientRevokedCertificate

Object

VPN client revoked certificate of virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VPN client revoked certificate resource.
properties.thumbprint	string	The revoked VPN client certificate thumbprint.

VpnClientRootCertificate

Object

VPN client root certificate of virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VPN client root certificate resource.
properties.publicCertData	string	The certificate public data.

VpnGatewayGeneration

Enumeration

The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.

Value	Description
Generation1
Generation2
None

VpnNatRuleMapping

Object

Vpn NatRule mapping.

Name	Type	Description
addressSpace	string	Address space for Vpn NatRule mapping.
portRange	string	Port range for Vpn NatRule mapping.

VpnNatRuleMode

Enumeration

The Source NAT direction of a VPN NAT.

Value	Description
EgressSnat
IngressSnat

VpnNatRuleType

Enumeration

The type of NAT rule for VPN NAT.

Value	Description
Dynamic
Static

VpnPolicyMemberAttributeType

Enumeration

The Vpn Policy member attribute type.

Value	Description
AADGroupId
CertificateGroupId
RadiusAzureGroupId

VpnType

Enumeration

The type of this virtual network gateway.

Value	Description
PolicyBased
RouteBased