diff --git a/schemas/2014-04-01-preview/deploymentTemplate.json b/schemas/2014-04-01-preview/deploymentTemplate.json index eae1be8e74..ba256c7e3d 100644 --- a/schemas/2014-04-01-preview/deploymentTemplate.json +++ b/schemas/2014-04-01-preview/deploymentTemplate.json @@ -1214,6 +1214,63 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/azureFirewalls" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/bastionHosts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosCustomPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosProtectionPlans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_authorizations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings_connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways_expressRouteConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ExpressRoutePorts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies_ruleGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ipGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers_inboundNatRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces_tapConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkProfiles" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups_securityRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers_packetCaptures" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/p2svpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateEndpoints" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices_privateEndpointConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPPrefixes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters_routeFilterRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables_routes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies_serviceEndpointPolicyDefinitions" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs_routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_subnets" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_virtualNetworkPeerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkTaps" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualWans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/connections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, diff --git a/schemas/2015-01-01/deploymentTemplate.json b/schemas/2015-01-01/deploymentTemplate.json index 14afc38396..09cdf1ac57 100644 --- a/schemas/2015-01-01/deploymentTemplate.json +++ b/schemas/2015-01-01/deploymentTemplate.json @@ -1218,6 +1218,63 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/azureFirewalls" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/bastionHosts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosCustomPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosProtectionPlans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_authorizations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings_connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways_expressRouteConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ExpressRoutePorts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies_ruleGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ipGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers_inboundNatRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces_tapConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkProfiles" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups_securityRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers_packetCaptures" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/p2svpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateEndpoints" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices_privateEndpointConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPPrefixes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters_routeFilterRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables_routes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies_serviceEndpointPolicyDefinitions" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs_routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_subnets" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_virtualNetworkPeerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkTaps" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualWans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/connections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, diff --git a/schemas/2019-04-01/deploymentTemplate.json b/schemas/2019-04-01/deploymentTemplate.json index a324e85c70..2c6cd73b54 100644 --- a/schemas/2019-04-01/deploymentTemplate.json +++ b/schemas/2019-04-01/deploymentTemplate.json @@ -1144,6 +1144,63 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/azureFirewalls" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/bastionHosts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosCustomPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ddosProtectionPlans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_authorizations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCircuits_peerings_connections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteCrossConnections_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/expressRouteGateways_expressRouteConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ExpressRoutePorts" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/firewallPolicies_ruleGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ipGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers_inboundNatRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces_tapConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkProfiles" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups_securityRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkWatchers_packetCaptures" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/p2svpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateEndpoints" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/privateLinkServices_privateEndpointConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPPrefixes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeFilters_routeFilterRules" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables_routes" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/serviceEndpointPolicies_serviceEndpointPolicyDefinitions" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualHubs_routeTables" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_subnets" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_virtualNetworkPeerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkTaps" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualRouters_peerings" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualWans" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnGateways_vpnConnections" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnServerConfigurations" }, + { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/vpnSites" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/natGateways" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/connections" }, { "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways" }, diff --git a/schemas/2019-09-01/Microsoft.Network.json b/schemas/2019-09-01/Microsoft.Network.json new file mode 100644 index 0000000000..2450dd7f42 --- /dev/null +++ b/schemas/2019-09-01/Microsoft.Network.json @@ -0,0 +1,14389 @@ +{ + "id": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Network", + "description": "Microsoft Network Resource Types", + "resourceDefinitions": { + "applicationGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/applicationGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting where the resource needs to come from." + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedServiceIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The identity of the application gateway, if configured." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/applicationGateways" + }, + "ApplicationGatewayWebApplicationFirewallPolicies": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/WebApplicationFirewallPolicyPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the web application firewall policy." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies" + }, + "applicationSecurityGroups": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/applicationSecurityGroups" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationSecurityGroupPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application security group." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/applicationSecurityGroups" + }, + "azureFirewalls": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/azureFirewalls" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the azure firewall." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting where the resource needs to come from." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/azureFirewalls" + }, + "bastionHosts": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/bastionHosts" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BastionHostPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Represents the bastion host resource." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/bastionHosts" + }, + "connections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/connections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkGatewayConnectionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network gateway connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/connections" + }, + "ddosCustomPolicies": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/ddosCustomPolicies" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DdosCustomPolicyPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the DDoS custom policy." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/ddosCustomPolicies" + }, + "ddosProtectionPlans": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/ddosProtectionPlans" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DdosProtectionPlanPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the DDoS protection plan." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/ddosProtectionPlans" + }, + "expressRouteCircuits": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCircuits" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitSku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The SKU." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/expressRouteCircuits_peerings_childResource" + }, + { + "$ref": "#/definitions/expressRouteCircuits_authorizations_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits" + }, + "expressRouteCircuits_authorizations": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCircuits/authorizations" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AuthorizationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit authorization." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/authorizations" + }, + "expressRouteCircuits_peerings": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCircuits/peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit peering." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/expressRouteCircuits_peerings_connections_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/peerings" + }, + "expressRouteCircuits_peerings_connections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCircuits/peerings/connections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitConnectionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/peerings/connections" + }, + "expressRouteCrossConnections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCrossConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCrossConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route cross connection." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/expressRouteCrossConnections_peerings_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/expressRouteCrossConnections" + }, + "expressRouteCrossConnections_peerings": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteCrossConnections/peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCrossConnectionPeeringProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route cross connection peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCrossConnections/peerings" + }, + "expressRouteGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteGatewayProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route gateway." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/expressRouteGateways_expressRouteConnections_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/expressRouteGateways" + }, + "expressRouteGateways_expressRouteConnections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/expressRouteGateways/expressRouteConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteGateways/expressRouteConnections" + }, + "ExpressRoutePorts": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/ExpressRoutePorts" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRoutePortPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "ExpressRoutePort properties." + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedServiceIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The identity of ExpressRoutePort, if configured." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/ExpressRoutePorts" + }, + "firewallPolicies": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/firewallPolicies" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the firewall policy." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/firewallPolicies_ruleGroups_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/firewallPolicies" + }, + "firewallPolicies_ruleGroups": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/firewallPolicies/ruleGroups" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyRuleGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The properties of the firewall policy rule group." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/firewallPolicies/ruleGroups" + }, + "ipGroups": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/ipGroups" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/IpGroupPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the IpGroups." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/ipGroups" + }, + "loadBalancers": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/loadBalancers" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/LoadBalancerSku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The load balancer SKU." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LoadBalancerPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/loadBalancers_inboundNatRules_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/loadBalancers" + }, + "loadBalancers_inboundNatRules": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/loadBalancers/inboundNatRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InboundNatRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer inbound nat rule." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + "localNetworkGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/localNetworkGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LocalNetworkGatewayPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the local network gateway." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/localNetworkGateways" + }, + "natGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/natGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/NatGatewaySku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The nat gateway SKU." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NatGatewayPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Nat Gateway properties." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting the zone in which Nat Gateway should be deployed." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/natGateways" + }, + "networkInterfaces": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkInterfaces" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkInterfacePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the network interface." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/networkInterfaces_tapConfigurations_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/networkInterfaces" + }, + "networkInterfaces_tapConfigurations": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkInterfaces/tapConfigurations" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkInterfaceTapConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the Virtual Network Tap configuration." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkInterfaces/tapConfigurations" + }, + "networkProfiles": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkProfiles" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfilePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Network profile properties." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/networkProfiles" + }, + "networkSecurityGroups": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkSecurityGroups" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkSecurityGroupPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the network security group." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/networkSecurityGroups_securityRules_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/networkSecurityGroups" + }, + "networkSecurityGroups_securityRules": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkSecurityGroups/securityRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the security rule." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkSecurityGroups/securityRules" + }, + "networkWatchers": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkWatchers" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkWatcherPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the network watcher." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/networkWatchers_packetCaptures_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/networkWatchers" + }, + "networkWatchers_packetCaptures": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/networkWatchers/packetCaptures" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PacketCaptureParameters" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the packet capture." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkWatchers/packetCaptures" + }, + "p2svpnGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/p2svpnGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/P2SVpnGatewayProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the P2SVpnGateway." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/p2svpnGateways" + }, + "privateEndpoints": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/privateEndpoints" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private endpoint." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/privateEndpoints" + }, + "privateLinkServices": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/privateLinkServices" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private link service." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/privateLinkServices_privateEndpointConnections_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/privateLinkServices" + }, + "privateLinkServices_privateEndpointConnections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/privateLinkServices/privateEndpointConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private end point connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/privateLinkServices/privateEndpointConnections" + }, + "publicIPAddresses": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/publicIPAddresses" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/PublicIPAddressSku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The public IP address SKU." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PublicIPAddressPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Public IP address properties." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting the IP allocated for the resource needs to come from." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/publicIPAddresses" + }, + "publicIPPrefixes": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/publicIPPrefixes" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/PublicIPPrefixSku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The public IP prefix SKU." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PublicIPPrefixPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Public IP prefix properties." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting the IP allocated for the resource needs to come from." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/publicIPPrefixes" + }, + "routeFilters": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/routeFilters" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RouteFilterPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route filter." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/routeFilters_routeFilterRules_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/routeFilters" + }, + "routeFilters_routeFilterRules": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/routeFilters/routeFilterRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RouteFilterRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route filter rule." + }, + "location": { + "type": "string", + "description": "Resource location." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/routeFilters/routeFilterRules" + }, + "routeTables": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/routeTables" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RouteTablePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route table." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/routeTables_routes_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/routeTables" + }, + "routeTables_routes": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/routeTables/routes" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoutePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/routeTables/routes" + }, + "serviceEndpointPolicies": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/serviceEndpointPolicies" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServiceEndpointPolicyPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the service end point policy." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/serviceEndpointPolicies_serviceEndpointPolicyDefinitions_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/serviceEndpointPolicies" + }, + "serviceEndpointPolicies_serviceEndpointPolicyDefinitions": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/serviceEndpointPolicies/serviceEndpointPolicyDefinitions" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServiceEndpointPolicyDefinitionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the service endpoint policy definition." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/serviceEndpointPolicies/serviceEndpointPolicyDefinitions" + }, + "virtualHubs": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualHubs" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualHubProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual hub." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/virtualHubs_routeTables_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualHubs" + }, + "virtualHubs_routeTables": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualHubs/routeTables" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualHubRouteTableV2Properties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual hub route table v2." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualHubs/routeTables" + }, + "virtualNetworkGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualNetworkGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkGatewayPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network gateway." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualNetworkGateways" + }, + "virtualNetworks": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualNetworks" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/virtualNetworks_virtualNetworkPeerings_childResource" + }, + { + "$ref": "#/definitions/virtualNetworks_subnets_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualNetworks" + }, + "virtualNetworks_subnets": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualNetworks/subnets" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SubnetPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the subnet." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualNetworks/subnets" + }, + "virtualNetworks_virtualNetworkPeerings": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" + }, + "virtualNetworkTaps": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualNetworkTaps" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkTapPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Virtual Network Tap Properties." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualNetworkTaps" + }, + "virtualRouters": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualRouters" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualRouterPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the Virtual Router." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/virtualRouters_peerings_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualRouters" + }, + "virtualRouters_peerings": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualRouters/peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualRouterPeeringProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The properties of the Virtual Router Peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualRouters/peerings" + }, + "virtualWans": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/virtualWans" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualWanProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual WAN." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/virtualWans" + }, + "vpnGateways": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/vpnGateways" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnGatewayProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN gateway." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/vpnGateways_vpnConnections_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/vpnGateways" + }, + "vpnGateways_vpnConnections": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/vpnGateways/vpnConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/vpnGateways/vpnConnections" + }, + "vpnServerConfigurations": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/vpnServerConfigurations" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnServerConfigurationProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the P2SVpnServer configuration." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/vpnServerConfigurations" + }, + "vpnSites": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Network/vpnSites" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnSiteProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN site." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "location", + "properties" + ], + "description": "Microsoft.Network/vpnSites" + } + }, + "definitions": { + "AadAuthenticationParameters": { + "type": "object", + "properties": { + "aadTenant": { + "type": "string", + "description": "AAD Vpn authentication parameter AAD tenant." + }, + "aadAudience": { + "type": "string", + "description": "AAD Vpn authentication parameter AAD audience." + }, + "aadIssuer": { + "type": "string", + "description": "AAD Vpn authentication parameter AAD issuer." + } + }, + "description": "AAD Vpn authentication type related parameters." + }, + "AddressSpace": { + "type": "object", + "properties": { + "addressPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of address blocks reserved for this virtual network in CIDR notation." + } + }, + "required": [ + "addressPrefixes" + ], + "description": "AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network." + }, + "ApplicationGatewayAuthenticationCertificate": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayAuthenticationCertificatePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway authentication certificate." + }, + "name": { + "type": "string", + "description": "Name of the authentication certificate that is unique within an Application Gateway." + } + }, + "description": "Authentication certificates of an application gateway." + }, + "ApplicationGatewayAuthenticationCertificatePropertiesFormat": { + "type": "object", + "properties": { + "data": { + "type": "string", + "description": "Certificate public data." + } + }, + "description": "Authentication certificates properties of an application gateway." + }, + "ApplicationGatewayAutoscaleConfiguration": { + "type": "object", + "properties": { + "minCapacity": { + "oneOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Lower bound on number of Application Gateway capacity." + }, + "maxCapacity": { + "oneOf": [ + { + "type": "integer", + "minimum": 2 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Upper bound on number of Application Gateway capacity." + } + }, + "required": [ + "minCapacity" + ], + "description": "Application Gateway autoscale configuration." + }, + "ApplicationGatewayBackendAddress": { + "type": "object", + "properties": { + "fqdn": { + "type": "string", + "description": "Fully qualified domain name (FQDN)." + }, + "ipAddress": { + "type": "string", + "description": "IP address." + } + }, + "description": "Backend address of an application gateway." + }, + "ApplicationGatewayBackendAddressPool": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayBackendAddressPoolPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway backend address pool." + }, + "name": { + "type": "string", + "description": "Name of the backend address pool that is unique within an Application Gateway." + } + }, + "description": "Backend Address Pool of an application gateway." + }, + "ApplicationGatewayBackendAddressPoolPropertiesFormat": { + "type": "object", + "properties": { + "backendAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayBackendAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend addresses." + } + }, + "description": "Properties of Backend Address Pool of an application gateway." + }, + "ApplicationGatewayBackendHttpSettings": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayBackendHttpSettingsPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway backend HTTP settings." + }, + "name": { + "type": "string", + "description": "Name of the backend http settings that is unique within an Application Gateway." + } + }, + "description": "Backend address pool settings of an application gateway." + }, + "ApplicationGatewayBackendHttpSettingsPropertiesFormat": { + "type": "object", + "properties": { + "port": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The destination port on the backend." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Https" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol used to communicate with the backend." + }, + "cookieBasedAffinity": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Cookie based affinity." + }, + "requestTimeout": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds." + }, + "probe": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Probe resource of an application gateway." + }, + "authenticationCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of references to application gateway authentication certificates." + }, + "trustedRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of references to application gateway trusted root certificates." + }, + "connectionDraining": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayConnectionDraining" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Connection draining of the backend http settings resource." + }, + "hostName": { + "type": "string", + "description": "Host header to be sent to the backend servers." + }, + "pickHostNameFromBackendAddress": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether to pick host header should be picked from the host name of the backend server. Default value is false." + }, + "affinityCookieName": { + "type": "string", + "description": "Cookie name to use for the affinity cookie." + }, + "probeEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the probe is enabled. Default value is false." + }, + "path": { + "type": "string", + "description": "Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null." + } + }, + "description": "Properties of Backend address pool settings of an application gateway." + }, + "ApplicationGatewayConnectionDraining": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether connection draining is enabled or not." + }, + "drainTimeoutInSec": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 3600 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds." + } + }, + "required": [ + "enabled", + "drainTimeoutInSec" + ], + "description": "Connection draining allows open connections to a backend server to be active for a specified time after the backend server got removed from the configuration." + }, + "ApplicationGatewayCustomError": { + "type": "object", + "properties": { + "statusCode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "HttpStatus403", + "HttpStatus502" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Status code of the application gateway customer error." + }, + "customErrorPageUrl": { + "type": "string", + "description": "Error page URL of the application gateway customer error." + } + }, + "description": "Customer error of an application gateway." + }, + "ApplicationGatewayFirewallDisabledRuleGroup": { + "type": "object", + "properties": { + "ruleGroupName": { + "type": "string", + "description": "The name of the rule group that will be disabled." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "integer" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of rules that will be disabled. If null, all rules of the rule group will be disabled." + } + }, + "required": [ + "ruleGroupName" + ], + "description": "Allows to disable rules within a rule group or an entire rule group." + }, + "ApplicationGatewayFirewallExclusion": { + "type": "object", + "properties": { + "matchVariable": { + "type": "string", + "description": "The variable to be excluded." + }, + "selectorMatchOperator": { + "type": "string", + "description": "When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to." + }, + "selector": { + "type": "string", + "description": "When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to." + } + }, + "required": [ + "matchVariable", + "selectorMatchOperator", + "selector" + ], + "description": "Allow to exclude some variable satisfy the condition for the WAF check." + }, + "ApplicationGatewayFrontendIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayFrontendIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway frontend IP configuration." + }, + "name": { + "type": "string", + "description": "Name of the frontend IP configuration that is unique within an Application Gateway." + } + }, + "description": "Frontend IP configuration of an application gateway." + }, + "ApplicationGatewayFrontendIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "privateIPAddress": { + "type": "string", + "description": "PrivateIPAddress of the network interface IP Configuration." + }, + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The private IP address allocation method." + }, + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the subnet resource." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the PublicIP resource." + } + }, + "description": "Properties of Frontend IP configuration of an application gateway." + }, + "ApplicationGatewayFrontendPort": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayFrontendPortPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway frontend port." + }, + "name": { + "type": "string", + "description": "Name of the frontend port that is unique within an Application Gateway." + } + }, + "description": "Frontend port of an application gateway." + }, + "ApplicationGatewayFrontendPortPropertiesFormat": { + "type": "object", + "properties": { + "port": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Frontend port." + } + }, + "description": "Properties of Frontend port of an application gateway." + }, + "ApplicationGatewayHeaderConfiguration": { + "type": "object", + "properties": { + "headerName": { + "type": "string", + "description": "Header name of the header configuration." + }, + "headerValue": { + "type": "string", + "description": "Header value of the header configuration." + } + }, + "description": "Header configuration of the Actions set in Application Gateway." + }, + "ApplicationGatewayHttpListener": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayHttpListenerPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway HTTP listener." + }, + "name": { + "type": "string", + "description": "Name of the HTTP listener that is unique within an Application Gateway." + } + }, + "description": "Http listener of an application gateway." + }, + "ApplicationGatewayHttpListenerPropertiesFormat": { + "type": "object", + "properties": { + "frontendIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Frontend IP configuration resource of an application gateway." + }, + "frontendPort": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Frontend port resource of an application gateway." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Https" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Protocol of the HTTP listener." + }, + "hostName": { + "type": "string", + "description": "Host name of HTTP listener." + }, + "sslCertificate": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "SSL certificate resource of an application gateway." + }, + "requireServerNameIndication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Applicable only if protocol is https. Enables SNI for multi-hosting." + }, + "customErrorConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayCustomError" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Custom error configurations of the HTTP listener." + }, + "firewallPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to the FirewallPolicy resource." + }, + "hostnames": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of Host names for HTTP Listener that allows special wildcard characters as well." + } + }, + "description": "Properties of HTTP listener of an application gateway." + }, + "ApplicationGatewayIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway IP configuration." + }, + "name": { + "type": "string", + "description": "Name of the IP configuration that is unique within an Application Gateway." + } + }, + "description": "IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed." + }, + "ApplicationGatewayIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the subnet resource. A subnet from where application gateway gets its private address." + } + }, + "description": "Properties of IP configuration of an application gateway." + }, + "ApplicationGatewayPathRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayPathRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway path rule." + }, + "name": { + "type": "string", + "description": "Name of the path rule that is unique within an Application Gateway." + } + }, + "description": "Path rule of URL path map of an application gateway." + }, + "ApplicationGatewayPathRulePropertiesFormat": { + "type": "object", + "properties": { + "paths": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Path rules of URL path map." + }, + "backendAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend address pool resource of URL path map path rule." + }, + "backendHttpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend http settings resource of URL path map path rule." + }, + "redirectConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Redirect configuration resource of URL path map path rule." + }, + "rewriteRuleSet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rewrite rule set resource of URL path map path rule." + }, + "firewallPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to the FirewallPolicy resource." + } + }, + "description": "Properties of path rule of an application gateway." + }, + "ApplicationGatewayProbe": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayProbePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway probe." + }, + "name": { + "type": "string", + "description": "Name of the probe that is unique within an Application Gateway." + } + }, + "description": "Probe of the application gateway." + }, + "ApplicationGatewayProbeHealthResponseMatch": { + "type": "object", + "properties": { + "body": { + "type": "string", + "description": "Body that must be contained in the health response. Default value is empty." + }, + "statusCodes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399." + } + }, + "description": "Application gateway probe health response match." + }, + "ApplicationGatewayProbePropertiesFormat": { + "type": "object", + "properties": { + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Https" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol used for the probe." + }, + "host": { + "type": "string", + "description": "Host name to send the probe to." + }, + "path": { + "type": "string", + "description": "Relative path of probe. Valid path starts from '/'. Probe is sent to ://:." + }, + "interval": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds." + }, + "timeout": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds." + }, + "unhealthyThreshold": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20." + }, + "pickHostNameFromBackendHttpSettings": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the host header should be picked from the backend http settings. Default value is false." + }, + "minServers": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Minimum number of servers that are always marked healthy. Default value is 0." + }, + "match": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayProbeHealthResponseMatch" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Criterion for classifying a healthy probe response." + }, + "port": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Standard_v2 and WAF_v2 only." + } + }, + "description": "Properties of probe of an application gateway." + }, + "ApplicationGatewayPropertiesFormat": { + "type": "object", + "properties": { + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewaySku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "SKU of the application gateway resource." + }, + "sslPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewaySslPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "SSL policy of the application gateway resource." + }, + "gatewayIPConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Subnets of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "authenticationCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayAuthenticationCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Authentication certificates of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "trustedRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayTrustedRootCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Trusted Root certificates of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "sslCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewaySslCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "SSL certificates of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "frontendIPConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayFrontendIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Frontend IP addresses of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "frontendPorts": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayFrontendPort" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Frontend ports of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "probes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayProbe" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Probes of the application gateway resource." + }, + "backendAddressPools": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayBackendAddressPool" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend address pool of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "backendHttpSettingsCollection": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayBackendHttpSettings" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend http settings of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "httpListeners": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayHttpListener" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Http listeners of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "urlPathMaps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayUrlPathMap" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "URL path map of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "requestRoutingRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayRequestRoutingRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Request routing rules of the application gateway resource." + }, + "rewriteRuleSets": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayRewriteRuleSet" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rewrite rules for the application gateway resource." + }, + "redirectConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayRedirectConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Redirect configurations of the application gateway resource. For default limits, see [Application Gateway limits](https://docs.microsoft.com/azure/azure-subscription-service-limits#application-gateway-limits)." + }, + "webApplicationFirewallConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayWebApplicationFirewallConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Web application firewall configuration." + }, + "firewallPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the FirewallPolicy resource." + }, + "enableHttp2": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether HTTP2 is enabled on the application gateway resource." + }, + "enableFips": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether FIPS is enabled on the application gateway resource." + }, + "autoscaleConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayAutoscaleConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Autoscale Configuration." + }, + "customErrorConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayCustomError" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Custom error configurations of the application gateway resource." + } + }, + "description": "Properties of the application gateway." + }, + "ApplicationGatewayRedirectConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayRedirectConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway redirect configuration." + }, + "name": { + "type": "string", + "description": "Name of the redirect configuration that is unique within an Application Gateway." + } + }, + "description": "Redirect configuration of an application gateway." + }, + "ApplicationGatewayRedirectConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "redirectType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Permanent", + "Found", + "SeeOther", + "Temporary" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "HTTP redirection type." + }, + "targetListener": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to a listener to redirect the request to." + }, + "targetUrl": { + "type": "string", + "description": "Url to redirect the request to." + }, + "includePath": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Include path in the redirected url." + }, + "includeQueryString": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Include query string in the redirected url." + }, + "requestRoutingRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Request routing specifying redirect configuration." + }, + "urlPathMaps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Url path maps specifying default redirect configuration." + }, + "pathRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Path rules specifying redirect configuration." + } + }, + "description": "Properties of redirect configuration of the application gateway." + }, + "ApplicationGatewayRequestRoutingRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayRequestRoutingRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway request routing rule." + }, + "name": { + "type": "string", + "description": "Name of the request routing rule that is unique within an Application Gateway." + } + }, + "description": "Request routing rule of an application gateway." + }, + "ApplicationGatewayRequestRoutingRulePropertiesFormat": { + "type": "object", + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "PathBasedRouting" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rule type." + }, + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 20000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the request routing rule." + }, + "backendAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend address pool resource of the application gateway." + }, + "backendHttpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Backend http settings resource of the application gateway." + }, + "httpListener": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Http listener resource of the application gateway." + }, + "urlPathMap": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "URL path map resource of the application gateway." + }, + "rewriteRuleSet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rewrite Rule Set resource in Basic rule of the application gateway." + }, + "redirectConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Redirect configuration resource of the application gateway." + } + }, + "description": "Properties of request routing rule of the application gateway." + }, + "ApplicationGatewayRewriteRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the rewrite rule that is unique within an Application Gateway." + }, + "ruleSequence": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rule Sequence of the rewrite rule that determines the order of execution of a particular rule in a RewriteRuleSet." + }, + "conditions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayRewriteRuleCondition" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Conditions based on which the action set execution will be evaluated." + }, + "actionSet": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayRewriteRuleActionSet" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Set of actions to be done as part of the rewrite Rule." + } + }, + "description": "Rewrite rule of an application gateway." + }, + "ApplicationGatewayRewriteRuleActionSet": { + "type": "object", + "properties": { + "requestHeaderConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayHeaderConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Request Header Actions in the Action Set." + }, + "responseHeaderConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayHeaderConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Response Header Actions in the Action Set." + } + }, + "description": "Set of actions in the Rewrite Rule in Application Gateway." + }, + "ApplicationGatewayRewriteRuleCondition": { + "type": "object", + "properties": { + "variable": { + "type": "string", + "description": "The condition parameter of the RewriteRuleCondition." + }, + "pattern": { + "type": "string", + "description": "The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition." + }, + "ignoreCase": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Setting this paramter to truth value with force the pattern to do a case in-sensitive comparison." + }, + "negate": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Setting this value as truth will force to check the negation of the condition given by the user." + } + }, + "description": "Set of conditions in the Rewrite Rule in Application Gateway." + }, + "ApplicationGatewayRewriteRuleSet": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayRewriteRuleSetPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway rewrite rule set." + }, + "name": { + "type": "string", + "description": "Name of the rewrite rule set that is unique within an Application Gateway." + } + }, + "description": "Rewrite rule set of an application gateway." + }, + "ApplicationGatewayRewriteRuleSetPropertiesFormat": { + "type": "object", + "properties": { + "rewriteRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayRewriteRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Rewrite rules in the rewrite rule set." + } + }, + "description": "Properties of rewrite rule set of the application gateway." + }, + "ApplicationGatewaySku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard_Small", + "Standard_Medium", + "Standard_Large", + "WAF_Medium", + "WAF_Large", + "Standard_v2", + "WAF_v2" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of an application gateway SKU." + }, + "tier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard", + "WAF", + "Standard_v2", + "WAF_v2" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Tier of an application gateway." + }, + "capacity": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Capacity (instance count) of an application gateway." + } + }, + "description": "SKU of an application gateway." + }, + "ApplicationGatewaySslCertificate": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewaySslCertificatePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway SSL certificate." + }, + "name": { + "type": "string", + "description": "Name of the SSL certificate that is unique within an Application Gateway." + } + }, + "description": "SSL certificates of an application gateway." + }, + "ApplicationGatewaySslCertificatePropertiesFormat": { + "type": "object", + "properties": { + "data": { + "type": "string", + "description": "Base-64 encoded pfx certificate. Only applicable in PUT Request." + }, + "password": { + "type": "string", + "description": "Password for the pfx file specified in data. Only applicable in PUT request." + }, + "keyVaultSecretId": { + "type": "string", + "description": "Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault." + } + }, + "description": "Properties of SSL certificates of an application gateway." + }, + "ApplicationGatewaySslPolicy": { + "type": "object", + "properties": { + "disabledSslProtocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "TLSv1_0", + "TLSv1_1", + "TLSv1_2" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Ssl protocols to be disabled on application gateway." + }, + "policyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Predefined", + "Custom" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Type of Ssl Policy." + }, + "policyName": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AppGwSslPolicy20150501", + "AppGwSslPolicy20170401", + "AppGwSslPolicy20170401S" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of Ssl predefined policy." + }, + "cipherSuites": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_RSA_WITH_AES_256_GCM_SHA384", + "TLS_RSA_WITH_AES_128_GCM_SHA256", + "TLS_RSA_WITH_AES_256_CBC_SHA256", + "TLS_RSA_WITH_AES_128_CBC_SHA256", + "TLS_RSA_WITH_AES_256_CBC_SHA", + "TLS_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Ssl cipher suites to be enabled in the specified order to application gateway." + }, + "minProtocolVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TLSv1_0", + "TLSv1_1", + "TLSv1_2" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Minimum version of Ssl protocol to be supported on application gateway." + } + }, + "description": "Application Gateway Ssl policy." + }, + "ApplicationGatewayTrustedRootCertificate": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayTrustedRootCertificatePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway trusted root certificate." + }, + "name": { + "type": "string", + "description": "Name of the trusted root certificate that is unique within an Application Gateway." + } + }, + "description": "Trusted Root certificates of an application gateway." + }, + "ApplicationGatewayTrustedRootCertificatePropertiesFormat": { + "type": "object", + "properties": { + "data": { + "type": "string", + "description": "Certificate public data." + }, + "keyVaultSecretId": { + "type": "string", + "description": "Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault." + } + }, + "description": "Trusted Root certificates properties of an application gateway." + }, + "ApplicationGatewayUrlPathMap": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ApplicationGatewayUrlPathMapPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the application gateway URL path map." + }, + "name": { + "type": "string", + "description": "Name of the URL path map that is unique within an Application Gateway." + } + }, + "description": "UrlPathMaps give a url path to the backend mapping information for PathBasedRouting." + }, + "ApplicationGatewayUrlPathMapPropertiesFormat": { + "type": "object", + "properties": { + "defaultBackendAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Default backend address pool resource of URL path map." + }, + "defaultBackendHttpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Default backend http settings resource of URL path map." + }, + "defaultRewriteRuleSet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Default Rewrite rule set resource of URL path map." + }, + "defaultRedirectConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Default redirect configuration resource of URL path map." + }, + "pathRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayPathRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Path rule of URL path map resource." + } + }, + "description": "Properties of UrlPathMap of the application gateway." + }, + "ApplicationGatewayWebApplicationFirewallConfiguration": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the web application firewall is enabled or not." + }, + "firewallMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Detection", + "Prevention" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Web application firewall mode." + }, + "ruleSetType": { + "type": "string", + "description": "The type of the web application firewall rule set. Possible values are: 'OWASP'." + }, + "ruleSetVersion": { + "type": "string", + "description": "The version of the rule set type." + }, + "disabledRuleGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayFirewallDisabledRuleGroup" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The disabled rule groups." + }, + "requestBodyCheck": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether allow WAF to check request Body." + }, + "maxRequestBodySize": { + "oneOf": [ + { + "type": "integer", + "minimum": 8, + "maximum": 128 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum request body size for WAF." + }, + "maxRequestBodySizeInKb": { + "oneOf": [ + { + "type": "integer", + "minimum": 8, + "maximum": 128 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum request body size in Kb for WAF." + }, + "fileUploadLimitInMb": { + "oneOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum file upload size in Mb for WAF." + }, + "exclusions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ApplicationGatewayFirewallExclusion" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The exclusion list." + } + }, + "required": [ + "enabled", + "firewallMode", + "ruleSetType", + "ruleSetVersion" + ], + "description": "Application gateway web application firewall configuration." + }, + "ApplicationRuleCondition": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleConditionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ApplicationRuleCondition" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "sourceAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IP addresses for this rule." + }, + "destinationAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination IP addresses or Service Tags." + }, + "protocols": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FirewallPolicyRuleConditionApplicationProtocol" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of Application Protocols." + }, + "targetFqdns": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of FQDNs for this rule condition." + }, + "fqdnTags": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of FQDN Tags for this rule condition." + }, + "ruleConditionType": { + "type": "string" + } + }, + "required": [ + "ruleConditionType" + ], + "description": "Rule condition of type application." + }, + "ApplicationSecurityGroupPropertiesFormat": { + "type": "object", + "properties": {}, + "description": "Application security group properties." + }, + "AuthorizationPropertiesFormat": { + "type": "object", + "properties": {}, + "description": "Properties of ExpressRouteCircuitAuthorization." + }, + "AzureFirewallApplicationRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the application rule." + }, + "description": { + "type": "string", + "description": "Description of the rule." + }, + "sourceAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IP addresses for this rule." + }, + "protocols": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallApplicationRuleProtocol" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of ApplicationRuleProtocols." + }, + "targetFqdns": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of FQDNs for this rule." + }, + "fqdnTags": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of FQDN Tags for this rule." + }, + "sourceIpGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IpGroups for this rule." + } + }, + "description": "Properties of an application rule." + }, + "AzureFirewallApplicationRuleCollection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallApplicationRuleCollectionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the azure firewall application rule collection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." + } + }, + "description": "Application rule collection resource." + }, + "AzureFirewallApplicationRuleCollectionPropertiesFormat": { + "type": "object", + "properties": { + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 100, + "maximum": 65000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the application rule collection resource." + }, + "action": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallRCAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The action type of a rule collection." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallApplicationRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of rules used by a application rule collection." + } + }, + "description": "Properties of the application rule collection." + }, + "AzureFirewallApplicationRuleProtocol": { + "type": "object", + "properties": { + "protocolType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Https", + "Mssql" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Protocol type." + }, + "port": { + "oneOf": [ + { + "type": "integer", + "minimum": 0, + "maximum": 64000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Port number for the protocol, cannot be greater than 64000. This field is optional." + } + }, + "description": "Properties of the application rule protocol." + }, + "AzureFirewallIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the azure firewall IP configuration." + }, + "name": { + "type": "string", + "description": "Name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "IP configuration of an Azure Firewall." + }, + "AzureFirewallIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the subnet resource. This resource must be named 'AzureFirewallSubnet'." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the PublicIP resource. This field is a mandatory input if subnet is not null." + } + }, + "description": "Properties of IP configuration of an Azure Firewall." + }, + "AzureFirewallNatRCAction": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "Snat", + "Dnat" + ], + "description": "The type of action." + } + }, + "description": "AzureFirewall NAT Rule Collection Action." + }, + "AzureFirewallNatRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the NAT rule." + }, + "description": { + "type": "string", + "description": "Description of the rule." + }, + "sourceAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IP addresses for this rule." + }, + "destinationAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination IP addresses for this rule. Supports IP ranges, prefixes, and service tags." + }, + "destinationPorts": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination ports." + }, + "protocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "TCP", + "UDP", + "Any", + "ICMP" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of AzureFirewallNetworkRuleProtocols applicable to this NAT rule." + }, + "translatedAddress": { + "type": "string", + "description": "The translated address for this NAT rule." + }, + "translatedPort": { + "type": "string", + "description": "The translated port for this NAT rule." + }, + "translatedFqdn": { + "type": "string", + "description": "The translated FQDN for this NAT rule." + }, + "sourceIpGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IpGroups for this rule." + } + }, + "description": "Properties of a NAT rule." + }, + "AzureFirewallNatRuleCollection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallNatRuleCollectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the azure firewall NAT rule collection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." + } + }, + "description": "NAT rule collection resource." + }, + "AzureFirewallNatRuleCollectionProperties": { + "type": "object", + "properties": { + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 100, + "maximum": 65000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the NAT rule collection resource." + }, + "action": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallNatRCAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The action type of a NAT rule collection." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallNatRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of rules used by a NAT rule collection." + } + }, + "description": "Properties of the NAT rule collection." + }, + "AzureFirewallNetworkRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the network rule." + }, + "description": { + "type": "string", + "description": "Description of the rule." + }, + "protocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "TCP", + "UDP", + "Any", + "ICMP" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of AzureFirewallNetworkRuleProtocols." + }, + "sourceAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IP addresses for this rule." + }, + "destinationAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination IP addresses." + }, + "destinationPorts": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination ports." + }, + "destinationFqdns": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination FQDNs." + }, + "sourceIpGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IpGroups for this rule." + }, + "destinationIpGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination IpGroups for this rule." + } + }, + "description": "Properties of the network rule." + }, + "AzureFirewallNetworkRuleCollection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallNetworkRuleCollectionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the azure firewall network rule collection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." + } + }, + "description": "Network rule collection resource." + }, + "AzureFirewallNetworkRuleCollectionPropertiesFormat": { + "type": "object", + "properties": { + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 100, + "maximum": 65000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the network rule collection resource." + }, + "action": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallRCAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The action type of a rule collection." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallNetworkRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of rules used by a network rule collection." + } + }, + "description": "Properties of the network rule collection." + }, + "AzureFirewallPropertiesFormat": { + "type": "object", + "properties": { + "applicationRuleCollections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallApplicationRuleCollection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of application rule collections used by Azure Firewall." + }, + "natRuleCollections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallNatRuleCollection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of NAT rule collections used by Azure Firewall." + }, + "networkRuleCollections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallNetworkRuleCollection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of network rule collections used by Azure Firewall." + }, + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/AzureFirewallIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "IP configuration of the Azure Firewall resource." + }, + "threatIntelMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Alert", + "Deny", + "Off" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The operation mode for Threat Intelligence." + }, + "virtualHub": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The virtualHub to which the firewall belongs." + }, + "firewallPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The firewallPolicy associated with this azure firewall." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFirewallSku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Azure Firewall Resource SKU." + }, + "additionalProperties": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The additional properties used to further config this azure firewall " + } + }, + "description": "Properties of the Azure Firewall." + }, + "AzureFirewallRCAction": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "Allow", + "Deny" + ], + "description": "The type of action." + } + }, + "description": "Properties of the AzureFirewallRCAction." + }, + "AzureFirewallSku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AZFW_VNet", + "AZFW_Hub" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of an Azure Firewall SKU." + }, + "tier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Tier of an Azure Firewall." + } + }, + "description": "SKU of an Azure Firewall." + }, + "BackendAddressPool": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BackendAddressPoolPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer backend address pool." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of backend address pools used by the load balancer. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Pool of backend IP addresses." + }, + "BackendAddressPoolPropertiesFormat": { + "type": "object", + "properties": {}, + "description": "Properties of the backend address pool." + }, + "BastionHostIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BastionHostIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Represents the ip configuration associated with the resource." + }, + "name": { + "type": "string", + "description": "Name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "IP configuration of an Bastion Host." + }, + "BastionHostIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the subnet resource." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference of the PublicIP resource." + }, + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Private IP allocation method." + } + }, + "required": [ + "subnet", + "publicIPAddress" + ], + "description": "Properties of IP configuration of an Bastion Host." + }, + "BastionHostPropertiesFormat": { + "type": "object", + "properties": { + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/BastionHostIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "IP configuration of the Bastion Host resource." + }, + "dnsName": { + "type": "string", + "description": "FQDN for the endpoint on which bastion host is accessible." + } + }, + "description": "Properties of the Bastion Host." + }, + "BgpSettings": { + "type": "object", + "properties": { + "asn": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The BGP speaker's ASN." + }, + "bgpPeeringAddress": { + "type": "string", + "description": "The BGP peering address and BGP identifier of this BGP speaker." + }, + "peerWeight": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The weight added to routes learned from this BGP speaker." + } + }, + "description": "BGP settings details." + }, + "ContainerNetworkInterfaceConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ContainerNetworkInterfaceConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Container network interface configuration properties." + }, + "name": { + "type": "string", + "description": "The name of the resource. This name can be used to access the resource." + } + }, + "description": "Container network interface configuration child resource." + }, + "ContainerNetworkInterfaceConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPConfigurationProfile" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of ip configurations of the container network interface configuration." + }, + "containerNetworkInterfaces": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of container network interfaces created from this container network interface configuration." + } + }, + "description": "Container network interface configuration properties." + }, + "DdosCustomPolicyPropertiesFormat": { + "type": "object", + "properties": { + "protocolCustomSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ProtocolCustomSettingsFormat" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol-specific DDoS policy customization parameters." + } + }, + "description": "DDoS custom policy properties." + }, + "DdosProtectionPlanPropertiesFormat": { + "type": "object", + "properties": {}, + "description": "DDoS protection plan properties." + }, + "DdosSettings": { + "type": "object", + "properties": { + "ddosCustomPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DDoS custom policy associated with the public IP." + }, + "protectionCoverage": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized." + } + }, + "description": "Contains the DDoS protection settings of the public IP." + }, + "Delegation": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServiceDelegationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the subnet." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a subnet. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Details the service to which the subnet is delegated." + }, + "DeviceProperties": { + "type": "object", + "properties": { + "deviceVendor": { + "type": "string", + "description": "Name of the device Vendor." + }, + "deviceModel": { + "type": "string", + "description": "Model of the device." + }, + "linkSpeedInMbps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Link speed." + } + }, + "description": "List of properties of the device." + }, + "DhcpOptions": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of DNS servers IP addresses." + } + }, + "required": [ + "dnsServers" + ], + "description": "DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for a subnet overrides VNET DHCP options." + }, + "ExpressRouteCircuitAuthorization": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AuthorizationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit authorization." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Authorization in an ExpressRouteCircuit resource." + }, + "ExpressRouteCircuitConnectionPropertiesFormat": { + "type": "object", + "properties": { + "expressRouteCircuitPeering": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to Express Route Circuit Private Peering Resource of the circuit initiating connection." + }, + "peerExpressRouteCircuitPeering": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to Express Route Circuit Private Peering Resource of the peered circuit." + }, + "addressPrefix": { + "type": "string", + "description": "/29 IP address space to carve out Customer addresses for tunnels." + }, + "authorizationKey": { + "type": "string", + "description": "The authorization key." + } + }, + "description": "Properties of the express route circuit connection." + }, + "ExpressRouteCircuitPeering": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit peering." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Peering in an ExpressRouteCircuit resource." + }, + "ExpressRouteCircuitPeeringConfig": { + "type": "object", + "properties": { + "advertisedPublicPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of AdvertisedPublicPrefixes." + }, + "advertisedCommunities": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The communities of bgp peering. Specified for microsoft peering." + }, + "legacyMode": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The legacy mode of the peering." + }, + "customerASN": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The CustomerASN of the peering." + }, + "routingRegistryName": { + "type": "string", + "description": "The RoutingRegistryName of the configuration." + } + }, + "description": "Specifies the peering configuration." + }, + "ExpressRouteCircuitPeeringPropertiesFormat": { + "type": "object", + "properties": { + "peeringType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AzurePublicPeering", + "AzurePrivatePeering", + "MicrosoftPeering" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peering type." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peering state." + }, + "peerASN": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 4294967295 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peer ASN." + }, + "primaryPeerAddressPrefix": { + "type": "string", + "description": "The primary address prefix." + }, + "secondaryPeerAddressPrefix": { + "type": "string", + "description": "The secondary address prefix." + }, + "sharedKey": { + "type": "string", + "description": "The shared key." + }, + "vlanId": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VLAN ID." + }, + "microsoftPeeringConfig": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Microsoft peering configuration." + }, + "stats": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitStats" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peering stats of express route circuit." + }, + "gatewayManagerEtag": { + "type": "string", + "description": "The GatewayManager Etag." + }, + "routeFilter": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the RouteFilter resource." + }, + "ipv6PeeringConfig": { + "oneOf": [ + { + "$ref": "#/definitions/Ipv6ExpressRouteCircuitPeeringConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPv6 peering configuration." + }, + "expressRouteConnection": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ExpressRoute connection." + } + }, + "description": "Properties of the express route circuit peering." + }, + "ExpressRouteCircuitPropertiesFormat": { + "type": "object", + "properties": { + "allowClassicOperations": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Allow classic operations." + }, + "authorizations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ExpressRouteCircuitAuthorization" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of authorizations." + }, + "peerings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ExpressRouteCircuitPeering" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of peerings." + }, + "serviceProviderNotes": { + "type": "string", + "description": "The ServiceProviderNotes." + }, + "serviceProviderProperties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitServiceProviderProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ServiceProviderProperties." + }, + "expressRoutePort": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the ExpressRoutePort resource when the circuit is provisioned on an ExpressRoutePort resource." + }, + "bandwidthInGbps": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The bandwidth of the circuit when the circuit is provisioned on an ExpressRoutePort resource." + }, + "gatewayManagerEtag": { + "type": "string", + "description": "The GatewayManager Etag." + } + }, + "description": "Properties of ExpressRouteCircuit." + }, + "expressRouteCircuits_authorizations_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "authorizations" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AuthorizationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit authorization." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/authorizations" + }, + "expressRouteCircuits_peerings_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit peering." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/expressRouteCircuits_peerings_connections_childResource" + } + ] + } + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/peerings" + }, + "expressRouteCircuits_peerings_connections_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "connections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitConnectionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route circuit connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCircuits/peerings/connections" + }, + "ExpressRouteCircuitServiceProviderProperties": { + "type": "object", + "properties": { + "serviceProviderName": { + "type": "string", + "description": "The serviceProviderName." + }, + "peeringLocation": { + "type": "string", + "description": "The peering location." + }, + "bandwidthInMbps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The BandwidthInMbps." + } + }, + "description": "Contains ServiceProviderProperties in an ExpressRouteCircuit." + }, + "ExpressRouteCircuitSku": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the SKU." + }, + "tier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard", + "Premium", + "Basic", + "Local" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The tier of the SKU." + }, + "family": { + "oneOf": [ + { + "type": "string", + "enum": [ + "UnlimitedData", + "MeteredData" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The family of the SKU." + } + }, + "description": "Contains SKU in an ExpressRouteCircuit." + }, + "ExpressRouteCircuitStats": { + "type": "object", + "properties": { + "primarybytesIn": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Primary BytesIn of the peering." + }, + "primarybytesOut": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The primary BytesOut of the peering." + }, + "secondarybytesIn": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The secondary BytesIn of the peering." + }, + "secondarybytesOut": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The secondary BytesOut of the peering." + } + }, + "description": "Contains stats associated with the peering." + }, + "ExpressRouteConnectionProperties": { + "type": "object", + "properties": { + "expressRouteCircuitPeering": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ExpressRoute circuit peering." + }, + "authorizationKey": { + "type": "string", + "description": "Authorization key to establish the connection." + }, + "routingWeight": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The routing weight associated to the connection." + }, + "enableInternetSecurity": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable internet security." + } + }, + "required": [ + "expressRouteCircuitPeering" + ], + "description": "Properties of the ExpressRouteConnection subresource." + }, + "ExpressRouteCrossConnectionPeering": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCrossConnectionPeeringProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route cross connection peering." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Peering in an ExpressRoute Cross Connection resource." + }, + "ExpressRouteCrossConnectionPeeringProperties": { + "type": "object", + "properties": { + "peeringType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AzurePublicPeering", + "AzurePrivatePeering", + "MicrosoftPeering" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peering type." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peering state." + }, + "peerASN": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 4294967295 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The peer ASN." + }, + "primaryPeerAddressPrefix": { + "type": "string", + "description": "The primary address prefix." + }, + "secondaryPeerAddressPrefix": { + "type": "string", + "description": "The secondary address prefix." + }, + "sharedKey": { + "type": "string", + "description": "The shared key." + }, + "vlanId": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VLAN ID." + }, + "microsoftPeeringConfig": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Microsoft peering configuration." + }, + "gatewayManagerEtag": { + "type": "string", + "description": "The GatewayManager Etag." + }, + "ipv6PeeringConfig": { + "oneOf": [ + { + "$ref": "#/definitions/Ipv6ExpressRouteCircuitPeeringConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPv6 peering configuration." + } + }, + "description": "Properties of express route cross connection peering." + }, + "ExpressRouteCrossConnectionProperties": { + "type": "object", + "properties": { + "peeringLocation": { + "type": "string", + "description": "The peering location of the ExpressRoute circuit." + }, + "bandwidthInMbps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The circuit bandwidth In Mbps." + }, + "expressRouteCircuit": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ExpressRouteCircuit." + }, + "serviceProviderProvisioningState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NotProvisioned", + "Provisioning", + "Provisioned", + "Deprovisioning" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The provisioning state of the circuit in the connectivity provider system." + }, + "serviceProviderNotes": { + "type": "string", + "description": "Additional read only notes set by the connectivity provider." + }, + "peerings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ExpressRouteCrossConnectionPeering" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of peerings." + } + }, + "description": "Properties of ExpressRouteCrossConnection." + }, + "expressRouteCrossConnections_peerings_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCrossConnectionPeeringProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route cross connection peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteCrossConnections/peerings" + }, + "ExpressRouteGatewayProperties": { + "type": "object", + "properties": { + "autoScaleConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteGatewayPropertiesAutoScaleConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Configuration for auto scaling." + }, + "virtualHub": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Virtual Hub where the ExpressRoute gateway is or will be deployed." + } + }, + "required": [ + "virtualHub" + ], + "description": "ExpressRoute gateway resource properties." + }, + "ExpressRouteGatewayPropertiesAutoScaleConfiguration": { + "type": "object", + "properties": { + "bounds": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteGatewayPropertiesAutoScaleConfigurationBounds" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Minimum and maximum number of scale units to deploy." + } + }, + "description": "Configuration for auto scaling." + }, + "ExpressRouteGatewayPropertiesAutoScaleConfigurationBounds": { + "type": "object", + "properties": { + "min": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Minimum number of scale units deployed for ExpressRoute gateway." + }, + "max": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum number of scale units deployed for ExpressRoute gateway." + } + }, + "description": "Minimum and maximum number of scale units to deploy." + }, + "expressRouteGateways_expressRouteConnections_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "expressRouteConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the express route connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/expressRouteGateways/expressRouteConnections" + }, + "ExpressRouteLink": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteLinkPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "ExpressRouteLink properties." + }, + "name": { + "type": "string", + "description": "Name of child port resource that is unique among child port resources of the parent." + } + }, + "description": "ExpressRouteLink child resource definition." + }, + "ExpressRouteLinkMacSecConfig": { + "type": "object", + "properties": { + "cknSecretIdentifier": { + "type": "string", + "description": "Keyvault Secret Identifier URL containing Mac security CKN key." + }, + "cakSecretIdentifier": { + "type": "string", + "description": "Keyvault Secret Identifier URL containing Mac security CAK key." + }, + "cipher": { + "oneOf": [ + { + "type": "string", + "enum": [ + "gcm-aes-128", + "gcm-aes-256" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Mac security cipher." + } + }, + "description": "ExpressRouteLink Mac Security Configuration." + }, + "ExpressRouteLinkPropertiesFormat": { + "type": "object", + "properties": { + "adminState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Administrative state of the physical port." + }, + "macSecConfig": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteLinkMacSecConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "MacSec configuration." + } + }, + "description": "Properties specific to ExpressRouteLink resources." + }, + "ExpressRoutePortPropertiesFormat": { + "type": "object", + "properties": { + "peeringLocation": { + "type": "string", + "description": "The name of the peering location that the ExpressRoutePort is mapped to physically." + }, + "bandwidthInGbps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Bandwidth of procured ports in Gbps." + }, + "encapsulation": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Dot1Q", + "QinQ" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Encapsulation method on physical ports." + }, + "links": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ExpressRouteLink" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The set of physical links of the ExpressRoutePort resource." + } + }, + "description": "Properties specific to ExpressRoutePort resources." + }, + "firewallPolicies_ruleGroups_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "ruleGroups" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyRuleGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The properties of the firewall policy rule group." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/firewallPolicies/ruleGroups" + }, + "FirewallPolicyFilterRule": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyFilterRule" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "action": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyFilterRuleAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The action type of a Filter rule." + }, + "ruleConditions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FirewallPolicyRuleCondition" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of rule conditions used by a rule." + }, + "ruleType": { + "type": "string" + } + }, + "required": [ + "ruleType" + ], + "description": "Firewall Policy Filter Rule." + }, + "FirewallPolicyFilterRuleAction": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "Allow", + "Deny" + ], + "description": "The type of action." + } + }, + "description": "Properties of the FirewallPolicyFilterRuleAction." + }, + "FirewallPolicyNatRule": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyNatRule" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "action": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyNatRuleAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The action type of a Nat rule." + }, + "translatedAddress": { + "type": "string", + "description": "The translated address for this NAT rule." + }, + "translatedPort": { + "type": "string", + "description": "The translated port for this NAT rule." + }, + "ruleCondition": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallPolicyRuleCondition" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The match conditions for incoming traffic." + }, + "ruleType": { + "type": "string" + } + }, + "required": [ + "ruleType" + ], + "description": "Firewall Policy NAT Rule." + }, + "FirewallPolicyNatRuleAction": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "DNAT" + ], + "description": "The type of action." + } + }, + "description": "Properties of the FirewallPolicyNatRuleAction." + }, + "FirewallPolicyPropertiesFormat": { + "type": "object", + "properties": { + "basePolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The parent firewall policy from which rules are inherited." + }, + "threatIntelMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Alert", + "Deny", + "Off" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The operation mode for Threat Intelligence." + } + }, + "description": "Firewall Policy definition." + }, + "FirewallPolicyRule": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyRule" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + }, + { + "allOf": [ + { + "$ref": "#/definitions/FirewallPolicyNatRule" + } + ], + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyNatRule" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + }, + { + "allOf": [ + { + "$ref": "#/definitions/FirewallPolicyFilterRule" + } + ], + "properties": { + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyFilterRule" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "name": { + "type": "string", + "description": "The name of the rule." + }, + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 100, + "maximum": 65000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the Firewall Policy Rule resource." + }, + "ruleType": { + "type": "string" + } + }, + "required": [ + "ruleType" + ], + "description": "Properties of the rule." + }, + "FirewallPolicyRuleCondition": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleConditionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "FirewallPolicyRuleCondition" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + }, + { + "allOf": [ + { + "$ref": "#/definitions/ApplicationRuleCondition" + } + ], + "properties": { + "ruleConditionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ApplicationRuleCondition" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + }, + { + "allOf": [ + { + "$ref": "#/definitions/NetworkRuleCondition" + } + ], + "properties": { + "ruleConditionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NetworkRuleCondition" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the rule condition." + }, + "description": { + "type": "string", + "description": "Description of the rule condition." + }, + "ruleConditionType": { + "type": "string" + } + }, + "required": [ + "ruleConditionType" + ], + "description": "Properties of a rule." + }, + "FirewallPolicyRuleConditionApplicationProtocol": { + "type": "object", + "properties": { + "protocolType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Https" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Protocol type." + }, + "port": { + "oneOf": [ + { + "type": "integer", + "minimum": 0, + "maximum": 64000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Port number for the protocol, cannot be greater than 64000." + } + }, + "description": "Properties of the application rule protocol." + }, + "FirewallPolicyRuleGroupProperties": { + "type": "object", + "properties": { + "priority": { + "oneOf": [ + { + "type": "integer", + "minimum": 100, + "maximum": 65000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Priority of the Firewall Policy Rule Group resource." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FirewallPolicyRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Group of Firewall Policy rules." + } + }, + "description": "Properties of the rule group." + }, + "FrontendIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FrontendIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the load balancer probe." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of frontend IP configurations used by the load balancer. This name can be used to access the resource." + }, + "zones": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of availability zones denoting the IP allocated for the resource needs to come from." + } + }, + "required": [ + "name" + ], + "description": "Frontend IP address of the load balancer." + }, + "FrontendIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "privateIPAddress": { + "type": "string", + "description": "The private IP address of the IP configuration." + }, + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Private IP allocation method." + }, + "privateIPAddressVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPv4", + "IPv6" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4." + }, + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the subnet resource." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the Public IP resource." + }, + "publicIPPrefix": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the Public IP Prefix resource." + } + }, + "description": "Properties of Frontend IP Configuration of the load balancer." + }, + "HubVirtualNetworkConnection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/HubVirtualNetworkConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the hub virtual network connection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "HubVirtualNetworkConnection Resource." + }, + "HubVirtualNetworkConnectionProperties": { + "type": "object", + "properties": { + "remoteVirtualNetwork": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Reference to the remote virtual network." + }, + "allowHubToRemoteVnetTransit": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VirtualHub to RemoteVnet transit to enabled or not." + }, + "allowRemoteVnetToUseHubVnetGateways": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Allow RemoteVnet to use Virtual Hub's gateways." + }, + "enableInternetSecurity": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable internet security." + } + }, + "description": "Parameters for HubVirtualNetworkConnection." + }, + "InboundNatPool": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InboundNatPoolPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer inbound nat pool." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of inbound NAT pools used by the load balancer. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Inbound NAT pool of the load balancer." + }, + "InboundNatPoolPropertiesFormat": { + "type": "object", + "properties": { + "frontendIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A reference to frontend IP addresses." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Udp", + "Tcp", + "All" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the transport protocol used by the inbound NAT pool." + }, + "frontendPortRangeStart": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The first port number in the range of external ports that will be used to provide Inbound Nat to NICs associated with a load balancer. Acceptable values range between 1 and 65534." + }, + "frontendPortRangeEnd": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The last port number in the range of external ports that will be used to provide Inbound Nat to NICs associated with a load balancer. Acceptable values range between 1 and 65535." + }, + "backendPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535." + }, + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP." + }, + "enableFloatingIP": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint." + }, + "enableTcpReset": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP." + } + }, + "required": [ + "frontendIPConfiguration", + "protocol", + "frontendPortRangeStart", + "frontendPortRangeEnd", + "backendPort" + ], + "description": "Properties of Inbound NAT pool." + }, + "InboundNatRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InboundNatRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer inbound nat rule." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of inbound NAT rules used by the load balancer. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Inbound NAT rule of the load balancer." + }, + "InboundNatRulePropertiesFormat": { + "type": "object", + "properties": { + "frontendIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A reference to frontend IP addresses." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Udp", + "Tcp", + "All" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the transport protocol used by the load balancing rule." + }, + "frontendPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534." + }, + "backendPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port used for the internal endpoint. Acceptable values range from 1 to 65535." + }, + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP." + }, + "enableFloatingIP": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint." + }, + "enableTcpReset": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP." + } + }, + "required": [ + "frontendIPConfiguration", + "protocol", + "frontendPort", + "backendPort" + ], + "description": "Properties of the inbound NAT rule." + }, + "IPConfigurationProfile": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/IPConfigurationProfilePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the IP configuration profile." + }, + "name": { + "type": "string", + "description": "The name of the resource. This name can be used to access the resource." + } + }, + "description": "IP configuration profile child resource." + }, + "IPConfigurationProfilePropertiesFormat": { + "type": "object", + "properties": { + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the subnet resource to create a container network interface ip configuration." + } + }, + "description": "IP configuration profile properties." + }, + "IpGroupPropertiesFormat": { + "type": "object", + "properties": { + "ipAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "IpAddresses/IpAddressPrefixes in the IpGroups resource." + } + }, + "description": "The IpGroups property information." + }, + "IpsecPolicy": { + "type": "object", + "properties": { + "saLifeTimeSeconds": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel." + }, + "saDataSizeKilobytes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel." + }, + "ipsecEncryption": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "DES", + "DES3", + "AES128", + "AES192", + "AES256", + "GCMAES128", + "GCMAES192", + "GCMAES256" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec encryption algorithm (IKE phase 1)." + }, + "ipsecIntegrity": { + "oneOf": [ + { + "type": "string", + "enum": [ + "MD5", + "SHA1", + "SHA256", + "GCMAES128", + "GCMAES192", + "GCMAES256" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec integrity algorithm (IKE phase 1)." + }, + "ikeEncryption": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DES", + "DES3", + "AES128", + "AES192", + "AES256", + "GCMAES256", + "GCMAES128" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IKE encryption algorithm (IKE phase 2)." + }, + "ikeIntegrity": { + "oneOf": [ + { + "type": "string", + "enum": [ + "MD5", + "SHA1", + "SHA256", + "SHA384", + "GCMAES256", + "GCMAES128" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IKE integrity algorithm (IKE phase 2)." + }, + "dhGroup": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "DHGroup1", + "DHGroup2", + "DHGroup14", + "DHGroup2048", + "ECP256", + "ECP384", + "DHGroup24" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DH Group used in IKE Phase 1 for initial SA." + }, + "pfsGroup": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "PFS1", + "PFS2", + "PFS2048", + "ECP256", + "ECP384", + "PFS24", + "PFS14", + "PFSMM" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Pfs Group used in IKE Phase 2 for new child SA." + } + }, + "required": [ + "saLifeTimeSeconds", + "saDataSizeKilobytes", + "ipsecEncryption", + "ipsecIntegrity", + "ikeEncryption", + "ikeIntegrity", + "dhGroup", + "pfsGroup" + ], + "description": "An IPSec Policy configuration for a virtual network gateway connection." + }, + "IpTag": { + "type": "object", + "properties": { + "ipTagType": { + "type": "string", + "description": "The IP tag type. Example: FirstPartyUsage." + }, + "tag": { + "type": "string", + "description": "The value of the IP tag associated with the public IP. Example: SQL." + } + }, + "description": "Contains the IpTag associated with the object." + }, + "Ipv6ExpressRouteCircuitPeeringConfig": { + "type": "object", + "properties": { + "primaryPeerAddressPrefix": { + "type": "string", + "description": "The primary address prefix." + }, + "secondaryPeerAddressPrefix": { + "type": "string", + "description": "The secondary address prefix." + }, + "microsoftPeeringConfig": { + "oneOf": [ + { + "$ref": "#/definitions/ExpressRouteCircuitPeeringConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Microsoft peering configuration." + }, + "routeFilter": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the RouteFilter resource." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The state of peering." + } + }, + "description": "Contains IPv6 peering config." + }, + "LoadBalancerPropertiesFormat": { + "type": "object", + "properties": { + "frontendIPConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Object representing the frontend IPs to be used for the load balancer." + }, + "backendAddressPools": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/BackendAddressPool" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of backend address pools used by a load balancer." + }, + "loadBalancingRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/LoadBalancingRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Object collection representing the load balancing rules Gets the provisioning." + }, + "probes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Probe" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of probe objects used in the load balancer." + }, + "inboundNatRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/InboundNatRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules." + }, + "inboundNatPools": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/InboundNatPool" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Defines an external port range for inbound NAT to a single backend port on NICs associated with a load balancer. Inbound NAT rules are created automatically for each NIC associated with the Load Balancer using an external port from this range. Defining an Inbound NAT pool on your Load Balancer is mutually exclusive with defining inbound Nat rules. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an inbound NAT pool. They have to reference individual inbound NAT rules." + }, + "outboundRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/OutboundRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The outbound rules." + } + }, + "description": "Properties of the load balancer." + }, + "loadBalancers_inboundNatRules_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "inboundNatRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InboundNatRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer inbound nat rule." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + "LoadBalancerSku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of a load balancer SKU." + } + }, + "description": "SKU of a load balancer." + }, + "LoadBalancingRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LoadBalancingRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer load balancing rule." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of load balancing rules used by the load balancer. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "A load balancing rule for a load balancer." + }, + "LoadBalancingRulePropertiesFormat": { + "type": "object", + "properties": { + "frontendIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A reference to frontend IP addresses." + }, + "backendAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs." + }, + "probe": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the load balancer probe used by the load balancing rule." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Udp", + "Tcp", + "All" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the transport protocol used by the load balancing rule." + }, + "loadDistribution": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "SourceIP", + "SourceIPProtocol" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The load distribution policy for this rule." + }, + "frontendPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 0 and 65534. Note that value 0 enables \"Any Port\"." + }, + "backendPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port used for internal connections on the endpoint. Acceptable values are between 0 and 65535. Note that value 0 enables \"Any Port\"." + }, + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP." + }, + "enableFloatingIP": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint." + }, + "enableTcpReset": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP." + }, + "disableOutboundSnat": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Configures SNAT for the VMs in the backend pool to use the publicIP address specified in the frontend of the load balancing rule." + } + }, + "required": [ + "frontendIPConfiguration", + "protocol", + "frontendPort", + "backendPort" + ], + "description": "Properties of the load balancer." + }, + "LocalNetworkGatewayPropertiesFormat": { + "type": "object", + "properties": { + "localNetworkAddressSpace": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Local network site address space." + }, + "gatewayIpAddress": { + "type": "string", + "description": "IP address of local network gateway." + }, + "bgpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/BgpSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Local network gateway's BGP speaker settings." + } + }, + "description": "LocalNetworkGateway properties." + }, + "ManagedRuleGroupOverride": { + "type": "object", + "properties": { + "ruleGroupName": { + "type": "string", + "description": "Describes the managed rule group to override." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleOverride" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of rules that will be disabled. If none specified, all rules in the group will be disabled." + } + }, + "required": [ + "ruleGroupName" + ], + "description": "Defines a managed rule group override setting." + }, + "ManagedRuleOverride": { + "type": "object", + "properties": { + "ruleId": { + "type": "string", + "description": "Identifier for the managed rule." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes the state of the managed rule. Defaults to Disabled if not specified." + } + }, + "required": [ + "ruleId" + ], + "description": "Defines a managed rule group override setting." + }, + "ManagedRulesDefinition": { + "type": "object", + "properties": { + "exclusions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/OwaspCrsExclusionEntry" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes the Exclusions that are applied on the policy." + }, + "managedRuleSets": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleSet" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes the ruleSets that are associated with the policy." + } + }, + "required": [ + "managedRuleSets" + ], + "description": "Allow to exclude some variable satisfy the condition for the WAF check." + }, + "ManagedRuleSet": { + "type": "object", + "properties": { + "ruleSetType": { + "type": "string", + "description": "Defines the rule set type to use." + }, + "ruleSetVersion": { + "type": "string", + "description": "Defines the version of the rule set to use." + }, + "ruleGroupOverrides": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleGroupOverride" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Defines the rule group overrides to apply to the rule set." + } + }, + "required": [ + "ruleSetType", + "ruleSetVersion" + ], + "description": "Defines a managed rule set." + }, + "ManagedServiceIdentity": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SystemAssigned", + "UserAssigned", + "SystemAssigned, UserAssigned", + "None" + ], + "description": "The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'." + } + }, + "description": "Identity for the resource." + }, + "ManagedServiceIdentityUserAssignedIdentitiesValue": {}, + "MatchCondition": { + "type": "object", + "properties": { + "matchVariables": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/MatchVariable" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of match variables." + }, + "operator": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPMatch", + "Equal", + "Contains", + "LessThan", + "GreaterThan", + "LessThanOrEqual", + "GreaterThanOrEqual", + "BeginsWith", + "EndsWith", + "Regex", + "GeoMatch" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes operator to be matched." + }, + "negationConditon": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes if this is negate condition or not." + }, + "matchValues": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Match value." + }, + "transforms": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "Lowercase", + "Trim", + "UrlDecode", + "UrlEncode", + "RemoveNulls", + "HtmlEntityDecode" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of transforms." + } + }, + "required": [ + "matchVariables", + "operator", + "matchValues" + ], + "description": "Define match conditions." + }, + "MatchVariable": { + "type": "object", + "properties": { + "variableName": { + "oneOf": [ + { + "type": "string", + "enum": [ + "RemoteAddr", + "RequestMethod", + "QueryString", + "PostArgs", + "RequestUri", + "RequestHeaders", + "RequestBody", + "RequestCookies" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Match Variable." + }, + "selector": { + "type": "string", + "description": "Describes field of the matchVariable collection." + } + }, + "required": [ + "variableName" + ], + "description": "Define match variables." + }, + "NatGatewayPropertiesFormat": { + "type": "object", + "properties": { + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The idle timeout of the nat gateway." + }, + "publicIpAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of public ip addresses associated with the nat gateway resource." + }, + "publicIpPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of public ip prefixes associated with the nat gateway resource." + } + }, + "description": "Nat Gateway properties." + }, + "NatGatewaySku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of Nat Gateway SKU." + } + }, + "description": "SKU of nat gateway." + }, + "NetworkInterfaceDnsSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of DNS servers IP addresses. Use 'AzureProvidedDNS' to switch to azure provided DNS resolution. 'AzureProvidedDNS' value cannot be combined with other IPs, it must be the only value in dnsServers collection." + }, + "internalDnsNameLabel": { + "type": "string", + "description": "Relative DNS name for this NIC used for internal communications between VMs in the same virtual network." + } + }, + "description": "DNS settings of a network interface." + }, + "NetworkInterfaceIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkInterfaceIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Network interface IP configuration properties." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "IPConfiguration in a network interface." + }, + "NetworkInterfaceIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "virtualNetworkTaps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to Virtual Network Taps." + }, + "applicationGatewayBackendAddressPools": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of ApplicationGatewayBackendAddressPool resource." + }, + "loadBalancerBackendAddressPools": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of LoadBalancerBackendAddressPool resource." + }, + "loadBalancerInboundNatRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of references of LoadBalancerInboundNatRules." + }, + "privateIPAddress": { + "type": "string", + "description": "Private IP address of the IP configuration." + }, + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The private IP address allocation method." + }, + "privateIPAddressVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPv4", + "IPv6" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4." + }, + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Subnet bound to the IP configuration." + }, + "primary": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether this is a primary customer address on the network interface." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Public IP address bound to the IP configuration." + }, + "applicationSecurityGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Application security groups in which the IP configuration is included." + } + }, + "description": "Properties of IP configuration." + }, + "NetworkInterfacePropertiesFormat": { + "type": "object", + "properties": { + "networkSecurityGroup": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the NetworkSecurityGroup resource." + }, + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/NetworkInterfaceIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of IPConfigurations of the network interface." + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkInterfaceDnsSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DNS settings in network interface." + }, + "enableAcceleratedNetworking": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "If the network interface is accelerated networking enabled." + }, + "enableIPForwarding": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Indicates whether IP forwarding is enabled on this network interface." + } + }, + "required": [ + "ipConfigurations" + ], + "description": "NetworkInterface properties." + }, + "networkInterfaces_tapConfigurations_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "tapConfigurations" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkInterfaceTapConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the Virtual Network Tap configuration." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkInterfaces/tapConfigurations" + }, + "NetworkInterfaceTapConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "virtualNetworkTap": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the Virtual Network Tap resource." + } + }, + "description": "Properties of Virtual Network Tap configuration." + }, + "NetworkProfilePropertiesFormat": { + "type": "object", + "properties": { + "containerNetworkInterfaceConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ContainerNetworkInterfaceConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of chid container network interface configurations." + } + }, + "description": "Network profile properties." + }, + "NetworkRuleCondition": { + "type": "object", + "oneOf": [ + { + "properties": { + "ruleConditionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NetworkRuleCondition" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ] + } + } + } + ], + "properties": { + "ipProtocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "TCP", + "UDP", + "Any", + "ICMP" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Array of FirewallPolicyRuleConditionNetworkProtocols." + }, + "sourceAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of source IP addresses for this rule." + }, + "destinationAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination IP addresses or Service Tags." + }, + "destinationPorts": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of destination ports." + }, + "ruleConditionType": { + "type": "string" + } + }, + "required": [ + "ruleConditionType" + ], + "description": "Rule condition of type network." + }, + "NetworkSecurityGroupPropertiesFormat": { + "type": "object", + "properties": { + "securityRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SecurityRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of security rules of the network security group." + } + }, + "description": "Network Security Group resource." + }, + "networkSecurityGroups_securityRules_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "securityRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the security rule." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkSecurityGroups/securityRules" + }, + "NetworkWatcherPropertiesFormat": { + "type": "object", + "properties": {}, + "description": "The network watcher properties." + }, + "networkWatchers_packetCaptures_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "packetCaptures" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PacketCaptureParameters" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the packet capture." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/networkWatchers/packetCaptures" + }, + "OutboundRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/OutboundRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer outbound rule." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of outbound rules used by the load balancer. This name can be used to access the resource." + } + }, + "description": "Outbound rule of the load balancer." + }, + "OutboundRulePropertiesFormat": { + "type": "object", + "properties": { + "allocatedOutboundPorts": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The number of outbound ports to be used for NAT." + }, + "frontendIPConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Frontend IP addresses of the load balancer." + }, + "backendAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A reference to a pool of DIPs. Outbound traffic is randomly load balanced across IPs in the backend IPs." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Tcp", + "Udp", + "All" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol for the outbound rule in load balancer." + }, + "enableTcpReset": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP." + }, + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The timeout for the TCP idle connection." + } + }, + "required": [ + "frontendIPConfigurations", + "backendAddressPool", + "protocol" + ], + "description": "Outbound rule of the load balancer." + }, + "OwaspCrsExclusionEntry": { + "type": "object", + "properties": { + "matchVariable": { + "oneOf": [ + { + "type": "string", + "enum": [ + "RequestHeaderNames", + "RequestCookieNames", + "RequestArgNames" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The variable to be excluded." + }, + "selectorMatchOperator": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Equals", + "Contains", + "StartsWith", + "EndsWith", + "EqualsAny" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to." + }, + "selector": { + "type": "string", + "description": "When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to." + } + }, + "required": [ + "matchVariable", + "selectorMatchOperator", + "selector" + ], + "description": "Allow to exclude some variable satisfy the condition for the WAF check." + }, + "P2SConnectionConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/P2SConnectionConfigurationProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the P2S connection configuration." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "P2SConnectionConfiguration Resource." + }, + "P2SConnectionConfigurationProperties": { + "type": "object", + "properties": { + "vpnClientAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the address space resource which represents Address space for P2S VpnClient." + } + }, + "description": "Parameters for P2SConnectionConfiguration." + }, + "P2SVpnGatewayProperties": { + "type": "object", + "properties": { + "virtualHub": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VirtualHub to which the gateway belongs." + }, + "p2SConnectionConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/P2SConnectionConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all p2s connection configurations of the gateway." + }, + "vpnGatewayScaleUnit": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The scale unit for this p2s vpn gateway." + }, + "vpnServerConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VpnServerConfiguration to which the p2sVpnGateway is attached to." + } + }, + "description": "Parameters for P2SVpnGateway." + }, + "PacketCaptureFilter": { + "type": "object", + "properties": { + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP", + "Any" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Protocol to be filtered on." + }, + "localIPAddress": { + "type": "string", + "description": "Local IP Address to be filtered on. Notation: \"127.0.0.1\" for single address entry. \"127.0.0.1-127.0.0.255\" for range. \"127.0.0.1;127.0.0.5\"? for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null." + }, + "remoteIPAddress": { + "type": "string", + "description": "Local IP Address to be filtered on. Notation: \"127.0.0.1\" for single address entry. \"127.0.0.1-127.0.0.255\" for range. \"127.0.0.1;127.0.0.5;\" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null." + }, + "localPort": { + "type": "string", + "description": "Local port to be filtered on. Notation: \"80\" for single port entry.\"80-85\" for range. \"80;443;\" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null." + }, + "remotePort": { + "type": "string", + "description": "Remote port to be filtered on. Notation: \"80\" for single port entry.\"80-85\" for range. \"80;443;\" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null." + } + }, + "description": "Filter that is applied to packet capture request. Multiple filters can be applied." + }, + "PacketCaptureParameters": { + "type": "object", + "properties": { + "target": { + "type": "string", + "description": "The ID of the targeted resource, only VM is currently supported." + }, + "bytesToCapturePerPacket": { + "oneOf": [ + { + "type": "integer", + "default": "0" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Number of bytes captured per packet, the remaining bytes are truncated." + }, + "totalBytesPerSession": { + "oneOf": [ + { + "type": "integer", + "default": "1073741824" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum size of the capture output." + }, + "timeLimitInSeconds": { + "oneOf": [ + { + "type": "integer", + "default": "18000" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum duration of the capture session in seconds." + }, + "storageLocation": { + "oneOf": [ + { + "$ref": "#/definitions/PacketCaptureStorageLocation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes the storage location for a packet capture session." + }, + "filters": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PacketCaptureFilter" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of packet capture filters." + } + }, + "required": [ + "target", + "storageLocation" + ], + "description": "Parameters that define the create packet capture operation." + }, + "PacketCaptureStorageLocation": { + "type": "object", + "properties": { + "storageId": { + "type": "string", + "description": "The ID of the storage account to save the packet capture session. Required if no local file path is provided." + }, + "storagePath": { + "type": "string", + "description": "The URI of the storage path to save the packet capture. Must be a well-formed URI describing the location to save the packet capture." + }, + "filePath": { + "type": "string", + "description": "A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. Required if no storage ID is provided, otherwise optional." + } + }, + "description": "Describes the storage location for a packet capture session." + }, + "PolicySettings": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes if the policy is in enabled state or disabled state." + }, + "mode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Prevention", + "Detection" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes if it is in detection mode or prevention mode at policy level." + }, + "requestBodyCheck": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether to allow WAF to check request Body." + }, + "maxRequestBodySizeInKb": { + "oneOf": [ + { + "type": "integer", + "minimum": 8, + "maximum": 128 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum request body size in Kb for WAF." + }, + "fileUploadLimitInMb": { + "oneOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Maximum file upload size in Mb for WAF." + } + }, + "description": "Defines contents of a web application firewall global configuration." + }, + "PrivateEndpointConnectionProperties": { + "type": "object", + "properties": { + "privateLinkServiceConnectionState": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceConnectionState" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of information about the state of the connection between service consumer and provider." + } + }, + "description": "Properties of the PrivateEndpointConnectProperties." + }, + "PrivateEndpointProperties": { + "type": "object", + "properties": { + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ID of the subnet from which the private IP will be allocated." + }, + "privateLinkServiceConnections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PrivateLinkServiceConnection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A grouping of information about the connection to the remote resource." + }, + "manualPrivateLinkServiceConnections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PrivateLinkServiceConnection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A grouping of information about the connection to the remote resource. Used when the network admin does not have access to approve connections to the remote resource." + } + }, + "description": "Properties of the private endpoint." + }, + "PrivateLinkServiceConnection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private link service connection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "PrivateLinkServiceConnection resource." + }, + "PrivateLinkServiceConnectionProperties": { + "type": "object", + "properties": { + "privateLinkServiceId": { + "type": "string", + "description": "The resource id of private link service." + }, + "groupIds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to." + }, + "requestMessage": { + "type": "string", + "description": "A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars." + }, + "privateLinkServiceConnectionState": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceConnectionState" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of read-only information about the state of the connection to the remote resource." + } + }, + "description": "Properties of the PrivateLinkServiceConnection." + }, + "PrivateLinkServiceConnectionState": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service." + }, + "description": { + "type": "string", + "description": "The reason for approval/rejection of the connection." + }, + "actionRequired": { + "type": "string", + "description": "A message indicating if changes on the service provider require any updates on the consumer." + } + }, + "description": "A collection of information about the state of the connection between service consumer and provider." + }, + "PrivateLinkServiceIpConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceIpConfigurationProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private link service ip configuration." + }, + "name": { + "type": "string", + "description": "The name of private link service ip configuration." + } + }, + "description": "The private link service ip configuration." + }, + "PrivateLinkServiceIpConfigurationProperties": { + "type": "object", + "properties": { + "privateIPAddress": { + "type": "string", + "description": "The private IP address of the IP configuration." + }, + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The private IP address allocation method." + }, + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the subnet resource." + }, + "primary": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the ip configuration is primary or not." + }, + "privateIPAddressVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPv4", + "IPv6" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the specific IP configuration is IPv4 or IPv6. Default is IPv4." + } + }, + "description": "Properties of private link service IP configuration." + }, + "PrivateLinkServiceProperties": { + "type": "object", + "properties": { + "loadBalancerFrontendIpConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of references to the load balancer IP configurations." + }, + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PrivateLinkServiceIpConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of private link service IP configurations." + }, + "visibility": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServicePropertiesVisibility" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The visibility list of the private link service." + }, + "autoApproval": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServicePropertiesAutoApproval" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The auto-approval list of the private link service." + }, + "fqdns": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of Fqdn." + }, + "enableProxyProtocol": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the private link service is enabled for proxy protocol or not." + } + }, + "description": "Properties of the private link service." + }, + "PrivateLinkServicePropertiesAutoApproval": { + "type": "object", + "properties": { + "subscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of subscriptions." + } + }, + "description": "The auto-approval list of the private link service." + }, + "PrivateLinkServicePropertiesVisibility": { + "type": "object", + "properties": { + "subscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of subscriptions." + } + }, + "description": "The visibility list of the private link service." + }, + "privateLinkServices_privateEndpointConnections_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "privateEndpointConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the private end point connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/privateLinkServices/privateEndpointConnections" + }, + "Probe": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ProbePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of load balancer probe." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within the set of probes used by the load balancer. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "A load balancer probe." + }, + "ProbePropertiesFormat": { + "type": "object", + "properties": { + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Http", + "Tcp", + "Https" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol of the end point. If 'Tcp' is specified, a received ACK is required for the probe to be successful. If 'Http' or 'Https' is specified, a 200 OK response from the specifies URI is required for the probe to be successful." + }, + "port": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The port for communicating the probe. Possible values range from 1 to 65535, inclusive." + }, + "intervalInSeconds": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The interval, in seconds, for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period (in seconds) which allows two full probes before taking the instance out of rotation. The default value is 15, the minimum value is 5." + }, + "numberOfProbes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure." + }, + "requestPath": { + "type": "string", + "description": "The URI used for requesting health status from the VM. Path is required if a protocol is set to http. Otherwise, it is not allowed. There is no default value." + } + }, + "required": [ + "protocol", + "port", + "numberOfProbes" + ], + "description": "Load balancer probe resource." + }, + "ProtocolCustomSettingsFormat": { + "type": "object", + "properties": { + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Tcp", + "Udp", + "Syn" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The protocol for which the DDoS protection policy is being customized." + }, + "triggerRateOverride": { + "type": "string", + "description": "The customized DDoS protection trigger rate." + }, + "sourceRateOverride": { + "type": "string", + "description": "The customized DDoS protection source rate." + }, + "triggerSensitivityOverride": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Relaxed", + "Low", + "Default", + "High" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The customized DDoS protection trigger rate sensitivity degrees. High: Trigger rate set with most sensitivity w.r.t. normal traffic. Default: Trigger rate set with moderate sensitivity w.r.t. normal traffic. Low: Trigger rate set with less sensitivity w.r.t. normal traffic. Relaxed: Trigger rate set with least sensitivity w.r.t. normal traffic." + } + }, + "description": "DDoS custom policy properties." + }, + "PublicIPAddressDnsSettings": { + "type": "object", + "properties": { + "domainNameLabel": { + "type": "string", + "description": "The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system." + }, + "fqdn": { + "type": "string", + "description": "The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone." + }, + "reverseFqdn": { + "type": "string", + "description": "The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN." + } + }, + "required": [ + "domainNameLabel" + ], + "description": "Contains FQDN of the DNS record associated with the public IP address." + }, + "PublicIPAddressPropertiesFormat": { + "type": "object", + "properties": { + "publicIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The public IP address allocation method." + }, + "publicIPAddressVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPv4", + "IPv6" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The public IP address version." + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/PublicIPAddressDnsSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The FQDN of the DNS record associated with the public IP address." + }, + "ddosSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DdosSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DDoS protection custom policy associated with the public IP address." + }, + "ipTags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpTag" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of tags associated with the public IP address." + }, + "ipAddress": { + "type": "string", + "description": "The IP address associated with the public IP address resource." + }, + "publicIPPrefix": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Public IP Prefix this Public IP Address should be allocated from." + }, + "idleTimeoutInMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The idle timeout of the public IP address." + } + }, + "required": [ + "publicIPAllocationMethod" + ], + "description": "Public IP address properties." + }, + "PublicIPAddressSku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of a public IP address SKU." + } + }, + "description": "SKU of a public IP address." + }, + "PublicIPPrefixPropertiesFormat": { + "type": "object", + "properties": { + "publicIPAddressVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPv4", + "IPv6" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The public IP address version." + }, + "ipTags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpTag" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The list of tags associated with the public IP prefix." + }, + "prefixLength": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Length of the Public IP Prefix." + } + }, + "description": "Public IP prefix properties." + }, + "PublicIPPrefixSku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Name of a public IP prefix SKU." + } + }, + "description": "SKU of a public IP prefix." + }, + "Route": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoutePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Route resource." + }, + "RouteFilterPropertiesFormat": { + "type": "object", + "properties": { + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/RouteFilterRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of RouteFilterRules contained within a route filter." + } + }, + "description": "Route Filter Resource." + }, + "RouteFilterRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RouteFilterRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route filter rule." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + }, + "location": { + "type": "string", + "description": "Resource location." + } + }, + "description": "Route Filter Rule Resource." + }, + "RouteFilterRulePropertiesFormat": { + "type": "object", + "properties": { + "access": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "Deny" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The access type of the rule." + }, + "routeFilterRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Community" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The rule type of the rule." + }, + "communities": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The collection for bgp community values to filter on. e.g. ['12076:5010','12076:5020']." + } + }, + "required": [ + "access", + "routeFilterRuleType", + "communities" + ], + "description": "Route Filter Rule Resource." + }, + "routeFilters_routeFilterRules_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "routeFilterRules" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RouteFilterRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route filter rule." + }, + "location": { + "type": "string", + "description": "Resource location." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/routeFilters/routeFilterRules" + }, + "RoutePropertiesFormat": { + "type": "object", + "properties": { + "addressPrefix": { + "type": "string", + "description": "The destination CIDR to which the route applies." + }, + "nextHopType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VirtualNetworkGateway", + "VnetLocal", + "Internet", + "VirtualAppliance", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The type of Azure hop the packet should be sent to." + }, + "nextHopIpAddress": { + "type": "string", + "description": "The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance." + } + }, + "required": [ + "addressPrefix", + "nextHopType" + ], + "description": "Route resource." + }, + "RouteTablePropertiesFormat": { + "type": "object", + "properties": { + "routes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Route" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Collection of routes contained within a route table." + }, + "disableBgpRoutePropagation": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether to disable the routes learned by BGP on that route table. True means disable." + } + }, + "description": "Route Table resource." + }, + "routeTables_routes_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "routes" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoutePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the route." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/routeTables/routes" + }, + "SecurityRule": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityRulePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the security rule." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Network security rule." + }, + "SecurityRulePropertiesFormat": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description for this rule. Restricted to 140 chars." + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Tcp", + "Udp", + "Icmp", + "Esp", + "*", + "Ah" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Network protocol this rule applies to." + }, + "sourcePortRange": { + "type": "string", + "description": "The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports." + }, + "destinationPortRange": { + "type": "string", + "description": "The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports." + }, + "sourceAddressPrefix": { + "type": "string", + "description": "The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from." + }, + "sourceAddressPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The CIDR or source IP ranges." + }, + "sourceApplicationSecurityGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The application security group specified as source." + }, + "destinationAddressPrefix": { + "type": "string", + "description": "The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used." + }, + "destinationAddressPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The destination address prefixes. CIDR or destination IP ranges." + }, + "destinationApplicationSecurityGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The application security group specified as destination." + }, + "sourcePortRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The source port ranges." + }, + "destinationPortRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The destination port ranges." + }, + "access": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "Deny" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The network traffic is allowed or denied." + }, + "priority": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule." + }, + "direction": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Inbound", + "Outbound" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic." + } + }, + "required": [ + "protocol", + "access", + "priority", + "direction" + ], + "description": "Security rule resource." + }, + "ServiceDelegationPropertiesFormat": { + "type": "object", + "properties": { + "serviceName": { + "type": "string", + "description": "The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers)." + } + }, + "description": "Properties of a service delegation." + }, + "serviceEndpointPolicies_serviceEndpointPolicyDefinitions_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "serviceEndpointPolicyDefinitions" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServiceEndpointPolicyDefinitionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the service endpoint policy definition." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/serviceEndpointPolicies/serviceEndpointPolicyDefinitions" + }, + "ServiceEndpointPolicyDefinition": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServiceEndpointPolicyDefinitionPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the service endpoint policy definition." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "Service Endpoint policy definitions." + }, + "ServiceEndpointPolicyDefinitionPropertiesFormat": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description for this rule. Restricted to 140 chars." + }, + "service": { + "type": "string", + "description": "Service endpoint name." + }, + "serviceResources": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of service resources." + } + }, + "description": "Service Endpoint policy definition resource." + }, + "ServiceEndpointPolicyPropertiesFormat": { + "type": "object", + "properties": { + "serviceEndpointPolicyDefinitions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ServiceEndpointPolicyDefinition" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of service endpoint policy definitions of the service endpoint policy." + } + }, + "description": "Service Endpoint Policy resource." + }, + "ServiceEndpointPropertiesFormat": { + "type": "object", + "properties": { + "service": { + "type": "string", + "description": "The type of the endpoint service." + }, + "locations": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of locations." + } + }, + "description": "The service endpoint properties." + }, + "Subnet": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SubnetPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the subnet." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Subnet in a virtual network resource." + }, + "SubnetPropertiesFormat": { + "type": "object", + "properties": { + "addressPrefix": { + "type": "string", + "description": "The address prefix for the subnet." + }, + "addressPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of address prefixes for the subnet." + }, + "networkSecurityGroup": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the NetworkSecurityGroup resource." + }, + "routeTable": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the RouteTable resource." + }, + "natGateway": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Nat gateway associated with this subnet." + }, + "serviceEndpoints": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ServiceEndpointPropertiesFormat" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of service endpoints." + }, + "serviceEndpointPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SubResource" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of service endpoint policies." + }, + "delegations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Delegation" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "An array of references to the delegations on the subnet." + }, + "privateEndpointNetworkPolicies": { + "type": "string", + "description": "Enable or Disable apply network policies on private end point in the subnet." + }, + "privateLinkServiceNetworkPolicies": { + "type": "string", + "description": "Enable or Disable apply network policies on private link service in the subnet." + } + }, + "required": [ + "addressPrefix" + ], + "description": "Properties of the subnet." + }, + "SubResource": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource ID." + } + }, + "required": [ + "id" + ], + "description": "Reference to another subresource." + }, + "TrafficSelectorPolicy": { + "type": "object", + "properties": { + "localAddressRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of local address spaces in CIDR format" + }, + "remoteAddressRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A collection of remote address spaces in CIDR format" + } + }, + "required": [ + "localAddressRanges", + "remoteAddressRanges" + ], + "description": "An traffic selector policy for a virtual network gateway connection." + }, + "VirtualHubProperties": { + "type": "object", + "properties": { + "virtualWan": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VirtualWAN to which the VirtualHub belongs." + }, + "vpnGateway": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VpnGateway associated with this VirtualHub." + }, + "p2SVpnGateway": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The P2SVpnGateway associated with this VirtualHub." + }, + "expressRouteGateway": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The expressRouteGateway associated with this VirtualHub." + }, + "azureFirewall": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The azureFirewall associated with this VirtualHub." + }, + "virtualNetworkConnections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/HubVirtualNetworkConnection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all vnet connections with this VirtualHub." + }, + "addressPrefix": { + "type": "string", + "description": "Address-prefix for this VirtualHub." + }, + "routeTable": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualHubRouteTable" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The routeTable associated with this virtual hub." + }, + "securityProviderName": { + "type": "string", + "description": "The Security Provider name." + }, + "virtualHubRouteTableV2s": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualHubRouteTableV2" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all virtual hub route table v2s associated with this VirtualHub." + }, + "sku": { + "type": "string", + "description": "The sku of this VirtualHub." + } + }, + "description": "Parameters for VirtualHub." + }, + "VirtualHubRoute": { + "type": "object", + "properties": { + "addressPrefixes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all addressPrefixes." + }, + "nextHopIpAddress": { + "type": "string", + "description": "NextHop ip address." + } + }, + "description": "VirtualHub route." + }, + "VirtualHubRouteTable": { + "type": "object", + "properties": { + "routes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualHubRoute" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all routes." + } + }, + "description": "VirtualHub route table." + }, + "VirtualHubRouteTableV2": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualHubRouteTableV2Properties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual hub route table v2." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "VirtualHubRouteTableV2 Resource." + }, + "VirtualHubRouteTableV2Properties": { + "type": "object", + "properties": { + "routes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualHubRouteV2" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all routes." + }, + "attachedConnections": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all connections attached to this route table v2." + } + }, + "description": "Parameters for VirtualHubRouteTableV2." + }, + "VirtualHubRouteV2": { + "type": "object", + "properties": { + "destinationType": { + "type": "string", + "description": "The type of destinations" + }, + "destinations": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all destinations." + }, + "nextHopType": { + "type": "string", + "description": "The type of next hops" + }, + "nextHops": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "NextHops ip address." + } + }, + "description": "VirtualHubRouteTableV2 route." + }, + "virtualHubs_routeTables_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "routeTables" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualHubRouteTableV2Properties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual hub route table v2." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualHubs/routeTables" + }, + "VirtualNetworkBgpCommunities": { + "type": "object", + "properties": { + "virtualNetworkCommunity": { + "type": "string", + "description": "The BGP community associated with the virtual network" + } + }, + "required": [ + "virtualNetworkCommunity" + ], + "description": "Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET." + }, + "VirtualNetworkGatewayConnectionPropertiesFormat": { + "type": "object", + "properties": { + "authorizationKey": { + "type": "string", + "description": "The authorizationKey." + }, + "virtualNetworkGateway1": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to virtual network gateway resource." + }, + "virtualNetworkGateway2": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to virtual network gateway resource." + }, + "localNetworkGateway2": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to local network gateway resource." + }, + "connectionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPsec", + "Vnet2Vnet", + "ExpressRoute", + "VPNClient" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Gateway connection type." + }, + "connectionProtocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IKEv2", + "IKEv1" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Connection protocol used for this connection." + }, + "routingWeight": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The routing weight." + }, + "sharedKey": { + "type": "string", + "description": "The IPSec shared key." + }, + "peer": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to peerings resource." + }, + "enableBgp": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "EnableBgp flag." + }, + "usePolicyBasedTrafficSelectors": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable policy-based traffic selectors." + }, + "ipsecPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpsecPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec Policies to be considered by this connection." + }, + "trafficSelectorPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TrafficSelectorPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Traffic Selector Policies to be considered by this connection." + }, + "expressRouteGatewayBypass": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Bypass ExpressRoute Gateway for data forwarding." + } + }, + "required": [ + "virtualNetworkGateway1", + "connectionType" + ], + "description": "VirtualNetworkGatewayConnection properties." + }, + "VirtualNetworkGatewayIPConfiguration": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkGatewayIPConfigurationPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network gateway ip configuration." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "IP configuration for virtual network gateway." + }, + "VirtualNetworkGatewayIPConfigurationPropertiesFormat": { + "type": "object", + "properties": { + "privateIPAllocationMethod": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Static", + "Dynamic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The private IP address allocation method." + }, + "subnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the subnet resource." + }, + "publicIPAddress": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the public IP resource." + } + }, + "description": "Properties of VirtualNetworkGatewayIPConfiguration." + }, + "VirtualNetworkGatewayPropertiesFormat": { + "type": "object", + "properties": { + "ipConfigurations": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualNetworkGatewayIPConfiguration" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "IP configurations for virtual network gateway." + }, + "gatewayType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Vpn", + "ExpressRoute", + "HyperNet" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The type of this virtual network gateway." + }, + "vpnType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PolicyBased", + "RouteBased" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The type of this virtual network gateway." + }, + "vpnGatewayGeneration": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "Generation1", + "Generation2" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN." + }, + "enableBgp": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether BGP is enabled for this virtual network gateway or not." + }, + "activeActive": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "ActiveActive flag." + }, + "gatewayDefaultSite": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the LocalNetworkGateway resource which represents local network site having default routes. Assign Null value in case of removing existing default site setting." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkGatewaySku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network gateway." + }, + "vpnClientConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VpnClientConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the VpnClientConfiguration resource which represents the P2S VpnClient configurations." + }, + "bgpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/BgpSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Virtual network gateway's BGP speaker settings." + }, + "customRoutes": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the address space resource which represents the custom routes address space specified by the customer for virtual network gateway and VpnClient." + }, + "enableDnsForwarding": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether dns forwarding is enabled or not." + } + }, + "description": "VirtualNetworkGateway properties." + }, + "VirtualNetworkGatewaySku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "HighPerformance", + "Standard", + "UltraPerformance", + "VpnGw1", + "VpnGw2", + "VpnGw3", + "VpnGw4", + "VpnGw5", + "VpnGw1AZ", + "VpnGw2AZ", + "VpnGw3AZ", + "VpnGw4AZ", + "VpnGw5AZ", + "ErGw1AZ", + "ErGw2AZ", + "ErGw3AZ" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Gateway SKU name." + }, + "tier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Basic", + "HighPerformance", + "Standard", + "UltraPerformance", + "VpnGw1", + "VpnGw2", + "VpnGw3", + "VpnGw4", + "VpnGw5", + "VpnGw1AZ", + "VpnGw2AZ", + "VpnGw3AZ", + "VpnGw4AZ", + "VpnGw5AZ", + "ErGw1AZ", + "ErGw2AZ", + "ErGw3AZ" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Gateway SKU tier." + } + }, + "description": "VirtualNetworkGatewaySku details." + }, + "VirtualNetworkPeering": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network peering." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "required": [ + "name" + ], + "description": "Peerings in a virtual network resource." + }, + "VirtualNetworkPeeringPropertiesFormat": { + "type": "object", + "properties": { + "allowVirtualNetworkAccess": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space." + }, + "allowForwardedTraffic": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network." + }, + "allowGatewayTransit": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "If gateway links can be used in remote virtual networking to link to this virtual network." + }, + "useRemoteGateways": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "If remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also true, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway." + }, + "remoteVirtualNetwork": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the remote virtual network. The remote virtual network can be in the same or different region (preview). See here to register for the preview and learn more (https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-create-peering)." + }, + "remoteAddressSpace": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the remote virtual network address space." + }, + "peeringState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Initiated", + "Connected", + "Disconnected" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The status of the virtual network peering." + } + }, + "required": [ + "remoteVirtualNetwork" + ], + "description": "Properties of the virtual network peering." + }, + "VirtualNetworkPropertiesFormat": { + "type": "object", + "properties": { + "addressSpace": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The AddressSpace that contains an array of IP address ranges that can be used by subnets." + }, + "dhcpOptions": { + "oneOf": [ + { + "$ref": "#/definitions/DhcpOptions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network." + }, + "subnets": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Subnet" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of subnets in a Virtual Network." + }, + "virtualNetworkPeerings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualNetworkPeering" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "A list of peerings in a Virtual Network." + }, + "enableDdosProtection": { + "oneOf": [ + { + "type": "boolean", + "default": false + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It requires a DDoS protection plan associated with the resource." + }, + "enableVmProtection": { + "oneOf": [ + { + "type": "boolean", + "default": false + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Indicates if VM protection is enabled for all the subnets in the virtual network." + }, + "ddosProtectionPlan": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The DDoS protection plan associated with the virtual network." + }, + "bgpCommunities": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkBgpCommunities" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET." + } + }, + "required": [ + "addressSpace" + ], + "description": "Properties of the virtual network." + }, + "virtualNetworks_subnets_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "subnets" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SubnetPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the subnet." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualNetworks/subnets" + }, + "virtualNetworks_virtualNetworkPeerings_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "virtualNetworkPeerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkPeeringPropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the virtual network peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" + }, + "VirtualNetworkTapPropertiesFormat": { + "type": "object", + "properties": { + "destinationNetworkInterfaceIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the private IP Address of the collector nic that will receive the tap." + }, + "destinationLoadBalancerFrontEndIPConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference to the private IP address on the internal Load Balancer that will receive the tap." + }, + "destinationPort": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VXLAN destination port that will receive the tapped traffic." + } + }, + "description": "Virtual Network Tap properties." + }, + "VirtualRouterPeeringProperties": { + "type": "object", + "properties": { + "peerAsn": { + "oneOf": [ + { + "type": "integer", + "minimum": 0, + "maximum": 4294967295 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Peer ASN." + }, + "peerIp": { + "type": "string", + "description": "Peer IP." + } + }, + "description": "Properties of the rule group." + }, + "VirtualRouterPropertiesFormat": { + "type": "object", + "properties": { + "virtualRouterAsn": { + "oneOf": [ + { + "type": "integer", + "minimum": 0, + "maximum": 4294967295 + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VirtualRouter ASN." + }, + "virtualRouterIps": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VirtualRouter IPs" + }, + "hostedSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Subnet on which VirtualRouter is hosted." + }, + "hostedGateway": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The Gateway on which VirtualRouter is hosted." + } + }, + "description": "Virtual Router definition" + }, + "virtualRouters_peerings_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "peerings" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualRouterPeeringProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The properties of the Virtual Router Peering." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/virtualRouters/peerings" + }, + "VirtualWanProperties": { + "type": "object", + "properties": { + "disableVpnEncryption": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Vpn encryption to be disabled or not." + }, + "allowBranchToBranchTraffic": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "True if branch to branch traffic is allowed." + }, + "allowVnetToVnetTraffic": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "True if Vnet to Vnet traffic is allowed." + }, + "office365LocalBreakoutCategory": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Optimize", + "OptimizeAndAllow", + "All", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The office local breakout category." + }, + "type": { + "type": "string", + "description": "The type of the VirtualWAN." + } + }, + "description": "Parameters for VirtualWAN." + }, + "VpnClientConfiguration": { + "type": "object", + "properties": { + "vpnClientAddressPool": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The reference of the address space resource which represents Address space for P2S VpnClient." + }, + "vpnClientRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnClientRootCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VpnClientRootCertificate for virtual network gateway." + }, + "vpnClientRevokedCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnClientRevokedCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VpnClientRevokedCertificate for Virtual network gateway." + }, + "vpnClientProtocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "IkeV2", + "SSTP", + "OpenVPN" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VpnClientProtocols for Virtual network gateway." + }, + "vpnClientIpsecPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpsecPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VpnClientIpsecPolicies for virtual network gateway P2S client." + }, + "radiusServerAddress": { + "type": "string", + "description": "The radius server address property of the VirtualNetworkGateway resource for vpn client connection." + }, + "radiusServerSecret": { + "type": "string", + "description": "The radius secret property of the VirtualNetworkGateway resource for vpn client connection." + }, + "aadTenant": { + "type": "string", + "description": "The AADTenant property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication." + }, + "aadAudience": { + "type": "string", + "description": "The AADAudience property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication." + }, + "aadIssuer": { + "type": "string", + "description": "The AADIssuer property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication." + } + }, + "description": "VpnClientConfiguration for P2S client." + }, + "VpnClientRevokedCertificate": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnClientRevokedCertificatePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the vpn client revoked certificate." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "VPN client revoked certificate of virtual network gateway." + }, + "VpnClientRevokedCertificatePropertiesFormat": { + "type": "object", + "properties": { + "thumbprint": { + "type": "string", + "description": "The revoked VPN client certificate thumbprint." + } + }, + "description": "Properties of the revoked VPN client certificate of virtual network gateway." + }, + "VpnClientRootCertificate": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnClientRootCertificatePropertiesFormat" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the vpn client root certificate." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "required": [ + "properties" + ], + "description": "VPN client root certificate of virtual network gateway." + }, + "VpnClientRootCertificatePropertiesFormat": { + "type": "object", + "properties": { + "publicCertData": { + "type": "string", + "description": "The certificate public data." + } + }, + "required": [ + "publicCertData" + ], + "description": "Properties of SSL certificates of application gateway." + }, + "VpnConnection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN connection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "VpnConnection Resource." + }, + "VpnConnectionProperties": { + "type": "object", + "properties": { + "remoteVpnSite": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Id of the connected vpn site." + }, + "routingWeight": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Routing weight for vpn connection." + }, + "connectionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Unknown", + "Connecting", + "Connected", + "NotConnected" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The connection status." + }, + "vpnConnectionProtocolType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IKEv2", + "IKEv1" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Connection protocol used for this connection." + }, + "connectionBandwidth": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Expected bandwidth in MBPS." + }, + "sharedKey": { + "type": "string", + "description": "SharedKey for the vpn connection." + }, + "enableBgp": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "EnableBgp flag." + }, + "usePolicyBasedTrafficSelectors": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable policy-based traffic selectors." + }, + "ipsecPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpsecPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec Policies to be considered by this connection." + }, + "enableRateLimiting": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "EnableBgp flag." + }, + "enableInternetSecurity": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable internet security." + }, + "useLocalAzureIpAddress": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Use local azure ip to initiate connection." + }, + "vpnLinkConnections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnSiteLinkConnection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all vpn site link connections to the gateway." + } + }, + "description": "Parameters for VpnConnection." + }, + "VpnGatewayProperties": { + "type": "object", + "properties": { + "virtualHub": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VirtualHub to which the gateway belongs." + }, + "connections": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnConnection" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all vpn connections to the gateway." + }, + "bgpSettings": { + "oneOf": [ + { + "$ref": "#/definitions/BgpSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Local network gateway's BGP speaker settings." + }, + "vpnGatewayScaleUnit": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The scale unit for this vpn gateway." + } + }, + "description": "Parameters for VpnGateway." + }, + "vpnGateways_vpnConnections_childResource": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "vpnConnections" + ] + }, + "apiVersion": { + "type": "string", + "enum": [ + "2019-09-01" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN connection." + } + }, + "required": [ + "name", + "type", + "apiVersion", + "properties" + ], + "description": "Microsoft.Network/vpnGateways/vpnConnections" + }, + "VpnLinkBgpSettings": { + "type": "object", + "properties": { + "asn": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The BGP speaker's ASN." + }, + "bgpPeeringAddress": { + "type": "string", + "description": "The BGP peering address and BGP identifier of this BGP speaker." + } + }, + "description": "BGP settings details for a link." + }, + "VpnLinkProviderProperties": { + "type": "object", + "properties": { + "linkProviderName": { + "type": "string", + "description": "Name of the link provider." + }, + "linkSpeedInMbps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Link speed." + } + }, + "description": "List of properties of a link provider." + }, + "VpnServerConfigRadiusClientRootCertificate": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The certificate name." + }, + "thumbprint": { + "type": "string", + "description": "The Radius client root certificate thumbprint." + } + }, + "description": "Properties of the Radius client root certificate of VpnServerConfiguration." + }, + "VpnServerConfigRadiusServerRootCertificate": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The certificate name." + }, + "publicCertData": { + "type": "string", + "description": "The certificate public data." + } + }, + "description": "Properties of Radius Server root certificate of VpnServerConfiguration." + }, + "VpnServerConfigurationProperties": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the VpnServerConfiguration that is unique within a resource group." + }, + "vpnProtocols": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "IkeV2", + "OpenVPN" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VPN protocols for the VpnServerConfiguration." + }, + "vpnAuthenticationTypes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "Certificate", + "Radius", + "AAD" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VPN authentication types for the VpnServerConfiguration." + }, + "vpnClientRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnServerConfigVpnClientRootCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VPN client root certificate of VpnServerConfiguration." + }, + "vpnClientRevokedCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnServerConfigVpnClientRevokedCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VPN client revoked certificate of VpnServerConfiguration." + }, + "radiusServerRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnServerConfigRadiusServerRootCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Radius Server root certificate of VpnServerConfiguration." + }, + "radiusClientRootCertificates": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnServerConfigRadiusClientRootCertificate" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Radius client root certificate of VpnServerConfiguration." + }, + "vpnClientIpsecPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpsecPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "VpnClientIpsecPolicies for VpnServerConfiguration." + }, + "radiusServerAddress": { + "type": "string", + "description": "The radius server address property of the VpnServerConfiguration resource for point to site client connection." + }, + "radiusServerSecret": { + "type": "string", + "description": "The radius secret property of the VpnServerConfiguration resource for point to site client connection." + }, + "aadAuthenticationParameters": { + "oneOf": [ + { + "$ref": "#/definitions/AadAuthenticationParameters" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The set of aad vpn authentication parameters." + } + }, + "description": "Parameters for VpnServerConfiguration." + }, + "VpnServerConfigVpnClientRevokedCertificate": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The certificate name." + }, + "thumbprint": { + "type": "string", + "description": "The revoked VPN client certificate thumbprint." + } + }, + "description": "Properties of the revoked VPN client certificate of VpnServerConfiguration." + }, + "VpnServerConfigVpnClientRootCertificate": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The certificate name." + }, + "publicCertData": { + "type": "string", + "description": "The certificate public data." + } + }, + "description": "Properties of VPN client root certificate of VpnServerConfiguration." + }, + "VpnSiteLink": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnSiteLinkProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN site link." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "VpnSiteLink Resource." + }, + "VpnSiteLinkConnection": { + "type": "object", + "properties": { + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnSiteLinkConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Properties of the VPN site link connection." + }, + "name": { + "type": "string", + "description": "The name of the resource that is unique within a resource group. This name can be used to access the resource." + } + }, + "description": "VpnSiteLinkConnection Resource." + }, + "VpnSiteLinkConnectionProperties": { + "type": "object", + "properties": { + "vpnSiteLink": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Id of the connected vpn site link." + }, + "routingWeight": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Routing weight for vpn connection." + }, + "connectionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Unknown", + "Connecting", + "Connected", + "NotConnected" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The connection status." + }, + "vpnConnectionProtocolType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IKEv2", + "IKEv1" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Connection protocol used for this connection." + }, + "connectionBandwidth": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Expected bandwidth in MBPS." + }, + "sharedKey": { + "type": "string", + "description": "SharedKey for the vpn connection." + }, + "enableBgp": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "EnableBgp flag." + }, + "usePolicyBasedTrafficSelectors": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Enable policy-based traffic selectors." + }, + "ipsecPolicies": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IpsecPolicy" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The IPSec Policies to be considered by this connection." + }, + "enableRateLimiting": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "EnableBgp flag." + }, + "useLocalAzureIpAddress": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Use local azure ip to initiate connection." + } + }, + "description": "Parameters for VpnConnection." + }, + "VpnSiteLinkProperties": { + "type": "object", + "properties": { + "linkProperties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnLinkProviderProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The link provider properties." + }, + "ipAddress": { + "type": "string", + "description": "The ip-address for the vpn-site-link." + }, + "bgpProperties": { + "oneOf": [ + { + "$ref": "#/definitions/VpnLinkBgpSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The set of bgp properties." + } + }, + "description": "Parameters for VpnSite." + }, + "VpnSiteProperties": { + "type": "object", + "properties": { + "virtualWan": { + "oneOf": [ + { + "$ref": "#/definitions/SubResource" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The VirtualWAN to which the vpnSite belongs." + }, + "deviceProperties": { + "oneOf": [ + { + "$ref": "#/definitions/DeviceProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The device properties." + }, + "ipAddress": { + "type": "string", + "description": "The ip-address for the vpn-site." + }, + "siteKey": { + "type": "string", + "description": "The key for vpn-site that can be used for connections." + }, + "addressSpace": { + "oneOf": [ + { + "$ref": "#/definitions/AddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The AddressSpace that contains an array of IP address ranges." + }, + "bgpProperties": { + "oneOf": [ + { + "$ref": "#/definitions/BgpSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "The set of bgp properties." + }, + "isSecuritySite": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "IsSecuritySite flag." + }, + "vpnSiteLinks": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VpnSiteLink" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of all vpn site links." + } + }, + "description": "Parameters for VpnSite." + }, + "WebApplicationFirewallCustomRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "maxLength": 128, + "description": "The name of the resource that is unique within a policy. This name can be used to access the resource." + }, + "priority": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value." + }, + "ruleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "MatchRule", + "Invalid" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes type of rule." + }, + "matchConditions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/MatchCondition" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "List of match conditions." + }, + "action": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "Block", + "Log" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Type of Actions." + } + }, + "required": [ + "priority", + "ruleType", + "matchConditions", + "action" + ], + "description": "Defines contents of a web application rule." + }, + "WebApplicationFirewallPolicyPropertiesFormat": { + "type": "object", + "properties": { + "policySettings": { + "oneOf": [ + { + "$ref": "#/definitions/PolicySettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes policySettings for policy." + }, + "customRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/WebApplicationFirewallCustomRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes custom rules inside the policy." + }, + "managedRules": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedRulesDefinition" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#/definitions/expression" + } + ], + "description": "Describes the managedRules structure" + } + }, + "required": [ + "managedRules" + ], + "description": "Defines web application firewall policy properties." + } + } +} diff --git a/tests/2019-09-01/Microsoft.Network.AppGwWebApplicationFirewallPolicy.tests.json b/tests/2019-09-01/Microsoft.Network.AppGwWebApplicationFirewallPolicy.tests.json new file mode 100644 index 0000000000..9d8e5a9202 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.AppGwWebApplicationFirewallPolicy.tests.json @@ -0,0 +1,113 @@ +{ + "tests": [ + { + "name": "web application firewall policy - minimal resource", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies", + "name": "[variables('policyName')]", + "location": "[resourceGroup().location]", + "properties": { + "customRules": [], + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "OWASP", + "ruleSetVersion": "3.0" + } + ] + } + } + } + }, + { + "name": "web application firewall policy - with rules", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies", + "name": "[variables('policyName')]", + "location": "[resourceGroup().location]", + "properties": { + "customRules": [ + { + "name": "[variables('ruleName1')]", + "priority": 2, + "ruleType": "MatchRule", + "action": "Block", + "matchConditions": [ + { + "matchVariables": [ + { + "variableName": "RequestHeaders", + "selector": "Content-Length" + } + ], + "operator": "GreaterThan", + "negationConditon": false, + "matchValues": [ + "1000" + ], + "transforms": [ + "Lowercase" + ] + } + ] + } + ], + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "OWASP", + "ruleSetVersion": "3.0" + } + ] + } + } + } + }, + { + "name": "web application firewall policy - missing required", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/ApplicationGatewayWebApplicationFirewallPolicies", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties", + "schemaPath": "/properties/properties/oneOf" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies", + "name": "[variables('policyName')]", + "location": "[resourceGroup().location]", + "properties": { + "customRules": [ + { + "name": "[variables('ruleName1')]", + "matchConditions": [ + { + "matchVariables": [ + { + "variableName": "RequestHeaders", + "selector": "Content-Length" + } + ], + "operator": "GreaterThan", + "negationConditon": false, + "matchValues": [ + "1000" + ], + "transforms": [ + "Lowercase" + ] + } + ] + } + ] + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.ApplicationSecurityGroup.tests.json b/tests/2019-09-01/Microsoft.Network.ApplicationSecurityGroup.tests.json new file mode 100644 index 0000000000..7a5d2224a3 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.ApplicationSecurityGroup.tests.json @@ -0,0 +1,15 @@ +{ + "tests": [ + { + "name": "application security group", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/applicationSecurityGroups", + "json": { + "properties": {}, + "name": "[variables('applicationSecurityGroupName')]", + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/applicationSecurityGroups", + "location": "[resourceGroup().location]" + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.LoadBalancer.tests.json b/tests/2019-09-01/Microsoft.Network.LoadBalancer.tests.json new file mode 100644 index 0000000000..4ef6f995a8 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.LoadBalancer.tests.json @@ -0,0 +1,205 @@ +{ + "tests": [ + { + "name": "load balancer - minimal", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers", + "json": { + "apiVersion": "2019-09-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[resourceGroup().location]", + "properties": { + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd1", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressID1')]" + } + } + } + ] + } + } + }, + { + "name": "load balancer", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers", + "json": { + "apiVersion": "2019-09-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[resourceGroup().location]", + "properties": { + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd1", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressID1')]" + } + } + }, + { + "name": "loadBalancerFrontEnd2", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressID2')]" + } + } + } + ], + "backendAddressPools": [ + { + "name": "loadBalancerBackEnd" + } + ], + "loadBalancingRules": [ + { + "name": "LBRuleForVIP1", + "properties": { + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID1')]" + }, + "backendAddressPool": { + "id": "[variables('lbBackendPoolID')]" + }, + "protocol": "Tcp", + "frontendPort": 443, + "backendPort": 443, + "probe": { + "id": "[variables('lbProbeID')]" + } + } + }, + { + "name": "LBRuleForVIP2", + "properties": { + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID2')]" + }, + "backendAddressPool": { + "id": "[variables('lbBackendPoolID')]" + }, + "protocol": "Tcp", + "frontendPort": 443, + "backendPort": 444, + "probe": { + "id": "[variables('lbProbeID')]" + } + } + } + ], + "probes": [ + { + "name": "tcpProbe", + "properties": { + "protocol": "Tcp", + "port": 445, + "intervalInSeconds": 5, + "numberOfProbes": 2 + } + } + ] + } + } + }, + { + "name": "load balancer - no required frontendIPConfigurations", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers", + "json": { + "apiVersion": "2019-09-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[resourceGroup().location]", + "properties": {} + } + }, + { + "name": "load balancer - probe protocol out of range", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[resourceGroup().location]", + "properties": { + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd1", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressID1')]" + } + } + } + ], + "probes": [ + { + "name": "tcpProbe", + "properties": { + "protocol": "fail", + "port": 445, + "intervalInSeconds": 5, + "numberOfProbes": 2 + } + } + ] + } + } + }, + { + "name": "load balancer - rule protocol out of range", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/loadBalancers", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[resourceGroup().location]", + "properties": { + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd1", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressID1')]" + } + } + } + ], + "loadBalancingRules": [ + { + "name": "LBRuleForVIP1", + "properties": { + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID1')]" + }, + "backendAddressPool": { + "id": "[variables('lbBackendPoolID')]" + }, + "protocol": "OutOfRange", + "frontendPort": 443, + "backendPort": 443, + "probe": { + "id": "[variables('lbProbeID')]" + } + } + } + ] + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.NatGateway.tests.json b/tests/2019-09-01/Microsoft.Network.NatGateway.tests.json new file mode 100644 index 0000000000..ec6588dee4 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.NatGateway.tests.json @@ -0,0 +1,31 @@ +{ + "tests": [ + { + "name": "nat gateway - referenced resources", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/natGateways", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/natGateways", + "name": "[variables('natGatewayName')]", + "location": "[resourceGroup().location]", + "properties": { + "publicIpAddresses": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/PublicIpAddress1" + } + ], + "publicIpPrefixes": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPPrefixes/PublicIpPrefix1" + } + ], + "subnets": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1" + } + ] + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.NetworkInterface.tests.json b/tests/2019-09-01/Microsoft.Network.NetworkInterface.tests.json new file mode 100644 index 0000000000..308ed5dfd5 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.NetworkInterface.tests.json @@ -0,0 +1,180 @@ +{ + "tests": [ + { + "name": "network interface - only subnet", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnetRef')]" + } + } + } + ] + } + } + }, + { + "name": "network interface - subnet and publicipAddress", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnetRef')]" + }, + "publicipAddress": { + "id": "[variables('publicipref')]" + } + } + } + ] + } + } + }, + { + "name": "network interface - subnet, publicipAddress and nsg", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnetRef')]" + }, + "publicipAddress": { + "id": "[variables('subnetRef')]" + } + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgRef')]" + } + } + } + }, + { + "name": "network interface - subnet, publicipAddress and Lb referece", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnetRef')]" + }, + "publicipAddress": { + "id": "[variables('subnetRef')]" + }, + "loadBalancerInboundNatRules": [ + { + "id": "[variables('ruleid')]" + } + ], + "loadBalancerBackendAddressPools": [ + { + "id": "[variables('poolid')]" + } + ] + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgRef')]" + } + } + } + }, + { + "name": "network interface - no ipConfigurations", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": {} + } + }, + { + "name": "network interface - no ipConfiguration allocation method", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "[variables('subnetRef')]" + } + } + } + ] + } + } + }, + { + "name": "network interface - no subnet", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkInterfaces", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('nicName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic" + } + } + ] + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.NetworkSecurityGroup.tests.json b/tests/2019-09-01/Microsoft.Network.NetworkSecurityGroup.tests.json new file mode 100644 index 0000000000..d6a70244c7 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.NetworkSecurityGroup.tests.json @@ -0,0 +1,164 @@ +{ + "tests": [ + { + "name": "network security group", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "name": "[variables('networkSecurityGroupName')]", + "location": "[resourceGroup().location]", + "properties": { + "securityRules": [ + { + "name": "first_rule", + "properties": { + "description": "This is the first rule", + "protocol": "Tcp", + "sourcePortRange": "23-45", + "destinationPortRange": "46-56", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 123, + "direction": "Inbound" + } + } + ] + } + } + }, + { + "name": "network security group - minimal", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "name": "[variables('networkSecurityGroupName')]", + "location": "[resourceGroup().location]", + "properties": { + "securityRules": [ + { + "name": "first_rule", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "23-45", + "destinationPortRange": "46-56", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 123, + "direction": "Inbound" + } + } + ] + } + } + }, + { + "name": "network security group - no required properties", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "name": "[variables('networkSecurityGroupName')]", + "location": "[resourceGroup().location]", + "properties": { + "securityRules": [ + { + "name": "first_rule", + "properties": {} + } + ] + } + } + }, + { + "name": "network security group - no rules", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "name": "[variables('networkSecurityGroupName')]", + "location": "[resourceGroup().location]", + "properties": {} + } + }, + { + "name": "network security group - no name, location", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "expectedErrors": [ + { + "message": "Missing required property: name", + "dataPath": "/" + }, + { + "message": "Missing required property: location", + "dataPath": "/" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "properties": { + "securityRules": [ + { + "name": "first_rule", + "properties": { + "description": "This is the first rule", + "protocol": "Tcp", + "sourcePortRange": "23-45", + "destinationPortRange": "46-56", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 123, + "direction": "Inbound" + } + } + ] + } + } + }, + { + "name": "network security group - invalid types", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/networkSecurityGroups", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/networkSecurityGroups", + "name": "[variables('networkSecurityGroupName')]", + "location": "[resourceGroup().location]", + "properties": { + "securityRules": [ + { + "name": "first_rule", + "properties": { + "description": 123, + "protocol": 4, + "sourcePortRange": 23, + "destinationPortRange": 46, + "sourceAddressPrefix": true, + "destinationAddressPrefix": false, + "access": 321, + "priority": "123", + "direction": 19 + } + } + ] + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.PublicIpAddress.tests.json b/tests/2019-09-01/Microsoft.Network.PublicIpAddress.tests.json new file mode 100644 index 0000000000..1b8b6bd92e --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.PublicIpAddress.tests.json @@ -0,0 +1,74 @@ +{ + "tests": [ + { + "name": "public IP address - minimal resource", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/publicIPAddresses", + "name": "[variables('publicIPAddressName')]", + "location": "[resourceGroup().location]", + "properties": { + "publicIPAllocationMethod": "[parameters('publicIPAddressType')]" + } + } + }, + { + "name": "public IP address - fqdn and idle timeout", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/publicIPAddresses", + "name": "[variables('publicIPAddressName')]", + "location": "[resourceGroup().location]", + "properties": { + "publicIPAllocationMethod": "[parameters('publicIPAddressType')]", + "idleTimeoutInMinutes": 5, + "publicIPAddressVersion": "IPv4", + "dnsSettings": { + "domainNameLabel": "[parameters('dnsLabelPrefix')]", + "reverseFqdn": "[parameters('dnsLabelPrefix')]" + } + } + } + }, + { + "name": "public IP address - no name, location", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses", + "expectedErrors": [ + { + "message": "Missing required property: name", + "dataPath": "/" + }, + { + "message": "Missing required property: location", + "dataPath": "/" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/publicIPAddresses", + "properties": { + "publicIPAllocationMethod": "[parameters('publicIPAddressType')]" + } + } + }, + { + "name": "public IP address - no publicIPAllocationMethod", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/publicIPAddresses", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/publicIPAddresses", + "name": "[variables('publicIPAddressName')]", + "location": "[resourceGroup().location]", + "properties": {} + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.RouteTable.tests.json b/tests/2019-09-01/Microsoft.Network.RouteTable.tests.json new file mode 100644 index 0000000000..6dd4a7f2fb --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.RouteTable.tests.json @@ -0,0 +1,63 @@ +{ + "tests": [ + { + "name": "route table", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables", + "json": { + "type": "Microsoft.Network/routeTables", + "name": "[variables('routeTableName')]", + "apiVersion": "2019-09-01", + "location": "[parameters('location')]", + "properties": { + "routes": [ + { + "name": "VirtualApplianceRouteToSubnet3", + "properties": { + "addressPrefix": "[variables('subnet3Prefix')]", + "nextHopType": "VirtualAppliance", + "nextHopIpAddress": "[variables('NvmPrivateIPAddress')]" + } + } + ] + } + } + }, + { + "name": "route table - no required: addressPrefix, nextHopType", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables", + "expectedErrors": [ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json": { + "type": "Microsoft.Network/routeTables", + "name": "[variables('routeTableName')]", + "apiVersion": "2019-09-01", + "location": "[parameters('location')]", + "properties": { + "routes": [ + { + "name": "VirtualApplianceRouteToSubnet3", + "properties": { + "nextHopIpAddress": "[variables('NvmPrivateIPAddress')]" + } + } + ] + } + } + }, + { + "name": "route table - no routes", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/routeTables", + "json": { + "type": "Microsoft.Network/routeTables", + "name": "[variables('routeTableName')]", + "apiVersion": "2019-09-01", + "location": "[parameters('location')]", + "properties": {} + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.VirtualNetwork.tests.json b/tests/2019-09-01/Microsoft.Network.VirtualNetwork.tests.json new file mode 100644 index 0000000000..36f5de8435 --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.VirtualNetwork.tests.json @@ -0,0 +1,231 @@ +{ + "tests":[ + { + "name":"virtal network tests - minimal resource", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets":[ + { + "name":"[variables('subnetName')]", + "properties":{ + "addressPrefix":"[parameters('subnetPrefix')]" + } + } + ] + } + } + }, + { + "name":"virtual network tests - routetable and nsg resource", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets":[ + { + "name":"[variables('subnetName')]", + "properties":{ + "addressPrefix":"[parameters('subnetPrefix')]", + "networkSecurityGroup":{ + "id":"[variables('nsgRef')]" + }, + "routeTable":{ + "id":"[variables('rtRef')]" + } + } + } + ] + } + } + }, + { + "name":"virtual network tests - peerings", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets":[ + + ], + "virtualNetworkPeerings":[ + { + "name":"[variables('peeringName')]", + "properties":{ + "allowVirtualNetworkAccess":true, + "allowForwardedTraffic":true, + "allowGatewayTransit":true, + "useRemoteGateways":true, + "remoteVirtualNetwork":{ + "id":"[variables('remoteVirtualNetworkRef')]" + } + } + } + ] + } + } + }, + { + "name":"virtual network tests - no subnets", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + } + } + } + }, + { + "name":"virtual network tests - no prefixes", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "expectedErrors":[ + { + "message": "Data does not match any schemas from \"oneOf\"", + "dataPath": "/properties" + } + ], + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "subnets":[ + + ] + } + } + }, + { + "name":"virtual network tests - peerings invalid params", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "expectedErrors":[ + { + "message":"Data does not match any schemas from \"oneOf\"", + "dataPath":"/properties" + } + ], + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "name":"[variables('virtualNetworkName')]", + "location":"[resourceGroup().location]", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets":[ + + ], + "virtualNetworkPeerings":[ + { + "name":"[variables('peeringName')]", + "properties":{ + "allowVirtualNetworkAccess":"true", + "allowForwardedTraffic":"true", + "allowGatewayTransit":"true", + "useRemoteGateways":"true", + "remoteVirtualNetwork":{ + "id":"[variables('remoteVirtualNetworkRef')]" + } + } + } + ] + } + } + }, + { + "name":"virtual network tests - missing required name, location", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks", + "expectedErrors":[ + { + "message":"Missing required property: name", + "dataPath":"/", + "schemaPath":"/required/2" + }, + { + "message": "Missing required property: location", + "dataPath": "/" + } + ], + "json":{ + "apiVersion": "2019-09-01", + "type":"Microsoft.Network/virtualNetworks", + "properties":{ + "addressSpace":{ + "addressPrefixes":[ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets":[ + + ] + } + } + }, + { + "name":"virtual network tests - subnet", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_subnets", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/virtualNetworks/subnets", + "name": "[concat(parameters('virtualNetworkName'), '/subnet1')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + ], + "properties": { + "addressPrefix": "[parameters('subnetAddressPrefix')]" + } + } + }, + { + "name":"virtual network tests - subnet", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworks_subnets", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/virtualNetworks/subnets", + "name": "[concat(parameters('virtualNetworkName'), '/subnet1')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + ], + "properties": { + "addressPrefix": "[parameters('subnetAddressPrefix')]" + } + } + } + ] +} diff --git a/tests/2019-09-01/Microsoft.Network.VirtualNetworkGateway.tests.json b/tests/2019-09-01/Microsoft.Network.VirtualNetworkGateway.tests.json new file mode 100644 index 0000000000..a9c1fc2f4c --- /dev/null +++ b/tests/2019-09-01/Microsoft.Network.VirtualNetworkGateway.tests.json @@ -0,0 +1,90 @@ +{ + "tests": [ + { + "name": "virtual network gateway", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/virtualNetworkGateways", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/virtualNetworkGateways", + "name": "[variables('virtualNetworkGatewayName')]", + "location": "[resourceGroup().location]", + "properties": { + "ipConfigurations": [ + { + "name": "gwipconfig1", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('subnetName'))]" + }, + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('pipName'))]" + } + } + } + ], + "gatewayType": "Vpn", + "vpnType": "RouteBased", + "enableBgp": false, + "activeActive": false, + "sku": { + "name": "VpnGw1", + "tier": "VpnGw1" + }, + "bgpSettings": { + "asn": 65515, + "bgpPeeringAddress": "[parameters('peeringAddress')]", + "peerWeight": 0 + }, + "customRoutes": { + "addressPrefixes": [ + "[parameters('addressPrefix')]" + ] + } + } + } + }, + { + "name": "virtual network gateway connection", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/connections", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/connections", + "name": "[variables('virtualNetworkGatewayConnectionName')]", + "location": "[resourceGroup().location]", + "properties": { + "virtualNetworkGateway1": { + "id": "[resourceId('Microsoft.Network/virtualNetworkGateways', parameters('vpnGatewayName'))]" + }, + "localNetworkGateway2": { + "id": "[resourceId('Microsoft.Network/localNetworkGateways', parameters('localGatewayName'))]" + }, + "connectionType": "IPsec", + "connectionProtocol": "IKEv2", + "routingWeight": 0, + "sharedKey": "[parameters('sharedKey')]", + "enableBgp": false, + "usePolicyBasedTrafficSelectors": false + } + } + }, + { + "name": "local network gateway", + "definition": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Network.json#/resourceDefinitions/localNetworkGateways", + "json": { + "apiVersion": "2019-09-01", + "type": "Microsoft.Network/localNetworkGateways", + "name": "[variables('localNetworkGatewayName')]", + "location": "[resourceGroup().location]", + "properties": { + "localNetworkAddressSpace": { + "addressPrefixes": [ + "[parameters('addressPrefix')]" + ] + }, + "gatewayIpAddress": "[parameters('gatewayIpAddress')]" + } + } + } + ] +}