New-CmAzIaasVpnGw

Set Virtual private network Gateway in Azure Vnet

Completes the following:

  • This script creates Vpn Gateways in provided Vnets.
  • Optionally configures P2s and S2s.
  • Secrets and certificates are securely retrieved from Keyvault

This command forms part of the IaaS Building Block.

Parameters

-SettingsFile

Required. (String) File path for the settings file to be converted into a settings object.

-SettingsObject

Required. (Object) Object containing the configuration values required to run this cmdlet.

-TagSettingsFile

Required. (String) File path for the tag settings file to be converted into a tag settings object.

-WhatIf

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

-Confirm

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

Usage

Example 1

1
New-CmAzIaasVpnGw -SettingsFile "VpnGw.yml"

Example 2

1
New-CmAzIaasVpnGw -SettingsObject $settings

Settings

Beta documentation
The following schema documentation is automatically generated as part of a recent roadmap task. There may be inaccuracies or incomplete information while we flush out bugs; please refer to the packed project settings examples where necessary.

Settings Root.

Component

component [string | null]

Value to determine what cmdlet should be dynamically loaded for these settings.

Location

location [string] Mandatory

Vpn gateway deployment location

Service

service [object] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object]

Contains dependency details for service location.

ResourceGroup

resourceGroup [string]

Dependency value to fetch existing resource type.

Keyvault

keyvault [string | null]

Global default dependency value to fetch existing resource type.

Vnet

vnet [string | null]

Global default dependency value to fetch existing resource type.

Publish

publish [object | null]

Contains publish details for service location.

PublicIp

publicIp [string | null]

Global default value to publish on deployed resource type.

VirtualNetworkGateway

virtualNetworkGateway [string | null]

Global default value to publish on deployed resource type.

LocalNetworkGateway

localNetworkGateway [string | null]

Global default value to publish on deployed resource type.

Configuration of vpn gateways

vpnGws [array] Mandatory

Contains list of details required to deploy vpn gateways and its dependent resources.

GatewayName

gatewayName [string]

Becomes part of the generated local network gateway, public ip address and virtual network gateway names.

Service

service [object | null] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object | null]

Contains dependency details for service location.

KeyVault

keyVault [string | null]

Local overriding dependency value to fetch existing resource type.

Vnet

vnet [string | null]

Local overriding dependency value to fetch existing resource type.

Publish

publish [object | null]

Contains publish details for service location.

PublicIp

publicIp [string | null]

Local overriding value to publish on deployed existing resource type.

VirtualNetworkGateway

virtualNetworkGateway [string | null]

Local overriding value to publish on deployed existing resource type.

LocalNetworkGateway

localNetworkGateway [string | null]

Local overriding value to publish on deployed existing resource type.

Sku

sku [string]

Sku name and tier.

GatewaySubnetPrefix

gatewaySubnetPrefix [string | null]

Gateway subnet address prefix.

P2s

p2s [object | null]

Contains P2s Configuration.

VpnAddressPool

vpnAddressPool [string | null]

The vpn ip address pool.

Default:

RootCertificateName

rootCertificateName [string | null]

Secret name of root certificate in an existing key vault.

Default:

S2s

s2s [object | null]

Contains S2s Configuration.

KeyvaultSecret

keyVaultSecret [string | null]

Name of secret to fetch from an existing key vault.

ClientSitePublicIP

clientSitePublicIP [string | null]

Client site Public ip address. Must follow ipv4 format.

Default:

SharedKey

sharedKey [string]

key vault secret containing the shared key.

CidrBlocks

cidrBlocks [array | null]

Cidr blocks allowed over vpn.

Examples

The following example files are automatically generated from the settings file schema definition to show how the specification can be used in practise. Cloudmarque can accept both JSON and YAML parameter files.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
{
  "component": "string",
  "location": "string",
  "service": {
    "dependencies": {
      "resourceGroup": "string",
      "keyvault": "string",
      "vnet": "string"
    },
    "publish": {
      "publicIp": "string",
      "virtualNetworkGateway": "string",
      "localNetworkGateway": "string"
    }
  },
  "vpnGws": [
    {
      "gatewayName": "string",
      "service": {
        "dependencies": {
          "keyVault": "string",
          "vnet": "string"
        },
        "publish": {
          "publicIp": "string",
          "virtualNetworkGateway": "string",
          "localNetworkGateway": "string"
        }
      },
      "sku": "string",
      "gatewaySubnetPrefix": "string",
      "p2s": {
        "vpnAddressPool": "string",
        "rootCertificateName": "string"
      },
      "s2s": {
        "keyVaultSecret": "string",
        "clientSitePublicIP": "string",
        "sharedKey": "string",
        "cidrBlocks": [
          "string"
        ]
      }
    }
  ]
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
component: "string"    # Optional
location: "string"    # Mandatory
service:     # Mandatory
  dependencies:     # Mandatory
    resourceGroup: "string"    # Mandatory
    keyvault: "string"    # Optional
    vnet: "string"    # Optional
  publish:     # Optional
    publicIp: "string"    # Optional
    virtualNetworkGateway: "string"    # Optional
    localNetworkGateway: "string"    # Optional
vpnGws:     # Mandatory
  - gatewayName: "string"    # Mandatory
    service:     # Optional
      dependencies:     # Optional
        keyVault: "string"    # Optional
        vnet: "string"    # Optional
      publish:     # Optional
        publicIp: "string"    # Optional
        virtualNetworkGateway: "string"    # Optional
        localNetworkGateway: "string"    # Optional
    sku: "string"    # Mandatory
    gatewaySubnetPrefix: "string"    # Optional
    p2s:     # Optional
      vpnAddressPool: "string"    # Optional
      rootCertificateName: "string"    # Optional
    s2s:     # Optional
      keyVaultSecret: "string"    # Optional
      clientSitePublicIP: "string"    # Optional
      sharedKey: "string"    # Optional
      cidrBlocks:     # Optional
        - "string"