Virtual Network
Azure Virtual Networks provide an isolated and secure environment to run your Azure resources, enabling you to securely connect Azure resources to each other, the internet, and on-premises networks.
Example yaml file:
apiVersion: azure.boundless.software/v1alpha1
kind: VirtualNetwork
metadata:
name: vnet-sample
spec:
provider:
region: "eastus"
resourceGroupName: "my-resource-group"
addressSpace:
- "10.0.0.0/16"
subnets:
- name: "subnet1"
cidrBlock: "10.0.1.0/24"
type: "private"
zone: "1"
routeTable:
name: "rt-private"
routes:
- destination: "0.0.0.0/0"
subnets:
- "subnet1"
- name: "subnet2"
cidrBlock: "10.0.2.0/24"
type: "public"
natGateway:
name: "nat1"
zone: "1"
networkSecurityGroup:
- name: "nsg1"
securityRules:
- name: "allow-ssh"
description: "Allow SSH access"
destinationPortRange: "22"
sourceAddressPrefix: "*"
priority: 100
access: "Allow"
protocol: "Tcp"
direction: "Inbound"
subnets:
- "subnet1"
networkInterfaces:
- name: "nic1"
ipConfiguration:
name: "ipconfig1"
subnetId: "/subscriptions/.../subnets/subnet1"
peers:
- name: "peer1"
remoteVirtualNetworkID: "/subscriptions/.../virtualNetworks/vnet2"
allowForwardedTraffic: true
allowGatewayTransit: false
allowVirtualNetworkAccess: true
remoteAllowForwardedTraffic: true
remoteAllowGatewayTransit: false
remoteAllowVirtualNetworkAccess: true
tags:
environment: "production"
| Name | Type | Description |
|---|
| addressSpace* | []string | AddressSpace is the address space for the VPC. |
| provider* | AzureProviderSpec | Provider is the Azure provider settings for this VPC. |
| resourceGroupName* | string | ResourceGroupName is the name of the resource group in which to create the VPC. |
| cidrBlock | string | CidrBlock is the CIDR block for the VPC. |
| subnets | []SubnetSpec | Subnets specifies the subnets to be created for this VPC. |
| networkSecurityGroups | []NetworkSecurityGroupSpec | NetworkSecurityGroup specifies the Network Security Group settings for this VPC. |
| networkInterfaces | []NetworkInterfaceSpec | NetworkInterfaces specifies the Network Interface settings for this VPC. |
| ddosProtectionPlan | string | DdosProtectionPlan specifies the DDoS protection plan settings for this VPC. |
| peers | []PeerSpec | VnetPeering specifies the VNet peering settings for this VPC. |
| tags | map[string]string | Tags are metadata to assign to the VPC. |
Outputs
| Name | Type | Description |
|---|
| condition | metav1.Condition | The condition of the Virtual Network. |
| name | string | The name of the Virtual Network. |
| id | string | The ID of the Virtual Network. |
| ddosProtectionPlanId | string | The ID of the DDoS protection plan. |
| peers | map[string]*PeerStatus | The status of VNet peering connections. |
| subnets | map[string]*SubnetStatus | The status of subnets within this VPC. |
| natGateways | map[string]*NatGatewayStatus | The status of NAT gateways within this VPC. |
| routeTables | map[string]*RouteTableStatus | The status of route tables within this VPC. |
| networkSecurityGroups | map[string]*NetworkSecurityGroupStatus | The status of network security groups within this VPC. |
| networkInterfaces | map[string]*NetworkInterfaceStatus | The status of network interfaces within this VPC. |
IpConfigurationSpec
| Name | Type | Description |
|---|
| name* | string | Name is the name of the IP configuration. |
| subnetId* | string | Subnet is the subnet for the IP configuration. |
| privateIPAddressVersion | string | PrivateIPAddressVersion is the IP address version for the IP configuration. |
| privateIPAllocationMethod | string | PrivateIPAllocationMethod is the IP allocation method for the IP configuration. |
SecurityRuleSpec
| Name | Type | Description |
|---|
| name* | string | Name is the name of the security rule. |
| description | string | Description is the description of the security rule. |
| destinationAddressPrefix | string | DestinationAddressPrefix is the CIDR block of the destination. |
| destinationPortRange | string | DestinationPortRange is the port range of the destination. |
| sourceAddressPrefix | string | SourceAddressPrefix is the CIDR block of the source. |
| sourcePortRange | string | SourcePortRange is the port range of the source. |
| priority | int32 | Priority is the priority of the security rule. |
| access | string | Access is the access type of the security rule. |
| protocol | string | Protocol is the protocol of the security rule. |
| direction* | string | Direction is the direction of the security rule. |
RouteSpec
| Name | Type | Description |
|---|
| destination* | string | Destination specifies the CIDR block of the route. |
RouteTableSpec
| Name | Type | Description |
|---|
| name* | string | Name is the name of the Route Table. |
| routes | []RouteSpec | Routes specifies the routes to be added to this Route Table. |
| subnets | []string | Subnets specifies the subnets associated with this Route Table. |
| tags | map[string]string | Tags are metadata to assign to the Route Table. |
ZoneSpec
| Name | Type | Description |
|---|
| zone* | string | Zone is the availability zone for the NAT Gateway. |
| subnets* | []string | Subnet is the subnet for the NAT Gateway. |
RouteStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Condition provides the current condition of this Route. |
| destination | string | Destination is the CIDR block of the route. |
RouteTableStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Condition provides the current condition of this Route Table. |
| name | string | Name is the name of the Route Table. |
| type | string | Type specifies the type of the Route Table. |
| id | string | Id is the Azure Route Table ID. |
| associations | map[string]string | Associations specifies the associated subnets. |
| routes | map[string]*RouteStatus | Routes specifies the status of routes within this Route Table. |
