Azure Network Prefix
This page shows how to write Terraform and Azure Resource Manager for Network Prefix and write them securely.
azurerm_public_ip_prefix (Terraform)
The Prefix in Network can be configured in Terraform with the resource name azurerm_public_ip_prefix
. The following sections describe 8 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_public_ip_prefix" "prefix" {
name = var.name
location = var.location
resource_group_name = var.rg
tags = var.tags
resource "azurerm_public_ip_prefix" "hubipprefix" {
name = "nat-gateway-publicIPPrefix"
location = var.location
resource_group_name = var.resource_group_name
prefix_length = 30
zones = ["1"]
resource "azurerm_public_ip_prefix" "main" {
for_each = var.public_ip_prefixes
name = each.key
location = var.location
resource_group_name = var.resource_group_name
prefix_length = each.value.prefix_length
resource "azurerm_public_ip_prefix" "p-ip-px" {
name = "nat-gateway-publicIPPrefix"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
prefix_length = 31
#zones = ["1"]
resource "azurerm_public_ip_prefix" "example" {
name = "acceptanceTestPublicIpPrefix1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
prefix_length = 31
resource "azurerm_public_ip_prefix" "this" {
location = var.location
name = var.name
prefix_length = var.prefix_length
resource_group_name = var.resource_group_name
sku = var.sku
resource "azurerm_public_ip_prefix" "pre001" {
name = ""
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
prefix_length = 30
zones = ["1"]
resource "azurerm_public_ip_prefix" "public_ip_prefix" {
name = "ppp01"
location = var.loc
resource_group_name = "terraform"
prefix_length = 28
}
Parameters
-
id
optional computed - string -
ip_prefix
optional computed - string -
location
required - string -
name
required - string -
prefix_length
optional - number -
resource_group_name
required - string -
sku
optional - string -
tags
optional - map from string to string -
zones
optional - list of string -
timeouts
single block
Explanation in Terraform Registry
Manages a Public IP Prefix.
Tips: Best Practices for The Other Azure Network Resources
In addition to the azurerm_network_security_group, Azure Network has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_network_security_group
Ensure to disable RDP port from the Internet
It is better to disable the RDP port from the Internet. RDP access should not be accepted from the Internet (*, 0.0.0.0, /0, internet, any), and consider using the Azure Bastion Service.
azurerm_network_security_rule
Ensure to set a more restrictive CIDR range for ingress from the internet
It is better to set a more restrictive CIDR range not to use very broad subnets. If possible, segments should be divided into smaller subnets.
azurerm_network_watcher_flow_log
Ensure to enable Retention policy for flow logs and set it to enough duration
It is better to enable a retention policy for flow logs. Flow logs show us all network activity in the cloud environment and support us when we face critical incidents.
Microsoft.Network/publicIPPrefixes (Azure Resource Manager)
The publicIPPrefixes in Microsoft.Network can be configured in Azure Resource Manager with the resource name Microsoft.Network/publicIPPrefixes
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Network/publicIPPrefixes"
},
{
"id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/publicIPPrefixes/ipprefix01",
"location": "westus",
"name": "ipprefix01",
"type": "Microsoft.Network/publicIPPrefixes"
},
{
"id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/publicIPPrefixes/ipprefix01",
"location": "westus",
"name": "ipprefix01",
"type" : "Microsoft.Network/publicIPPrefixes"
}
},
"201" : {
"body" : {
"name" : "test-ipprefix",
"type" : "Microsoft.Network/publicIPPrefixes"
}
},
"201" : {
"body" : {
"name" : "test-ipprefix",
"type" : "Microsoft.Network/publicIPPrefixes"
},
{
"name" : "ipprefix01",
"id" : "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/publicIPPrefixes/ipprefix01",
"location" : "westus",
"type" : "Microsoft.Network/publicIPPrefixes"
},
{
"name" : "ipprefix01",
"id" : "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/publicIPPrefixes/ipprefix01",
"location" : "westus",
"type" : "Microsoft.Network/publicIPPrefixes"
},
{
"name" : "ipprefix03",
"id" : "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPPrefixes/ipprefix03",
"location" : "westus",
"type" : "Microsoft.Network/publicIPPrefixes"
},
{
"name" : "ipprefix03",
"id" : "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPPrefixes/ipprefix03",
"location" : "westus",
"type" : "Microsoft.Network/publicIPPrefixes"
}
},
"201" : {
"body" : {
"name" : "test-ipprefix",
"type" : "Microsoft.Network/publicIPPrefixes"
}
},
"201" : {
"body" : {
"name" : "test-ipprefix",
Parameters
name
required - stringtype
required - stringapiVersion
required - stringlocation
required - stringResource location.
tags
optional - stringResource tags.
extendedLocation
optionalname
required - stringThe name of the extended location.
type
required - stringThe type of the extended location.
sku
optionalname
optional - stringName of a public IP prefix SKU.
tier
optional - stringTier of a public IP prefix SKU.
properties
requiredpublicIPAddressVersion
optional - stringThe public IP address version.
ipTags
optional arrayipTagType
optional - stringThe IP tag type. Example: FirstPartyUsage.
tag
optional - stringThe value of the IP tag associated with the public IP. Example: SQL.
prefixLength
optional - integerThe Length of the Public IP Prefix.
customIPPrefix
optionalid
required - stringResource ID.
zones
optional - arrayA list of availability zones denoting the IP allocated for the resource needs to come from.
Frequently asked questions
What is Azure Network Prefix?
Azure Network Prefix is a resource for Network of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Network Prefix?
For Terraform, the hyundonk/ebkr-landing-zones, pagyP/Terraform-Lab and guidalabs/terraform-azure-public-ip-prefix source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the Pudding124/SwaggerStructure, rwth-acis/apis-guru-statistics and sanjaypavan/OldAzure-Rest-API source code examples are useful. See the Azure Resource Manager Example section for further details.