Share via


Microsoft.Network loadBalancers 2015-05-01-preview

Bicep resource definition

The loadBalancers resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/loadBalancers@2015-05-01-preview' = {
  scope: resourceSymbolicName or scope
  etag: 'string'
  location: 'string'
  name: 'string'
  properties: {
    backendAddressPools: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          backendIPConfigurations: [
            {
              id: 'string'
            }
          ]
          loadBalancingRules: [
            {
              id: 'string'
            }
          ]
          outboundNatRule: {
            id: 'string'
          }
          provisioningState: 'string'
        }
      }
    ]
    frontendIPConfigurations: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          inboundNatPools: [
            {
              id: 'string'
            }
          ]
          inboundNatRules: [
            {
              id: 'string'
            }
          ]
          loadBalancingRules: [
            {
              id: 'string'
            }
          ]
          outboundNatRules: [
            {
              id: 'string'
            }
          ]
          privateIPAddress: 'string'
          privateIPAllocationMethod: 'string'
          provisioningState: 'string'
          publicIPAddress: {
            id: 'string'
          }
          subnet: {
            id: 'string'
          }
        }
      }
    ]
    inboundNatPools: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          backendPort: int
          frontendIPConfiguration: {
            id: 'string'
          }
          frontendPortRangeEnd: int
          frontendPortRangeStart: int
          protocol: 'string'
          provisioningState: 'string'
        }
      }
    ]
    inboundNatRules: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          backendIPConfiguration: {
            id: 'string'
          }
          backendPort: int
          enableFloatingIP: bool
          frontendIPConfiguration: {
            id: 'string'
          }
          frontendPort: int
          idleTimeoutInMinutes: int
          protocol: 'string'
          provisioningState: 'string'
        }
      }
    ]
    loadBalancingRules: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          backendAddressPool: {
            id: 'string'
          }
          backendPort: int
          enableFloatingIP: bool
          frontendIPConfiguration: {
            id: 'string'
          }
          frontendPort: int
          idleTimeoutInMinutes: int
          loadDistribution: 'string'
          probe: {
            id: 'string'
          }
          protocol: 'string'
          provisioningState: 'string'
        }
      }
    ]
    outboundNatRules: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          allocatedOutboundPorts: int
          backendAddressPool: {
            id: 'string'
          }
          frontendIPConfigurations: [
            {
              id: 'string'
            }
          ]
          provisioningState: 'string'
        }
      }
    ]
    probes: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          intervalInSeconds: int
          loadBalancingRules: [
            {
              id: 'string'
            }
          ]
          numberOfProbes: int
          port: int
          protocol: 'string'
          provisioningState: 'string'
          requestPath: 'string'
        }
      }
    ]
    provisioningState: 'string'
    resourceGuid: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

Microsoft.Network/loadBalancers

Name Description Value
etag Gets a unique read-only string that changes whenever the resource is updated string
location Resource location string (required)
name The resource name string (required)
properties Properties of Load Balancer LoadBalancerPropertiesFormat
scope Use when creating a resource at a scope that is different than the deployment scope. Set this property to the symbolic name of a resource to apply the extension resource.
tags Resource tags Dictionary of tag names and values. See Tags in templates

BackendAddressPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of BackendAddressPool BackendAddressPoolPropertiesFormat

BackendAddressPoolPropertiesFormat

Name Description Value
backendIPConfigurations Gets collection of references to IPs defined in NICs SubResource[]
loadBalancingRules Gets Load Balancing rules that use this Backend Address Pool SubResource[]
outboundNatRule Gets outbound rules that use this Backend Address Pool SubResource
provisioningState Provisioning state of the PublicIP resource Updating/Deleting/Failed string

FrontendIpConfiguration

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Frontend IP Configuration of the load balancer FrontendIpConfigurationPropertiesFormat

FrontendIpConfigurationPropertiesFormat

Name Description Value
inboundNatPools Read only.Inbound pools URIs that use this frontend IP SubResource[]
inboundNatRules Read only.Inbound rules URIs that use this frontend IP SubResource[]
loadBalancingRules Gets Load Balancing rules URIs that use this frontend IP SubResource[]
outboundNatRules Read only.Outbound rules URIs that use this frontend IP SubResource[]
privateIPAddress Gets or sets the IP address of the Load Balancer.This is only specified if a specific private IP address shall be allocated from the subnet specified in subnetRef string
privateIPAllocationMethod Gets or sets PrivateIP allocation method (Static/Dynamic) 'Dynamic'
'Static'
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
publicIPAddress Gets or sets the reference of the PublicIP resource SubResource
subnet Gets or sets the reference of the subnet resource.A subnet from where the load balancer gets its private frontend address SubResource

InboundNatPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT pool InboundNatPoolPropertiesFormat

InboundNatPoolPropertiesFormat

Name Description Value
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPortRangeEnd Gets or sets the ending port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
frontendPortRangeStart Gets or sets the starting port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

InboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT rule InboundNatRulePropertiesFormat

InboundNatRulePropertiesFormat

Name Description Value
backendIPConfiguration Gets or sets a reference to a private ip address defined on a NetworkInterface of a VM. Traffic sent to frontendPort of each of the frontendIPConfigurations is forwarded to the backed IP SubResource
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

LoadBalancerPropertiesFormat

Name Description Value
backendAddressPools Gets or sets Pools of backend IP addresses BackendAddressPool[]
frontendIPConfigurations Gets or sets frontend IP addresses of the load balancer FrontendIpConfiguration[]
inboundNatPools Gets or sets inbound NAT pools InboundNatPool[]
inboundNatRules Gets or sets list of inbound rules InboundNatRule[]
loadBalancingRules Gets or sets load balancing rules LoadBalancingRule[]
outboundNatRules Gets or sets outbound NAT rules OutboundNatRule[]
probes Gets or sets list of Load balancer probes Probe[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
resourceGuid Gets or sets resource guid property of the Load balancer resource string

LoadBalancingRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of the load balancer LoadBalancingRulePropertiesFormat

LoadBalancingRulePropertiesFormat

Name Description Value
backendAddressPool Gets or sets a reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
loadDistribution Gets or sets the load distribution policy for this rule 'Default'
'SourceIP'
'SourceIPProtocol'
probe Gets or sets the reference of the load balancer probe used by the Load Balancing rule. SubResource
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

OutboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Outbound NAT pool of the loadbalancer OutboundNatRulePropertiesFormat

OutboundNatRulePropertiesFormat

Name Description Value
allocatedOutboundPorts Gets or sets the number of outbound ports to be used for SNAT int (required)
backendAddressPool Gets or sets a reference to a pool of DIPs. Outbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
frontendIPConfigurations Gets or sets Frontend IP addresses of the load balancer SubResource[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

Probe

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties ProbePropertiesFormat

ProbePropertiesFormat

Name Description Value
intervalInSeconds Gets or sets the interval, in seconds, for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period (in seconds) which allows two full probes before taking the instance out of rotation. The default value is 15, the minimum value is 5 int
loadBalancingRules Gets Load balancer rules that use this probe SubResource[]
numberOfProbes Gets or sets the number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure. int
port Gets or sets Port for communicating the probe. Possible values range from 1 to 65535, inclusive. int (required)
protocol Gets or sets the protocol of the end point. Possible values are http pr Tcp. If Tcp is specified, a received ACK is required for the probe to be successful. If http is specified,a 200 OK response from the specifies URI is required for the probe to be successful 'Http'
'Tcp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
requestPath Gets or sets the URI used for requesting health status from the VM. Path is required if a protocol is set to http. Otherwise, it is not allowed. There is no default value string

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource Id string

Usage Examples

Azure Verified Modules

The following Azure Verified Modules can be used to deploy this resource type.

Module Description
Load Balancer AVM Resource Module for Load Balancer

Azure Quickstart Samples

The following Azure Quickstart templates contain Bicep samples for deploying this resource type.

Bicep File Description
2 VMs in a Load Balancer and configure NAT rules on the LB This template allows you to create 2 Virtual Machines in an Availability Set and configure NAT rules through the load balancer. This template also deploys a Storage Account, Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
2 VMs in a Load Balancer and load balancing rules This template allows you to create 2 Virtual Machines under a Load balancer and configure a load balancing rule on Port 80. This template also deploys a Storage Account, Virtual Network, Public IP address, Availability Set and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
2 VMs in VNET - Internal Load Balancer and LB rules This template allows you to create 2 Virtual Machines in a VNET and under an internal Load balancer and configure a load balancing rule on Port 80. This template also deploys a Storage Account, Virtual Network, Public IP address, Availability Set and Network Interfaces.
AzureDatabricks Template for VNetInjection and Load Balancer This template allows you to create a a load balancer, network security group, a virtual network and an Azure Databricks workspace with the virtual network.
Create a cross-region load balancer This template creates a cross-region load balancer with a backend pool containing two regional load balancers. Cross-region load balancer is currently available in limited regions. The regional load balancers behind the cross-region load balancer can be in any region.
Create a standard internal load balancer This template creates a standard internal Azure Load Balancer with a rule load-balancing port 80
Create a standard internal load balancer with HA ports This template creates a standard internal Azure Load Balancer with a HA ports load-balancing rule
Create a standard load-balancer This template creates an Internet-facing load-balancer, load balancing rules, and three VMs for the backend pool with each VM in a redundant zone.
Create a VM with multiple NICs and RDP accessible This template allows you to create a Virtual Machines with multiple (2) network interfaces (NICs), and RDP connectable with a configured load balancer and an inbound NAT rule. More NICs can easily be added with this template. This template also deploys a Storage Account, Virtual Network, Public IP address, and 2 Network Interfaces (front-end and back-end).
Create an Azure VM with a new AD Forest This template creates a new Azure VM, it configures the VM to be an AD DC for a new Forest
Create an Ubuntu GNOME desktop This template creates an ubuntu desktop machine. This works great for use as a jumpbox behind a NAT.
Deploy a 5 Node Secure Cluster This template allows you to deploy a secure 5 node Service Fabric Cluster running Windows Server 2019 Datacenter on a Standard_D2_v2 Size VMSS.
Deploy a trusted launch capable Windows VM Scale Set This template allows you to deploy a trusted launch capable VM Scale Set of Windows VMs using the latest patched version of Windows Server 2016, Windows Server 2019 or Windows Server 2022 Azure Edition. These VMs are behind a load balancer with NAT rules for RDP connections. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VMSS. This extension will perform remote attestation by the cloud.
Deploy a VM Scale Set with Windows VMs and Auto Scale This template allows you to deploy a simple VM Scale Set of Windows VMs using the latest patched version of Windows 2008-R2-SP1, 2012-Datacenter, or 2012-R2-Datacenter. These VMs are behind a load balancer with NAT rules for RDP connections. They also have Auto Scale integrated
Deploy a VMSS that connects each VM to an Azure Files share This template deploys an Ubuntu Virtual Machine Scale Set and uses a custom script extension to connect each VM to an Azure Files share
Deploy Shibboleth Identity Provider cluster on Windows This template deploys Shibboleth Identity Provider on Windows in a clustered configuration. After the deployment is successful, you can go to https://your-domain:8443/idp/profile/status (note port number) to check success.
Deploy VM Scale Set with Python Bottle server & AutoScale Deploy a VM Scale Set behind a load balancer/NAT & each VM running a simple Python Bottle app that does work. With Autoscale configured Scale Set will scale out & in as needed
Deploys SQL Server 2014 AG on existing VNET & AD This template creates three new Azure VMs on an existing VNET: Two VMs are configured as SQL Server 2014 availability group replica nodes and one VM is configured as a File Share Witness for automated cluster failover. In addition to these VMs, the following additional Azure resources are also configured: Internal load balancer, Storage accounts. To configure clustering, SQL Server, and an availability group within each VM, PowerShell DSC is leveraged. For Active Directory support, existing Active Directory domain controllers should already be deployed on the existing VNET.
Front Door Premium with VM and Private Link service This template creates a Front Door Premium and a virtual machine configured as a web server. Front Door uses a private endpoint with Private Link service to send traffic to the VM.
IIS VMs & SQL Server 2014 VM Create 1 or 2 IIS Windows 2012 R2 Web Servers and one back end SQL Server 2014 in VNET.
JBoss EAP on RHEL (clustered, multi-VM) This template allows you to create multiple RHEL 8.6 VMs running JBoss EAP 7.4 cluster and also deploys a web application called eap-session-replication, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment.
Private Link service example This template shows how to create a private link service
Public Load Balancer chained to a Gateway Load Balancer This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool.
Virtual machine with an RDP port Creates a virtual machine and creates a NAT rule for RDP to the VM in load balancer
VM Scale Set with autoscale running an IIS WebApp Deploys a Windows VM Scale Set running IIS and a very basic .NET MVC web app. The VMSS PowerShell DSC Extension is leveraged to do the IIS install and WebDeploy package deployment.
VMs in Availability Zones with a Load Balancer and NAT This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
VMSS Flexible Orchestration Mode Quickstart Linux This template deploys a simple VM Scale Set with instances behind an Azure Load Balancer. The VM Scale set is in Flexible Orchestration Mode. Use the os parameter to choose Linux (Ubuntu) or Windows (Windows Server Datacenter 2019) deployment. NOTE: This quickstart template enables network access to VM management ports (SSH, RDP) from any internet address, and should not be used for production deployments.
VMSS with Public IP Prefix Template for deploying VMSS with Public IP Prefix

ARM template resource definition

The loadBalancers resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/loadBalancers",
  "apiVersion": "2015-05-01-preview",
  "name": "string",
  "etag": "string",
  "location": "string",
  "properties": {
    "backendAddressPools": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "backendIPConfigurations": [
            {
              "id": "string"
            }
          ],
          "loadBalancingRules": [
            {
              "id": "string"
            }
          ],
          "outboundNatRule": {
            "id": "string"
          },
          "provisioningState": "string"
        }
      }
    ],
    "frontendIPConfigurations": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "inboundNatPools": [
            {
              "id": "string"
            }
          ],
          "inboundNatRules": [
            {
              "id": "string"
            }
          ],
          "loadBalancingRules": [
            {
              "id": "string"
            }
          ],
          "outboundNatRules": [
            {
              "id": "string"
            }
          ],
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "provisioningState": "string",
          "publicIPAddress": {
            "id": "string"
          },
          "subnet": {
            "id": "string"
          }
        }
      }
    ],
    "inboundNatPools": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "backendPort": "int",
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPortRangeEnd": "int",
          "frontendPortRangeStart": "int",
          "protocol": "string",
          "provisioningState": "string"
        }
      }
    ],
    "inboundNatRules": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "backendIPConfiguration": {
            "id": "string"
          },
          "backendPort": "int",
          "enableFloatingIP": "bool",
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": "int",
          "idleTimeoutInMinutes": "int",
          "protocol": "string",
          "provisioningState": "string"
        }
      }
    ],
    "loadBalancingRules": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "backendAddressPool": {
            "id": "string"
          },
          "backendPort": "int",
          "enableFloatingIP": "bool",
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": "int",
          "idleTimeoutInMinutes": "int",
          "loadDistribution": "string",
          "probe": {
            "id": "string"
          },
          "protocol": "string",
          "provisioningState": "string"
        }
      }
    ],
    "outboundNatRules": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "allocatedOutboundPorts": "int",
          "backendAddressPool": {
            "id": "string"
          },
          "frontendIPConfigurations": [
            {
              "id": "string"
            }
          ],
          "provisioningState": "string"
        }
      }
    ],
    "probes": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "intervalInSeconds": "int",
          "loadBalancingRules": [
            {
              "id": "string"
            }
          ],
          "numberOfProbes": "int",
          "port": "int",
          "protocol": "string",
          "provisioningState": "string",
          "requestPath": "string"
        }
      }
    ],
    "provisioningState": "string",
    "resourceGuid": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

Microsoft.Network/loadBalancers

Name Description Value
apiVersion The api version '2015-05-01-preview'
etag Gets a unique read-only string that changes whenever the resource is updated string
location Resource location string (required)
name The resource name string (required)
properties Properties of Load Balancer LoadBalancerPropertiesFormat
tags Resource tags Dictionary of tag names and values. See Tags in templates
type The resource type 'Microsoft.Network/loadBalancers'

BackendAddressPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of BackendAddressPool BackendAddressPoolPropertiesFormat

BackendAddressPoolPropertiesFormat

Name Description Value
backendIPConfigurations Gets collection of references to IPs defined in NICs SubResource[]
loadBalancingRules Gets Load Balancing rules that use this Backend Address Pool SubResource[]
outboundNatRule Gets outbound rules that use this Backend Address Pool SubResource
provisioningState Provisioning state of the PublicIP resource Updating/Deleting/Failed string

FrontendIpConfiguration

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Frontend IP Configuration of the load balancer FrontendIpConfigurationPropertiesFormat

FrontendIpConfigurationPropertiesFormat

Name Description Value
inboundNatPools Read only.Inbound pools URIs that use this frontend IP SubResource[]
inboundNatRules Read only.Inbound rules URIs that use this frontend IP SubResource[]
loadBalancingRules Gets Load Balancing rules URIs that use this frontend IP SubResource[]
outboundNatRules Read only.Outbound rules URIs that use this frontend IP SubResource[]
privateIPAddress Gets or sets the IP address of the Load Balancer.This is only specified if a specific private IP address shall be allocated from the subnet specified in subnetRef string
privateIPAllocationMethod Gets or sets PrivateIP allocation method (Static/Dynamic) 'Dynamic'
'Static'
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
publicIPAddress Gets or sets the reference of the PublicIP resource SubResource
subnet Gets or sets the reference of the subnet resource.A subnet from where the load balancer gets its private frontend address SubResource

InboundNatPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT pool InboundNatPoolPropertiesFormat

InboundNatPoolPropertiesFormat

Name Description Value
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPortRangeEnd Gets or sets the ending port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
frontendPortRangeStart Gets or sets the starting port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

InboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT rule InboundNatRulePropertiesFormat

InboundNatRulePropertiesFormat

Name Description Value
backendIPConfiguration Gets or sets a reference to a private ip address defined on a NetworkInterface of a VM. Traffic sent to frontendPort of each of the frontendIPConfigurations is forwarded to the backed IP SubResource
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

LoadBalancerPropertiesFormat

Name Description Value
backendAddressPools Gets or sets Pools of backend IP addresses BackendAddressPool[]
frontendIPConfigurations Gets or sets frontend IP addresses of the load balancer FrontendIpConfiguration[]
inboundNatPools Gets or sets inbound NAT pools InboundNatPool[]
inboundNatRules Gets or sets list of inbound rules InboundNatRule[]
loadBalancingRules Gets or sets load balancing rules LoadBalancingRule[]
outboundNatRules Gets or sets outbound NAT rules OutboundNatRule[]
probes Gets or sets list of Load balancer probes Probe[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
resourceGuid Gets or sets resource guid property of the Load balancer resource string

LoadBalancingRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of the load balancer LoadBalancingRulePropertiesFormat

LoadBalancingRulePropertiesFormat

Name Description Value
backendAddressPool Gets or sets a reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
loadDistribution Gets or sets the load distribution policy for this rule 'Default'
'SourceIP'
'SourceIPProtocol'
probe Gets or sets the reference of the load balancer probe used by the Load Balancing rule. SubResource
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

OutboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Outbound NAT pool of the loadbalancer OutboundNatRulePropertiesFormat

OutboundNatRulePropertiesFormat

Name Description Value
allocatedOutboundPorts Gets or sets the number of outbound ports to be used for SNAT int (required)
backendAddressPool Gets or sets a reference to a pool of DIPs. Outbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
frontendIPConfigurations Gets or sets Frontend IP addresses of the load balancer SubResource[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

Probe

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties ProbePropertiesFormat

ProbePropertiesFormat

Name Description Value
intervalInSeconds Gets or sets the interval, in seconds, for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period (in seconds) which allows two full probes before taking the instance out of rotation. The default value is 15, the minimum value is 5 int
loadBalancingRules Gets Load balancer rules that use this probe SubResource[]
numberOfProbes Gets or sets the number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure. int
port Gets or sets Port for communicating the probe. Possible values range from 1 to 65535, inclusive. int (required)
protocol Gets or sets the protocol of the end point. Possible values are http pr Tcp. If Tcp is specified, a received ACK is required for the probe to be successful. If http is specified,a 200 OK response from the specifies URI is required for the probe to be successful 'Http'
'Tcp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
requestPath Gets or sets the URI used for requesting health status from the VM. Path is required if a protocol is set to http. Otherwise, it is not allowed. There is no default value string

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource Id string

Usage Examples

Azure Quickstart Templates

The following Azure Quickstart templates deploy this resource type.

Template Description
2 VMs in a Load Balancer and configure NAT rules on the LB

Deploy to Azure
This template allows you to create 2 Virtual Machines in an Availability Set and configure NAT rules through the load balancer. This template also deploys a Storage Account, Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
2 VMs in a Load Balancer and load balancing rules

Deploy to Azure
This template allows you to create 2 Virtual Machines under a Load balancer and configure a load balancing rule on Port 80. This template also deploys a Storage Account, Virtual Network, Public IP address, Availability Set and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
2 VMs in VNET - Internal Load Balancer and LB rules

Deploy to Azure
This template allows you to create 2 Virtual Machines in a VNET and under an internal Load balancer and configure a load balancing rule on Port 80. This template also deploys a Storage Account, Virtual Network, Public IP address, Availability Set and Network Interfaces.
Autoscale LANSA Windows VM ScaleSet with Azure SQL Database

Deploy to Azure
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI)
Azure Container Service Engine (acs-engine) - Swarm Mode

Deploy to Azure
The Azure Container Service Engine (acs-engine) generates ARM (Azure Resource Manager) templates for Docker enabled clusters on Microsoft Azure with your choice of DC/OS, Kubernetes, Swarm Mode, or Swarm orchestrators. The input to the tool is a cluster definition. The cluster definition is very similar to (in many cases the same as) the ARM template syntax used to deploy a Microsoft Azure Container Service cluster.
Azure VM Scale Set as clients of Intel Lustre

Deploy to Azure
This template creates a set of Intel Lustre 2.7 clients using Azure VM Scale Sets and Azure gallery OpenLogic CentOS 6.6 or 7.0 images and mounts an existing Intel Lustre filesystem
AzureDatabricks Template for VNetInjection and Load Balancer

Deploy to Azure
This template allows you to create a a load balancer, network security group, a virtual network and an Azure Databricks workspace with the virtual network.
Barracuda Web Application Firewall with Backend IIS Servers

Deploy to Azure
This Azure quickstart template deploys a Barracuda Web Application Firewall Solution on Azure with required number of backend Windows 2012 based IIS Web Servers.Templates includes latest Barracuda WAF with Pay as you go license and latest Windows 2012 R2 Azure Image for IIS.The Barracuda Web Application Firewall inspects inbound web traffic and blocks SQL injections, Cross-Site Scripting, malware uploads & application DDoS and other attacks targeted at your web applications. One External LB is deployed with NAT rules to enable Remote desktop access to backend web servers. Please follow post deployment configuration guide available in GitHub template directory to learn more about post deployment steps related to Barracuda web application firewall and web applications publishing.
Basic RDS farm deployment

Deploy to Azure
This template creates a basic RDS farm deployment
Chef Backend High-Availability Cluster

Deploy to Azure
This template creates a chef-backend cluster with front-end nodes attached
Create 2 VMs in LB and a SQL Server VM with NSG

Deploy to Azure
This template creates 2 Windows VMs (that can be used as web FE) with in an Availability Set and a Load Balancer with port 80 open. The two VMs can be reached using RDP on port 6001 and 6002. This template also create a SQL Server 2014 VM that can be reached via RDP connection defined in a Network Security Group.
Create 2 VMs Linux with LB and SQL Server VM with SSD

Deploy to Azure
This template creates 2 Linux VMs (that can be used as web FE) with in an Availability Set and a Load Balancer with port 80 open. The two VMs can be reached using SSH on port 6001 and 6002. This template also create a SQL Server 2014 VM that can be reached via RDP connection defined in a Network Security Group. All VMs storage can use Premium Storage (SSD) and you can choose to creare VMs with all DS sizes
Create a cross-region load balancer

Deploy to Azure
This template creates a cross-region load balancer with a backend pool containing two regional load balancers. Cross-region load balancer is currently available in limited regions. The regional load balancers behind the cross-region load balancer can be in any region.
Create a load-balancer with a Public IPv6 address

Deploy to Azure
This template creates an Internet-facing load-balancer with a Public IPv6 address, load balancing rules, and two VMs for the backend pool.
Create a standard internal load balancer

Deploy to Azure
This template creates a standard internal Azure Load Balancer with a rule load-balancing port 80
Create a standard internal load balancer with HA ports

Deploy to Azure
This template creates a standard internal Azure Load Balancer with a HA ports load-balancing rule
Create a standard load-balancer

Deploy to Azure
This template creates an Internet-facing load-balancer, load balancing rules, and three VMs for the backend pool with each VM in a redundant zone.
Create a VM with multiple NICs and RDP accessible

Deploy to Azure
This template allows you to create a Virtual Machines with multiple (2) network interfaces (NICs), and RDP connectable with a configured load balancer and an inbound NAT rule. More NICs can easily be added with this template. This template also deploys a Storage Account, Virtual Network, Public IP address, and 2 Network Interfaces (front-end and back-end).
Create an Azure VM with a new Active Directory Forest

Deploy to Azure
This template creates a new Azure VM, it configures the VM to be an Active Directory Domain Controller for a new forest
Create an Azure VM with a new AD Forest

Deploy to Azure
This template creates a new Azure VM, it configures the VM to be an AD DC for a new Forest
Create an new AD Domain with 2 Domain Controllers

Deploy to Azure
This template creates 2 new VMs to be AD DCs (primary and backup) for a new Forest and Domain
Create an Ubuntu GNOME desktop

Deploy to Azure
This template creates an ubuntu desktop machine. This works great for use as a jumpbox behind a NAT.
Deploy a 3 Nodetype Secure Cluster with NSGs enabled

Deploy to Azure
This template allows you to deploy a secure 3 nodetype Service fabric Cluster running Windows server 2016 Data center on a Standard_D2 Size VMs. Use this template allows you ro control the inbound and outbound network traffic using Network Security Groups.
Deploy a 5 Node Secure Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Windows Server 2019 Datacenter on a Standard_D2_v2 Size VMSS.
Deploy a 5 Node Ubuntu Service Fabric Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Ubuntu on a Standard_D2_V2 Size VMSS.
Deploy a Linux VMSS wth primary/secondary architecture

Deploy to Azure
This template allows you to deploy a Linux VMSS with a Custom Script Extension in primary secondary architecture
Deploy a Scale Set into an existing vnet

Deploy to Azure
This template deploys a VM Scale Set into an exsisting vnet.
Deploy a simple VM Scale Set with Linux VMs

Deploy to Azure
This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 14.04.4-LTS or 16.04-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.
Deploy a simple VM Scale Set with Windows VMs

Deploy to Azure
This template allows you to deploy a simple VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs are behind a load balancer with NAT rules for rdp connections.
Deploy a trusted launch capable Windows VM Scale Set

Deploy to Azure
This template allows you to deploy a trusted launch capable VM Scale Set of Windows VMs using the latest patched version of Windows Server 2016, Windows Server 2019 or Windows Server 2022 Azure Edition. These VMs are behind a load balancer with NAT rules for RDP connections. If you enable Secureboot and vTPM, the Guest Attestation extension will be installed on your VMSS. This extension will perform remote attestation by the cloud.
Deploy a VM Scale Set from the Azure Data Science VM

Deploy to Azure
These templates deploy VM scale sets, using the Azure Data Science VMs as a source image.
Deploy a VM Scale Set with a Linux custom image

Deploy to Azure
This template allows you to deploy a custom VM Linux image inside an Scale Set. These VMs are behind a load balancer with HTTP load balancing (by default on port 80). The example uses a custom script to do the application deployment and update, you may have to provide your custom script for your own update procedure. You will have to provide a generalized image of your VM in the same subscription and region where you create the VMSS.
Deploy a VM Scale Set with a Windows custom image

Deploy to Azure
This template allows you to deploy a simple VM Scale Set usng a custom Windows image. These VMs are behind a load balancer with HTTP load balancing (by default on port 80)
Deploy a VM Scale Set with Linux VMs and Auto Scale

Deploy to Azure
This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.04 or 14.04.4-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.They also have Auto Scale integrated
Deploy a VM Scale Set with Linux VMs behind ILB

Deploy to Azure
This template allows you to deploy a VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 15.10 or 14.04.4-LTS. These VMs are behind an internal load balancer with NAT rules for ssh connections.
Deploy a VM Scale Set with Linux VMs in Availabilty Zones

Deploy to Azure
This template allows you to deploy a simple VM Scale Set of Linux VMs using the latest patched version of Ubuntu Linux 14.04.4-LTS or 16.04-LTS. These VMs are behind a load balancer with NAT rules for ssh connections.
Deploy a VM Scale Set with Windows VMs and Auto Scale

Deploy to Azure
This template allows you to deploy a simple VM Scale Set of Windows VMs using the latest patched version of Windows 2008-R2-SP1, 2012-Datacenter, or 2012-R2-Datacenter. These VMs are behind a load balancer with NAT rules for RDP connections. They also have Auto Scale integrated
Deploy a VM Scale Set with Windows VMs in Availability Zones

Deploy to Azure
This template allows you to deploy a VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs are behind a load balancer with NAT rules for rdp connections.
Deploy a VMSS that connects each VM to an Azure Files share

Deploy to Azure
This template deploys an Ubuntu Virtual Machine Scale Set and uses a custom script extension to connect each VM to an Azure Files share
Deploy a Windows VM Scale Set with a Custom Script Extension

Deploy to Azure
This template allows you to deploy a VM Scale Set of Windows VMs using the lastest patched version of various Windows Versions. These VMs have a custom script extension for customization and are behind a load balancer with NAT rules for rdp connections.
Deploy an Autoscale Setting for Virtual Machine ScaleSet

Deploy to Azure
This template allows you to deploy an autoscale policy for Virtual Machine ScaleSet resource.
Deploy Darktrace Autoscaling vSensors

Deploy to Azure
This template allows you to deploy an automatically autoscaling deployment of Darktrace vSensors
Deploy Drupal with VM Scale Set, Azure Files and Mysql

Deploy to Azure
Deploy a VM Scale Set behind a load balancer/NAT & each VM running Drupal (Apache / PHP). All nodes share the created Azure file share storage and MySQL database
Deploy IOMAD cluster on Ubuntu

Deploy to Azure
This template deploys IOMAD as a LAMP application on Ubuntu. It creates a one or more Ubuntu VM for the front end and a single VM for the backend. It does a silent install of Apache and PHP on the front end VM's and MySQL on the backend VM. Then it deploys IOMAD on the cluster. It configures a load balancer for directing requests to the front end VM's. It also configures NAT rules to allow admin access to each of the VM's. It also sets up a moodledata data directory using file storage shared among the VM's. After the deployment is successful, you can go to /iomad on each frontend VM (using web admin access) to start configuring IOMAD.
Deploy Open edX Dogwood (Multi-VM)

Deploy to Azure
This template creates a network of Ubuntu VMs, and deploys Open edX Dogwood on them. Deployment supports 1-9 application VMs and backend Mongo and MySQL VMs.
Deploy OpenLDAP cluster on Ubuntu

Deploy to Azure
This template deploys an OpenLDAP cluster on Ubuntu. It creates multiple Ubuntu VMs (up to 5, but can be easily increased) and does a silent install of OpenLDAP on them. Then it sets up N-way multi-master replication on them. After the deployment is successful, you can go to /phpldapadmin to start congfiguring OpenLDAP.
Deploy OpenSIS Community Edition cluster on Ubuntu

Deploy to Azure
This template deploys OpenSIS Community Edition as a LAMP application on Ubuntu. It creates a one or more Ubuntu VM for the front end and a single VM for the backend. It does a silent install of Apache and PHP on the front end VM's and MySQL on the backend VM. Then it deploys OpenSIS Community Edition on the cluster. After the deployment is successful, you can go to /opensis-ce on each of the front end VM's (using web admin access) to start congfiguring OpenSIS.
Deploy Shibboleth Identity Provider cluster on Ubuntu

Deploy to Azure
This template deploys Shibboleth Identity Provider on Ubuntu in a clustered configuration. After the deployment is successful, you can go to https://your-domain:8443/idp/profile/Status (note port number) to check success.
Deploy Shibboleth Identity Provider cluster on Windows

Deploy to Azure
This template deploys Shibboleth Identity Provider on Windows in a clustered configuration. After the deployment is successful, you can go to https://your-domain:8443/idp/profile/status (note port number) to check success.
Deploy VM Scale Set with LB probe and automatic repairs

Deploy to Azure
This template allows you to deploy a VM scale set of Linux VMs behind a load balancer with health probe configured. The scale set also has automatic instance repairs policy enabled with a grace period of 30 minutes.
Deploy VM Scale Set with Python Bottle server & AutoScale

Deploy to Azure
Deploy a VM Scale Set behind a load balancer/NAT & each VM running a simple Python Bottle app that does work. With Autoscale configured Scale Set will scale out & in as needed
Deploy Windows VMSS configure windows featurtes SSL DSC

Deploy to Azure
This template allows you to deploy two Windows VMSS, configure windows features like IIS/Web Role, .Net Framework 4.5, windows auth, application initialization, download application deployment packages, URL Rewrite & SSL configuration using DSC and Azure Key Vault
Deploys a 2 node master/slave MySQL replication cluster

Deploy to Azure
This template deploys a 2 node master/slave MySQL replication cluster on CentOS 6.5 or 6.6
Deploys a 3 node Consul Cluster

Deploy to Azure
This template deploys a 3 node Consul cluster and auto-joins the nodes via Atlas. Consul is a tool for service discovery, distributed key/value store and a bunch of other cool things. Atlas is provided by Hashicorp (makers of Consul) as a way to quickly create Consul clusters without having to manually join each node
Deploys a 3 node Percona XtraDB Cluster

Deploy to Azure
This template deploys a 3 node MySQL high availability cluster on CentOS 6.5 or Ubuntu 12.04
Deploys a N-node CentOS Cluster

Deploy to Azure
This template deploys a 2-10 node CentOS cluster with 2 networks.
Deploys SQL Server 2014 AG on existing VNET & AD

Deploy to Azure
This template creates three new Azure VMs on an existing VNET: Two VMs are configured as SQL Server 2014 availability group replica nodes and one VM is configured as a File Share Witness for automated cluster failover. In addition to these VMs, the following additional Azure resources are also configured: Internal load balancer, Storage accounts. To configure clustering, SQL Server, and an availability group within each VM, PowerShell DSC is leveraged. For Active Directory support, existing Active Directory domain controllers should already be deployed on the existing VNET.
Deploys Windows VMs under LB,configures WinRM Https

Deploy to Azure
This template allows you to deploys Windows VMs using few different options for the Windows version. This template also configures a WinRM https listener on VMs
Docker Swarm Cluster

Deploy to Azure
This template creates a high-availability Docker Swarm cluster
Front Door Premium with VM and Private Link service

Deploy to Azure
This template creates a Front Door Premium and a virtual machine configured as a web server. Front Door uses a private endpoint with Private Link service to send traffic to the VM.
GlassFish on SUSE

Deploy to Azure
This template deploys a load balanced GlassFish (v3 or v4) cluster, consisting of a user defined number of SUSE (OpenSUSE or SLES) VMs.
IIS VMs & SQL Server 2014 VM

Deploy to Azure
Create 1 or 2 IIS Windows 2012 R2 Web Servers and one back end SQL Server 2014 in VNET.
Install Elasticsearch cluster on a Virtual Machine Scale Set

Deploy to Azure
This template deploys an Elasticsearch cluster on a Virtual Machine scale set. The template provisions 3 dedicated master nodes, with an optional number of data nodes, which run on managed disks.
IPv6 in Azure Virtual Network (VNET)

Deploy to Azure
Create a dual stack IPv4/IPv6 VNET with 2 VMs.
IPv6 in Azure Virtual Network (VNET) with Std LB

Deploy to Azure
Create a dual stack IPv4/IPv6 VNET with 2 VMs and an Internet-facing Standard Load Balancer.
JBoss EAP on RHEL (clustered, multi-VM)

Deploy to Azure
This template allows you to create multiple RHEL 8.6 VMs running JBoss EAP 7.4 cluster and also deploys a web application called eap-session-replication, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment.
JBoss EAP on RHEL (clustered, VMSS)

Deploy to Azure
This template allows you to create RHEL 8.6 VMSS instances running JBoss EAP 7.4 cluster and also deploys a web application called eap-session-replication, you can log into the admin console using the JBoss EAP username and password configured at the time of the deployment.
KEMP LoadMaster HA Pair

Deploy to Azure
This template deploys a KEMP LoadMaster HA Pair
Load Balancer with 2 VIPs, each with one LB rule

Deploy to Azure
This template allows you to create a Load Balancer, 2 Public IP addresses for the Load balancer (multivip), Virtual Network, Network Interface in the Virtual Network & a LB Rule in the Load Balancer that is used by the Network Interface.
Load Balancer with Inbound NAT Rule

Deploy to Azure
This template allows you to create a Load Balancer, Public IP address for the Load balancer, Virtual Network, Network Interface in the Virtual Network & a NAT Rule in the Load Balancer that is used by the Network Interface.
Multi tier App with NSG, ILB, AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Multi tier traffic manager, L4 ILB, L7 AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Private Link service example

Deploy to Azure
This template shows how to create a private link service
Public Load Balancer chained to a Gateway Load Balancer

Deploy to Azure
This template allows you to deploy a Public Standard Load Balancer chained to a Gateway Load Balancer. The traffic incoming from internet is routed to the Gateway Load Balancer with linux VMs (NVAs) in the backend pool.
RDS farm deployment using existing active directory

Deploy to Azure
This template creates a RDS farm deployment using existing active directory in same resource group
RDS Gateway High Availability deployment

Deploy to Azure
This template provides high availability to RD Gateway and RD Web Access servers in an existing RDS deployment
Red Hat Linux 3-Tier Solution on Azure

Deploy to Azure
This template allows you to deploy a 3 Tier architecture using 'Red Hat Enterprise Linux 7.3' virtual machines. Architecture includes Virtual Network, external and internal load balancers, Jump VM, NSGs etc along with multiple RHEL Virtual machines in each tier
Redundant haproxy with Azure load-balancer and floating IP

Deploy to Azure
This template creates a redundant haproxy setup with 2 Ubuntu VMs configured behind Azure load balancer with floating IP enabled. Each of the Ubuntu VMs run haproxy to load balance requests to other application VMs (running Apache in this case). Keepalived enables redundancy for the haproxy VMs by assigning the floating IP to the MASTER and blocking the load-balancer probe on the BACKUP. This template also deploys a Storage Account, Virtual Network, Public IP address, Network Interfaces.
Remote Desktop Services with High Availability

Deploy to Azure
This ARM Template sample code will deploy a Remote Desktop Services 2019 Session Collection lab with high availability. The goal is to deploy a fully redundant, highly available solution for Remote Desktop Services, using Windows Server 2019.
Reserved IP Use Case Snippet

Deploy to Azure
This template demonstrates the currently supported use case for Reserved IP. A Reserved IP is simply a statically allocated Public IP.
SAP NetWeaver 3-tier (managed disk)

Deploy to Azure
This template allows you to deploy a VM using a operating system that is supported by SAP and Managed Disks.
SAP NetWeaver 3-tier multi SID DB (managed disks)

Deploy to Azure
This template allows you to deploy a VM using a operating system that is supported by SAP.
SAP NetWeaver file server (managed disk)

Deploy to Azure
This template allows you to deploy a file server that can be used as shared storage for SAP NetWeaver.
Simple VM Scale Set with Linux VMs and public IPv4 per VM

Deploy to Azure
This template demonstrates deploying a simple scale set with load balancer, inbound NAT rules, and public IP per VM.
SSL enabled VM Scale Set

Deploy to Azure
Deploys web servers configures with SSL certificates deployed securely form Azure Key Vault
Standard Load Balancer with Backend Pool by IP Addresses

Deploy to Azure
This template is used to demonstrate how ARM Templates can be used to configure the Backend Pool of a Load Balancer by IP Address as outlined in the Backend Pool management document.
Virtual Machine Scaleset example using Availability Zones

Deploy to Azure
This template creates a VMSS placed in separate Availability Zones with a load balancer.
Virtual machine with an RDP port

Deploy to Azure
Creates a virtual machine and creates a NAT rule for RDP to the VM in load balancer
VM Scale Set with autoscale running an IIS WebApp

Deploy to Azure
Deploys a Windows VM Scale Set running IIS and a very basic .NET MVC web app. The VMSS PowerShell DSC Extension is leveraged to do the IIS install and WebDeploy package deployment.
VMs in Availability Zones with a Load Balancer and NAT

Deploy to Azure
This template allows you to create Virtual Machines distributed across Availability Zones with a Load Balancer and configure NAT rules through the load balancer. This template also deploys a Virtual Network, Public IP address and Network Interfaces. In this template, we use the resource loops capability to create the network interfaces and virtual machines
VMSS deploy of IPv6 in Azure Virtual Network (VNET)

Deploy to Azure
Create VM Scale Set with dual stack IPv4/IPv6 VNET and Std Load Balancer.
VMSS Flexible Orchestration Mode Quickstart Linux

Deploy to Azure
This template deploys a simple VM Scale Set with instances behind an Azure Load Balancer. The VM Scale set is in Flexible Orchestration Mode. Use the os parameter to choose Linux (Ubuntu) or Windows (Windows Server Datacenter 2019) deployment. NOTE: This quickstart template enables network access to VM management ports (SSH, RDP) from any internet address, and should not be used for production deployments.
VMSS with Public IP Prefix

Deploy to Azure
Template for deploying VMSS with Public IP Prefix

Terraform (AzAPI provider) resource definition

The loadBalancers resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/loadBalancers resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/loadBalancers@2015-05-01-preview"
  name = "string"
  parent_id = "string"
  location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    etag = "string"
    properties = {
      backendAddressPools = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            backendIPConfigurations = [
              {
                id = "string"
              }
            ]
            loadBalancingRules = [
              {
                id = "string"
              }
            ]
            outboundNatRule = {
              id = "string"
            }
            provisioningState = "string"
          }
        }
      ]
      frontendIPConfigurations = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            inboundNatPools = [
              {
                id = "string"
              }
            ]
            inboundNatRules = [
              {
                id = "string"
              }
            ]
            loadBalancingRules = [
              {
                id = "string"
              }
            ]
            outboundNatRules = [
              {
                id = "string"
              }
            ]
            privateIPAddress = "string"
            privateIPAllocationMethod = "string"
            provisioningState = "string"
            publicIPAddress = {
              id = "string"
            }
            subnet = {
              id = "string"
            }
          }
        }
      ]
      inboundNatPools = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            backendPort = int
            frontendIPConfiguration = {
              id = "string"
            }
            frontendPortRangeEnd = int
            frontendPortRangeStart = int
            protocol = "string"
            provisioningState = "string"
          }
        }
      ]
      inboundNatRules = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            backendIPConfiguration = {
              id = "string"
            }
            backendPort = int
            enableFloatingIP = bool
            frontendIPConfiguration = {
              id = "string"
            }
            frontendPort = int
            idleTimeoutInMinutes = int
            protocol = "string"
            provisioningState = "string"
          }
        }
      ]
      loadBalancingRules = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            backendAddressPool = {
              id = "string"
            }
            backendPort = int
            enableFloatingIP = bool
            frontendIPConfiguration = {
              id = "string"
            }
            frontendPort = int
            idleTimeoutInMinutes = int
            loadDistribution = "string"
            probe = {
              id = "string"
            }
            protocol = "string"
            provisioningState = "string"
          }
        }
      ]
      outboundNatRules = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            allocatedOutboundPorts = int
            backendAddressPool = {
              id = "string"
            }
            frontendIPConfigurations = [
              {
                id = "string"
              }
            ]
            provisioningState = "string"
          }
        }
      ]
      probes = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            intervalInSeconds = int
            loadBalancingRules = [
              {
                id = "string"
              }
            ]
            numberOfProbes = int
            port = int
            protocol = "string"
            provisioningState = "string"
            requestPath = "string"
          }
        }
      ]
      provisioningState = "string"
      resourceGuid = "string"
    }
  }
}

Property Values

Microsoft.Network/loadBalancers

Name Description Value
etag Gets a unique read-only string that changes whenever the resource is updated string
location Resource location string (required)
name The resource name string (required)
parent_id The ID of the resource to apply this extension resource to. string (required)
properties Properties of Load Balancer LoadBalancerPropertiesFormat
tags Resource tags Dictionary of tag names and values.
type The resource type "Microsoft.Network/loadBalancers@2015-05-01-preview"

BackendAddressPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of BackendAddressPool BackendAddressPoolPropertiesFormat

BackendAddressPoolPropertiesFormat

Name Description Value
backendIPConfigurations Gets collection of references to IPs defined in NICs SubResource[]
loadBalancingRules Gets Load Balancing rules that use this Backend Address Pool SubResource[]
outboundNatRule Gets outbound rules that use this Backend Address Pool SubResource
provisioningState Provisioning state of the PublicIP resource Updating/Deleting/Failed string

FrontendIpConfiguration

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Frontend IP Configuration of the load balancer FrontendIpConfigurationPropertiesFormat

FrontendIpConfigurationPropertiesFormat

Name Description Value
inboundNatPools Read only.Inbound pools URIs that use this frontend IP SubResource[]
inboundNatRules Read only.Inbound rules URIs that use this frontend IP SubResource[]
loadBalancingRules Gets Load Balancing rules URIs that use this frontend IP SubResource[]
outboundNatRules Read only.Outbound rules URIs that use this frontend IP SubResource[]
privateIPAddress Gets or sets the IP address of the Load Balancer.This is only specified if a specific private IP address shall be allocated from the subnet specified in subnetRef string
privateIPAllocationMethod Gets or sets PrivateIP allocation method (Static/Dynamic) 'Dynamic'
'Static'
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
publicIPAddress Gets or sets the reference of the PublicIP resource SubResource
subnet Gets or sets the reference of the subnet resource.A subnet from where the load balancer gets its private frontend address SubResource

InboundNatPool

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT pool InboundNatPoolPropertiesFormat

InboundNatPoolPropertiesFormat

Name Description Value
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPortRangeEnd Gets or sets the ending port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
frontendPortRangeStart Gets or sets the starting port range for the NAT pool. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

InboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of Inbound NAT rule InboundNatRulePropertiesFormat

InboundNatRulePropertiesFormat

Name Description Value
backendIPConfiguration Gets or sets a reference to a private ip address defined on a NetworkInterface of a VM. Traffic sent to frontendPort of each of the frontendIPConfigurations is forwarded to the backed IP SubResource
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

LoadBalancerPropertiesFormat

Name Description Value
backendAddressPools Gets or sets Pools of backend IP addresses BackendAddressPool[]
frontendIPConfigurations Gets or sets frontend IP addresses of the load balancer FrontendIpConfiguration[]
inboundNatPools Gets or sets inbound NAT pools InboundNatPool[]
inboundNatRules Gets or sets list of inbound rules InboundNatRule[]
loadBalancingRules Gets or sets load balancing rules LoadBalancingRule[]
outboundNatRules Gets or sets outbound NAT rules OutboundNatRule[]
probes Gets or sets list of Load balancer probes Probe[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
resourceGuid Gets or sets resource guid property of the Load balancer resource string

LoadBalancingRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Properties of the load balancer LoadBalancingRulePropertiesFormat

LoadBalancingRulePropertiesFormat

Name Description Value
backendAddressPool Gets or sets a reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
backendPort Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API int
enableFloatingIP Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint bool (required)
frontendIPConfiguration Gets or sets a reference to frontend IP Addresses SubResource
frontendPort Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive int (required)
idleTimeoutInMinutes Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp int
loadDistribution Gets or sets the load distribution policy for this rule 'Default'
'SourceIP'
'SourceIPProtocol'
probe Gets or sets the reference of the load balancer probe used by the Load Balancing rule. SubResource
protocol Gets or sets the transport protocol for the external endpoint. Possible values are Udp or Tcp 'Tcp'
'Udp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

OutboundNatRule

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties Outbound NAT pool of the loadbalancer OutboundNatRulePropertiesFormat

OutboundNatRulePropertiesFormat

Name Description Value
allocatedOutboundPorts Gets or sets the number of outbound ports to be used for SNAT int (required)
backendAddressPool Gets or sets a reference to a pool of DIPs. Outbound traffic is randomly load balanced across IPs in the backend IPs SubResource (required)
frontendIPConfigurations Gets or sets Frontend IP addresses of the load balancer SubResource[]
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string

Probe

Name Description Value
etag A unique read-only string that changes whenever the resource is updated string
id Resource Id string
name Gets name of the resource that is unique within a resource group. This name can be used to access the resource string
properties ProbePropertiesFormat

ProbePropertiesFormat

Name Description Value
intervalInSeconds Gets or sets the interval, in seconds, for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period (in seconds) which allows two full probes before taking the instance out of rotation. The default value is 15, the minimum value is 5 int
loadBalancingRules Gets Load balancer rules that use this probe SubResource[]
numberOfProbes Gets or sets the number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure. int
port Gets or sets Port for communicating the probe. Possible values range from 1 to 65535, inclusive. int (required)
protocol Gets or sets the protocol of the end point. Possible values are http pr Tcp. If Tcp is specified, a received ACK is required for the probe to be successful. If http is specified,a 200 OK response from the specifies URI is required for the probe to be successful 'Http'
'Tcp' (required)
provisioningState Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed string
requestPath Gets or sets the URI used for requesting health status from the VM. Path is required if a protocol is set to http. Otherwise, it is not allowed. There is no default value string

ResourceTags

Name Description Value

SubResource

Name Description Value
id Resource Id string

Usage Examples

Terraform Samples

A basic example of deploying Load Balancer Resource.

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
    azurerm = {
      source = "hashicorp/azurerm"
    }
  }
}

provider "azurerm" {
  features {
  }
}

provider "azapi" {
  skip_provider_registration = false
}

variable "resource_name" {
  type    = string
  default = "acctest0001"
}

variable "location" {
  type    = string
  default = "westeurope"
}

data "azurerm_client_config" "current" {
}

data "azapi_resource" "subscription" {
  type                   = "Microsoft.Resources/subscriptions@2021-01-01"
  resource_id            = "/subscriptions/${data.azurerm_client_config.current.subscription_id}"
  response_export_values = ["*"]
}

resource "azapi_resource" "resourceGroup" {
  type     = "Microsoft.Resources/resourceGroups@2020-06-01"
  name     = var.resource_name
  location = var.location
}

resource "azapi_resource" "publicIPAddress" {
  type      = "Microsoft.Network/publicIPAddresses@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  location  = var.location
  body = {
    properties = {
      ddosSettings = {
        protectionMode = "VirtualNetworkInherited"
      }
      idleTimeoutInMinutes     = 4
      publicIPAddressVersion   = "IPv4"
      publicIPAllocationMethod = "Static"
    }
    sku = {
      name = "Standard"
      tier = "Regional"
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}

resource "azapi_resource" "loadBalancer" {
  type      = "Microsoft.Network/loadBalancers@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  location  = var.location
  body = {
    properties = {
      frontendIPConfigurations = [
        {
          name = var.resource_name
          properties = {
            publicIPAddress = {
              id = azapi_resource.publicIPAddress.id
            }
          }
        },
      ]
    }
    sku = {
      name = "Standard"
      tier = "Regional"
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}

Azure Verified Modules

The following Azure Verified Modules can be used to deploy this resource type.

Module Description
Loadbalancer AVM Resource Module for Loadbalancer