This repository contains a demo implementation for Azure Virtual Network Manager (AVNM) using Infrastructure as Code with Bicep. The demo uses Bicep modules from Common Azure Resources Modules Library (CARML) to provision the following design:
If you are new to Azure or Network Manager, this demo recommends having or reviewing the following topics:
-
Basic understanding of Microsoft Azure and Azure Networking, specifically related to the following:
-
Azure Virtual Network Manager (AVNM) and the following features:
- Network Manager Template Reference
- CARML - Azure Virtual Network Manager Bicep Module Readme
- Bicep
- IDE - Visual Studio Code
- Source Control - Git
- Azure PowerShell
In order to implement the lab, the following is required:
-
An Azure Subscription for deploying and testing resources. If you do not have one, you can sign up to a free trial here.
-
Permissions. Either options are required at the Subscription scope:
-
Visual Studio Code installed with the Bicep Extension
-
Azure CLI with the latest version of the Bicep CLI or Manual installation of Bicep.
-
Latest Azure PowerShell modules:
- Az.Accounts
- Az.Resources
- Az.Network
- Az.Compute
The repo is structured in the following way:
- Constructs: Contains the Bicep configuration files for the demo.
- Modules: Contains the Common Azure Resources Modules Library (CARML) modules used by the constructs (configuration files) to deploy the demo.
- Scripts: Contains scripts that supports the demo.
- Demo-Guide.ps1: Is a script that goes through the demo step by step.
- main.deploy.bicep: Is the main Bicep file used to deploy the demo environment.
- Clone this GitHub repository on your workstation. See this GitHub guide for more details.
- Open Visual Studio Code on your workstation where the cloned repo is located.
- Open the Demo-Guide.ps1 from within VS Code.
- The demo guide in this script should contain the required sequence of sections to successfully deploy and remove this lab.
- Resource Groups:
- AVNM Resource Group: Contains all resources for Azure Virtual Network Manager (AVNM).
- Hub Resource Group: Contains a hub virtual network, network security groups, Azure Bastion.
- Alpha Resource Group: Contains virtual networks allocated to a demo 'alpha' group.
- Beta Resource Group: Contains virtual networks allocated to a demo 'beta' group.
- Hub Virtual Network with Azure Bastion: Used to connect to the spokes located in the 'alpha' and 'beta' resource groups.
- Spoke Virtual Networks for the 'alpha' and 'beta' groups.
- Extended 'child' Virtual Networks, for each of the 'alpha' and 'beta' groups, named as 'X' and 'Y'.
- Azure Virtual Network Manager:
- Creating network groups as per the diagram and uses Azure Policy to create dynamic membership to these network groups.
- Creating connectivity configurations as per the diagram.
- Creating Security Admin Rules configurations.
- Virtual machines in the Hub Virtual Network, the 'Alpha' Spoke Virtual Network and the 'X' extended Virtual Network for the 'alpha' group.
- Changing the NSG rule for the Spoke virtual networks.
Although this demo uses technologies from Microsoft Azure, it is not affiliated to Microsoft, but rather a personal project contributing to the Azure community to learn how to use Azure Virtual Network Manager using Infrastructure as Code. Please read the services documentation regarding supported features and limitations. If you have issues using the modules referenced in this repository, please open an issue with the CARML team by going to [https://aka.ms/carml], and filing a new GitHub issue. Everyone is welcomed to contribute to this repository by either raising issues or issuing pull requests for things that can be improved.
if you managed to get to the end of this document.. thank you for reading :) and I hope you enjoy this demo.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent