In this post, I would like to continue my posts about Bicep and I would like to show you how you can setup a network peering between to virtual networks in Azure using a Bicep template.
First of all, it's important to recap what a network peering is.
Azure network peering is a feature that allows two virtual networks in Azure (in the same region or in different regions) to be connected so that resources in either network can communicate with each other using private IP addresses. This connectivity is achieved without the need for any additional gateways, VPNs, or other physical hardware.
With network peering, traffic between the virtual networks is routed through the Azure backbone network, providing low-latency, high-bandwidth connectivity. Network peering also supports transit routing, allowing multiple virtual networks to be interconnected through a single hub network.
By using network peering, you can create a more integrated and cohesive network infrastructure within your Azure environment, improving the performance, security, and scalability of your applications and services.
You can find more info about Network Peering in the following link.
If you want to create a peering between two networks in the same resource group, you can use the following Bicep template:
param sourceNetworkname string
param destinationNetworkname string
resource sourceNetwork 'Microsoft.Network/virtualNetworks@2022-09-01' existing = {
name: sourceNetworkname
}
resource destinationNetwork 'Microsoft.Network/virtualNetworks@2022-09-01' existing = {
name: destinationNetworkname
}
resource sourceToDestinationPeering 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2022-07-01' = {
name: '${sourceNetworkname}-To-${destinationNetworkname}'
parent: sourceNetwork
properties: {
allowForwardedTraffic: true
allowGatewayTransit: true
remoteVirtualNetwork: {
id: destinationNetwork.id
}
}
}
resource destinationToSourcePeering 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2022-07-01' = {
name: '${destinationNetworkname}-To-${sourceNetworkname}'
parent: destinationNetwork
properties: {
allowForwardedTraffic: true
allowGatewayTransit: true
remoteVirtualNetwork: {
id: sourceNetwork.id
}
}
}
where
-
sourceNetworkname: is the name of one of the network (you can choose what is the source network as you prefer); -
destinationNetworkname: is the name of the other network.
For example if you have two virtual networks, called VNet-northeurope and VNet-westus, in the NetworkPeering-rg resource group, you can run the following command:
az deployment group create --template-file .\NetworkPeering.bicep --resource-group NetworkPeering-rg --parameters sourceNetworkname=VNet-northeurope destinationNetworkname=VNet-westus
You can find more info about the properties of the Microsoft.Network/virtualNetworks/virtualNetworkPeerings resource on the following link .
Top comments (1)
how to do the same when vnets are in same subscription but different resource groups