{ "description": "Generator information:\n- Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetworkGateway.json\n- ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworkGateways/{virtualNetworkGatewayName}", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "activeActive": { "description": "ActiveActive: ActiveActive flag.", "type": "boolean" }, "azureName": { "description": "AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it\ndoesn't have to be.", "type": "string" }, "bgpSettings": { "description": "BgpSettings: Virtual network gateway's BGP speaker settings.", "properties": { "asn": { "description": "Asn: The BGP speaker's ASN.", "format": "int32", "type": "integer" }, "bgpPeeringAddress": { "description": "BgpPeeringAddress: The BGP peering address and BGP identifier of this BGP speaker.", "type": "string" }, "bgpPeeringAddresses": { "description": "BgpPeeringAddresses: BGP peering address with IP configuration ID for virtual network gateway.", "items": { "description": "Properties of IPConfigurationBgpPeeringAddress.", "properties": { "customBgpIpAddresses": { "description": "CustomBgpIpAddresses: The list of custom BGP peering addresses which belong to IP configuration.", "items": { "type": "string" }, "type": "array" }, "ipconfigurationId": { "description": "IpconfigurationId: The ID of IP configuration which belongs to gateway.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "peerWeight": { "description": "PeerWeight: The weight added to routes learned from this BGP speaker.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "customRoutes": { "description": "CustomRoutes: The reference to the address space resource which represents the custom routes address space specified by\nthe customer for virtual network gateway and VpnClient.", "properties": { "addressPrefixes": { "description": "AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "enableBgp": { "description": "EnableBgp: Whether BGP is enabled for this virtual network gateway or not.", "type": "boolean" }, "enableDnsForwarding": { "description": "EnableDnsForwarding: Whether dns forwarding is enabled or not.", "type": "boolean" }, "enablePrivateIpAddress": { "description": "EnablePrivateIpAddress: Whether private IP needs to be enabled on this gateway for connections or not.", "type": "boolean" }, "extendedLocation": { "description": "ExtendedLocation: The extended location of type local virtual network gateway.", "properties": { "name": { "description": "Name: The name of the extended location.", "type": "string" }, "type": { "description": "Type: The type of the extended location.", "enum": [ "EdgeZone" ], "type": "string" } }, "required": [ "name", "type" ], "type": "object", "additionalProperties": false }, "gatewayDefaultSite": { "description": "GatewayDefaultSite: The reference to the LocalNetworkGateway resource which represents local network site having default\nroutes. Assign Null value in case of removing existing default site setting.", "properties": { "reference": { "description": "Reference: Resource ID.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "gatewayType": { "description": "GatewayType: The type of this virtual network gateway.", "enum": [ "ExpressRoute", "LocalGateway", "Vpn" ], "type": "string" }, "ipConfigurations": { "description": "IpConfigurations: IP configurations for virtual network gateway.", "items": { "description": "IP configuration for virtual network gateway.", "properties": { "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "privateIPAllocationMethod": { "description": "PrivateIPAllocationMethod: The private IP address allocation method.", "enum": [ "Dynamic", "Static" ], "type": "string" }, "publicIPAddress": { "description": "PublicIPAddress: The reference to the public IP resource.", "properties": { "reference": { "description": "Reference: Resource ID.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "subnet": { "description": "Subnet: The reference to the subnet resource.", "properties": { "reference": { "description": "Reference: Resource ID.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "location": { "description": "Location: Resource location.", "type": "string" }, "operatorSpec": { "description": "OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not\npassed directly to Azure", "properties": { "configMapExpressions": { "description": "ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).", "items": { "description": "DestinationExpression is a CEL expression and a destination to store the result in. The destination may\nbe a secret or a configmap. The value of the expression is stored at the specified location in\nthe destination.", "properties": { "key": { "description": "Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string\nthis is required to identify what key to write to. If the CEL expression in Value returns a map[string]string\nKey must not be set, instead the keys written will be determined dynamically based on the keys of the resulting\nmap[string]string.", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes configmap or secret to write to.\nThe configmap or secret will be created in the same namespace as the resource.", "type": "string" }, "value": { "description": "Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information\non CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/", "type": "string" } }, "required": [ "name", "value" ], "type": "object", "additionalProperties": false }, "type": "array" }, "secretExpressions": { "description": "SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).", "items": { "description": "DestinationExpression is a CEL expression and a destination to store the result in. The destination may\nbe a secret or a configmap. The value of the expression is stored at the specified location in\nthe destination.", "properties": { "key": { "description": "Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string\nthis is required to identify what key to write to. If the CEL expression in Value returns a map[string]string\nKey must not be set, instead the keys written will be determined dynamically based on the keys of the resulting\nmap[string]string.", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes configmap or secret to write to.\nThe configmap or secret will be created in the same namespace as the resource.", "type": "string" }, "value": { "description": "Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information\non CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/", "type": "string" } }, "required": [ "name", "value" ], "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "owner": { "description": "Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also\ncontrols the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a\nreference to a resources.azure.com/ResourceGroup resource", "properties": { "armId": { "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "name": { "description": "This is the name of the Kubernetes resource to reference.", "type": "string" } }, "type": "object", "additionalProperties": false }, "sku": { "description": "Sku: The reference to the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network\ngateway.", "properties": { "name": { "description": "Name: Gateway SKU name.", "enum": [ "Basic", "ErGw1AZ", "ErGw2AZ", "ErGw3AZ", "HighPerformance", "Standard", "UltraPerformance", "VpnGw1", "VpnGw1AZ", "VpnGw2", "VpnGw2AZ", "VpnGw3", "VpnGw3AZ", "VpnGw4", "VpnGw4AZ", "VpnGw5", "VpnGw5AZ" ], "type": "string" }, "tier": { "description": "Tier: Gateway SKU tier.", "enum": [ "Basic", "ErGw1AZ", "ErGw2AZ", "ErGw3AZ", "HighPerformance", "Standard", "UltraPerformance", "VpnGw1", "VpnGw1AZ", "VpnGw2", "VpnGw2AZ", "VpnGw3", "VpnGw3AZ", "VpnGw4", "VpnGw4AZ", "VpnGw5", "VpnGw5AZ" ], "type": "string" } }, "type": "object", "additionalProperties": false }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags: Resource tags.", "type": "object" }, "vNetExtendedLocationResourceReference": { "description": "VNetExtendedLocationResourceReference: Customer vnet resource id. VirtualNetworkGateway of type local gateway is\nassociated with the customer vnet.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "vpnClientConfiguration": { "description": "VpnClientConfiguration: The reference to the VpnClientConfiguration resource which represents the P2S VpnClient\nconfigurations.", "properties": { "aadAudience": { "description": "AadAudience: The AADAudience property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "aadIssuer": { "description": "AadIssuer: The AADIssuer property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "aadTenant": { "description": "AadTenant: The AADTenant property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "radiusServerAddress": { "description": "RadiusServerAddress: The radius server address property of the VirtualNetworkGateway resource for vpn client connection.", "type": "string" }, "radiusServerSecret": { "description": "RadiusServerSecret: The radius secret property of the VirtualNetworkGateway resource for vpn client connection.", "type": "string" }, "radiusServers": { "description": "RadiusServers: The radiusServers property for multiple radius server configuration.", "items": { "description": "Radius Server Settings.", "properties": { "radiusServerAddress": { "description": "RadiusServerAddress: The address of this radius server.", "type": "string" }, "radiusServerScore": { "description": "RadiusServerScore: The initial score assigned to this radius server.", "type": "integer" }, "radiusServerSecret": { "description": "RadiusServerSecret: The secret used for this radius server.", "type": "string" } }, "required": [ "radiusServerAddress" ], "type": "object", "additionalProperties": false }, "type": "array" }, "vpnAuthenticationTypes": { "description": "VpnAuthenticationTypes: VPN authentication types for the virtual network gateway..", "items": { "enum": [ "AAD", "Certificate", "Radius" ], "type": "string" }, "type": "array" }, "vpnClientAddressPool": { "description": "VpnClientAddressPool: The reference to the address space resource which represents Address space for P2S VpnClient.", "properties": { "addressPrefixes": { "description": "AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "vpnClientIpsecPolicies": { "description": "VpnClientIpsecPolicies: VpnClientIpsecPolicies for virtual network gateway P2S client.", "items": { "description": "An IPSec Policy configuration for a virtual network gateway connection.", "properties": { "dhGroup": { "description": "DhGroup: The DH Group used in IKE Phase 1 for initial SA.", "enum": [ "DHGroup1", "DHGroup14", "DHGroup2", "DHGroup2048", "DHGroup24", "ECP256", "ECP384", "None" ], "type": "string" }, "ikeEncryption": { "description": "IkeEncryption: The IKE encryption algorithm (IKE phase 2).", "enum": [ "AES128", "AES192", "AES256", "DES", "DES3", "GCMAES128", "GCMAES256" ], "type": "string" }, "ikeIntegrity": { "description": "IkeIntegrity: The IKE integrity algorithm (IKE phase 2).", "enum": [ "GCMAES128", "GCMAES256", "MD5", "SHA1", "SHA256", "SHA384" ], "type": "string" }, "ipsecEncryption": { "description": "IpsecEncryption: The IPSec encryption algorithm (IKE phase 1).", "enum": [ "AES128", "AES192", "AES256", "DES", "DES3", "GCMAES128", "GCMAES192", "GCMAES256", "None" ], "type": "string" }, "ipsecIntegrity": { "description": "IpsecIntegrity: The IPSec integrity algorithm (IKE phase 1).", "enum": [ "GCMAES128", "GCMAES192", "GCMAES256", "MD5", "SHA1", "SHA256" ], "type": "string" }, "pfsGroup": { "description": "PfsGroup: The Pfs Group used in IKE Phase 2 for new child SA.", "enum": [ "ECP256", "ECP384", "None", "PFS1", "PFS14", "PFS2", "PFS2048", "PFS24", "PFSMM" ], "type": "string" }, "saDataSizeKilobytes": { "description": "SaDataSizeKilobytes: The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site\nto site VPN tunnel.", "type": "integer" }, "saLifeTimeSeconds": { "description": "SaLifeTimeSeconds: The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site\nto site VPN tunnel.", "type": "integer" } }, "required": [ "dhGroup", "ikeEncryption", "ikeIntegrity", "ipsecEncryption", "ipsecIntegrity", "pfsGroup", "saDataSizeKilobytes", "saLifeTimeSeconds" ], "type": "object", "additionalProperties": false }, "type": "array" }, "vpnClientProtocols": { "description": "VpnClientProtocols: VpnClientProtocols for Virtual network gateway.", "items": { "enum": [ "IkeV2", "OpenVPN", "SSTP" ], "type": "string" }, "type": "array" }, "vpnClientRevokedCertificates": { "description": "VpnClientRevokedCertificates: VpnClientRevokedCertificate for Virtual network gateway.", "items": { "description": "VPN client revoked certificate of virtual network gateway.", "properties": { "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "thumbprint": { "description": "Thumbprint: The revoked VPN client certificate thumbprint.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "vpnClientRootCertificates": { "description": "VpnClientRootCertificates: VpnClientRootCertificate for virtual network gateway.", "items": { "description": "VPN client root certificate of virtual network gateway.", "properties": { "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "publicCertData": { "description": "PublicCertData: The certificate public data.", "type": "string" } }, "required": [ "publicCertData" ], "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "vpnGatewayGeneration": { "description": "VpnGatewayGeneration: The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.", "enum": [ "Generation1", "Generation2", "None" ], "type": "string" }, "vpnType": { "description": "VpnType: The type of this virtual network gateway.", "enum": [ "PolicyBased", "RouteBased" ], "type": "string" } }, "required": [ "owner" ], "type": "object", "additionalProperties": false }, "status": { "description": "A common class for general resource information.", "properties": { "activeActive": { "description": "ActiveActive: ActiveActive flag.", "type": "boolean" }, "bgpSettings": { "description": "BgpSettings: Virtual network gateway's BGP speaker settings.", "properties": { "asn": { "description": "Asn: The BGP speaker's ASN.", "format": "int32", "type": "integer" }, "bgpPeeringAddress": { "description": "BgpPeeringAddress: The BGP peering address and BGP identifier of this BGP speaker.", "type": "string" }, "bgpPeeringAddresses": { "description": "BgpPeeringAddresses: BGP peering address with IP configuration ID for virtual network gateway.", "items": { "description": "Properties of IPConfigurationBgpPeeringAddress.", "properties": { "customBgpIpAddresses": { "description": "CustomBgpIpAddresses: The list of custom BGP peering addresses which belong to IP configuration.", "items": { "type": "string" }, "type": "array" }, "defaultBgpIpAddresses": { "description": "DefaultBgpIpAddresses: The list of default BGP peering addresses which belong to IP configuration.", "items": { "type": "string" }, "type": "array" }, "ipconfigurationId": { "description": "IpconfigurationId: The ID of IP configuration which belongs to gateway.", "type": "string" }, "tunnelIpAddresses": { "description": "TunnelIpAddresses: The list of tunnel public IP addresses which belong to IP configuration.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "peerWeight": { "description": "PeerWeight: The weight added to routes learned from this BGP speaker.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "conditions": { "description": "Conditions: The observed state of the resource", "items": { "description": "Condition defines an extension to status (an observation) of a resource", "properties": { "lastTransitionTime": { "description": "LastTransitionTime is the last time the condition transitioned from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "Message is a human readable message indicating details about the transition. This field may be empty.", "type": "string" }, "observedGeneration": { "description": "ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if\n.metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "type": "integer" }, "reason": { "description": "Reason for the condition's last transition.\nReasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty.", "type": "string" }, "severity": { "description": "Severity with which to treat failures of this type of condition.\nFor conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True\nFor conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False.\nThis is omitted in all cases when Status == Unknown", "type": "string" }, "status": { "description": "Status of the condition, one of True, False, or Unknown.", "type": "string" }, "type": { "description": "Type of condition.", "type": "string" } }, "required": [ "lastTransitionTime", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "customRoutes": { "description": "CustomRoutes: The reference to the address space resource which represents the custom routes address space specified by\nthe customer for virtual network gateway and VpnClient.", "properties": { "addressPrefixes": { "description": "AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "enableBgp": { "description": "EnableBgp: Whether BGP is enabled for this virtual network gateway or not.", "type": "boolean" }, "enableDnsForwarding": { "description": "EnableDnsForwarding: Whether dns forwarding is enabled or not.", "type": "boolean" }, "enablePrivateIpAddress": { "description": "EnablePrivateIpAddress: Whether private IP needs to be enabled on this gateway for connections or not.", "type": "boolean" }, "etag": { "description": "Etag: A unique read-only string that changes whenever the resource is updated.", "type": "string" }, "extendedLocation": { "description": "ExtendedLocation: The extended location of type local virtual network gateway.", "properties": { "name": { "description": "Name: The name of the extended location.", "type": "string" }, "type": { "description": "Type: The type of the extended location.", "type": "string" } }, "type": "object", "additionalProperties": false }, "gatewayDefaultSite": { "description": "GatewayDefaultSite: The reference to the LocalNetworkGateway resource which represents local network site having default\nroutes. Assign Null value in case of removing existing default site setting.", "properties": { "id": { "description": "Id: Resource ID.", "type": "string" } }, "type": "object", "additionalProperties": false }, "gatewayType": { "description": "GatewayType: The type of this virtual network gateway.", "type": "string" }, "id": { "description": "Id: Resource ID.", "type": "string" }, "inboundDnsForwardingEndpoint": { "description": "InboundDnsForwardingEndpoint: The IP address allocated by the gateway to which dns requests can be sent.", "type": "string" }, "ipConfigurations": { "description": "IpConfigurations: IP configurations for virtual network gateway.", "items": { "description": "IP configuration for virtual network gateway.", "properties": { "etag": { "description": "Etag: A unique read-only string that changes whenever the resource is updated.", "type": "string" }, "id": { "description": "Id: Resource ID.", "type": "string" }, "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "privateIPAddress": { "description": "PrivateIPAddress: Private IP Address for this gateway.", "type": "string" }, "privateIPAllocationMethod": { "description": "PrivateIPAllocationMethod: The private IP address allocation method.", "type": "string" }, "provisioningState": { "description": "ProvisioningState: The provisioning state of the virtual network gateway IP configuration resource.", "type": "string" }, "publicIPAddress": { "description": "PublicIPAddress: The reference to the public IP resource.", "properties": { "id": { "description": "Id: Resource ID.", "type": "string" } }, "type": "object", "additionalProperties": false }, "subnet": { "description": "Subnet: The reference to the subnet resource.", "properties": { "id": { "description": "Id: Resource ID.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "location": { "description": "Location: Resource location.", "type": "string" }, "name": { "description": "Name: Resource name.", "type": "string" }, "provisioningState": { "description": "ProvisioningState: The provisioning state of the virtual network gateway resource.", "type": "string" }, "resourceGuid": { "description": "ResourceGuid: The resource GUID property of the virtual network gateway resource.", "type": "string" }, "sku": { "description": "Sku: The reference to the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network\ngateway.", "properties": { "capacity": { "description": "Capacity: The capacity.", "type": "integer" }, "name": { "description": "Name: Gateway SKU name.", "type": "string" }, "tier": { "description": "Tier: Gateway SKU tier.", "type": "string" } }, "type": "object", "additionalProperties": false }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags: Resource tags.", "type": "object" }, "type": { "description": "Type: Resource type.", "type": "string" }, "vNetExtendedLocationResourceId": { "description": "VNetExtendedLocationResourceId: Customer vnet resource id. VirtualNetworkGateway of type local gateway is associated\nwith the customer vnet.", "type": "string" }, "vpnClientConfiguration": { "description": "VpnClientConfiguration: The reference to the VpnClientConfiguration resource which represents the P2S VpnClient\nconfigurations.", "properties": { "aadAudience": { "description": "AadAudience: The AADAudience property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "aadIssuer": { "description": "AadIssuer: The AADIssuer property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "aadTenant": { "description": "AadTenant: The AADTenant property of the VirtualNetworkGateway resource for vpn client connection used for AAD\nauthentication.", "type": "string" }, "radiusServerAddress": { "description": "RadiusServerAddress: The radius server address property of the VirtualNetworkGateway resource for vpn client connection.", "type": "string" }, "radiusServerSecret": { "description": "RadiusServerSecret: The radius secret property of the VirtualNetworkGateway resource for vpn client connection.", "type": "string" }, "radiusServers": { "description": "RadiusServers: The radiusServers property for multiple radius server configuration.", "items": { "description": "Radius Server Settings.", "properties": { "radiusServerAddress": { "description": "RadiusServerAddress: The address of this radius server.", "type": "string" }, "radiusServerScore": { "description": "RadiusServerScore: The initial score assigned to this radius server.", "type": "integer" }, "radiusServerSecret": { "description": "RadiusServerSecret: The secret used for this radius server.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "vpnAuthenticationTypes": { "description": "VpnAuthenticationTypes: VPN authentication types for the virtual network gateway..", "items": { "type": "string" }, "type": "array" }, "vpnClientAddressPool": { "description": "VpnClientAddressPool: The reference to the address space resource which represents Address space for P2S VpnClient.", "properties": { "addressPrefixes": { "description": "AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "vpnClientIpsecPolicies": { "description": "VpnClientIpsecPolicies: VpnClientIpsecPolicies for virtual network gateway P2S client.", "items": { "description": "An IPSec Policy configuration for a virtual network gateway connection.", "properties": { "dhGroup": { "description": "DhGroup: The DH Group used in IKE Phase 1 for initial SA.", "type": "string" }, "ikeEncryption": { "description": "IkeEncryption: The IKE encryption algorithm (IKE phase 2).", "type": "string" }, "ikeIntegrity": { "description": "IkeIntegrity: The IKE integrity algorithm (IKE phase 2).", "type": "string" }, "ipsecEncryption": { "description": "IpsecEncryption: The IPSec encryption algorithm (IKE phase 1).", "type": "string" }, "ipsecIntegrity": { "description": "IpsecIntegrity: The IPSec integrity algorithm (IKE phase 1).", "type": "string" }, "pfsGroup": { "description": "PfsGroup: The Pfs Group used in IKE Phase 2 for new child SA.", "type": "string" }, "saDataSizeKilobytes": { "description": "SaDataSizeKilobytes: The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site\nto site VPN tunnel.", "type": "integer" }, "saLifeTimeSeconds": { "description": "SaLifeTimeSeconds: The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site\nto site VPN tunnel.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "vpnClientProtocols": { "description": "VpnClientProtocols: VpnClientProtocols for Virtual network gateway.", "items": { "type": "string" }, "type": "array" }, "vpnClientRevokedCertificates": { "description": "VpnClientRevokedCertificates: VpnClientRevokedCertificate for Virtual network gateway.", "items": { "description": "VPN client revoked certificate of virtual network gateway.", "properties": { "etag": { "description": "Etag: A unique read-only string that changes whenever the resource is updated.", "type": "string" }, "id": { "description": "Id: Resource ID.", "type": "string" }, "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "provisioningState": { "description": "ProvisioningState: The provisioning state of the VPN client revoked certificate resource.", "type": "string" }, "thumbprint": { "description": "Thumbprint: The revoked VPN client certificate thumbprint.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "vpnClientRootCertificates": { "description": "VpnClientRootCertificates: VpnClientRootCertificate for virtual network gateway.", "items": { "description": "VPN client root certificate of virtual network gateway.", "properties": { "etag": { "description": "Etag: A unique read-only string that changes whenever the resource is updated.", "type": "string" }, "id": { "description": "Id: Resource ID.", "type": "string" }, "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "provisioningState": { "description": "ProvisioningState: The provisioning state of the VPN client root certificate resource.", "type": "string" }, "publicCertData": { "description": "PublicCertData: The certificate public data.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "vpnGatewayGeneration": { "description": "VpnGatewayGeneration: The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.", "type": "string" }, "vpnType": { "description": "VpnType: The type of this virtual network gateway.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }