{ "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json", "contentVersion": "1.0.0.0", "parameters": { "sshKeyData": { "type": "string" }, "WireGuardPort": { "type": "int" }, "vmSize": { "type": "string" }, "imageReferenceSku": { "type": "string" } }, "variables": { "vnetID": "[resourceId('Microsoft.Network/virtualNetworks', resourceGroup().name)]", "subnet1Ref": "[concat(variables('vnetID'),'/subnets/', resourceGroup().name)]" }, "resources": [ { "apiVersion": "2015-06-15", "type": "Microsoft.Network/networkSecurityGroups", "name": "[resourceGroup().name]", "location": "[resourceGroup().location]", "properties": { "securityRules": [ { "name": "AllowSSH", "properties": { "description": "Locks inbound down to ssh default port 22.", "protocol": "Tcp", "sourcePortRange": "*", "destinationPortRange": "22", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 100, "direction": "Inbound" } }, { "name": "AllowIPSEC500", "properties": { "description": "Allow UDP to port 500", "protocol": "Udp", "sourcePortRange": "*", "destinationPortRange": "500", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 110, "direction": "Inbound" } }, { "name": "AllowIPSEC4500", "properties": { "description": "Allow UDP to port 4500", "protocol": "Udp", "sourcePortRange": "*", "destinationPortRange": "4500", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 120, "direction": "Inbound" } }, { "name": "AllowWireGuard", "properties": { "description": "Locks inbound down to ssh default port 22.", "protocol": "Udp", "sourcePortRange": "*", "destinationPortRange": "[parameters('WireGuardPort')]", "sourceAddressPrefix": "*", "destinationAddressPrefix": "*", "access": "Allow", "priority": 130, "direction": "Inbound" } } ] } }, { "apiVersion": "2015-06-15", "type": "Microsoft.Network/publicIPAddresses", "name": "[resourceGroup().name]", "location": "[resourceGroup().location]", "properties": { "publicIPAllocationMethod": "Static" } }, { "apiVersion": "2015-06-15", "type": "Microsoft.Network/virtualNetworks", "name": "[resourceGroup().name]", "location": "[resourceGroup().location]", "properties": { "addressSpace": { "addressPrefixes": [ "10.10.0.0/16" ] }, "subnets": [ { "name": "[resourceGroup().name]", "properties": { "addressPrefix": "10.10.0.0/24" } } ] } }, { "apiVersion": "2015-06-15", "type": "Microsoft.Network/networkInterfaces", "name": "[resourceGroup().name]", "location": "[resourceGroup().location]", "dependsOn": [ "[concat('Microsoft.Network/networkSecurityGroups/', resourceGroup().name)]", "[concat('Microsoft.Network/publicIPAddresses/', resourceGroup().name)]", "[concat('Microsoft.Network/virtualNetworks/', resourceGroup().name)]" ], "properties": { "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', resourceGroup().name)]" }, "ipConfigurations": [ { "name": "ipconfig1", "properties": { "privateIPAllocationMethod": "Dynamic", "publicIPAddress": { "id": "[resourceId('Microsoft.Network/publicIPAddresses', resourceGroup().name)]" }, "subnet": { "id": "[variables('subnet1Ref')]" } } } ] } }, { "apiVersion": "2016-04-30-preview", "type": "Microsoft.Compute/virtualMachines", "name": "[resourceGroup().name]", "location": "[resourceGroup().location]", "dependsOn": [ "[concat('Microsoft.Network/networkInterfaces/', resourceGroup().name)]" ], "properties": { "hardwareProfile": { "vmSize": "[parameters('vmSize')]" }, "osProfile": { "computerName": "[resourceGroup().name]", "adminUsername": "ubuntu", "linuxConfiguration": { "disablePasswordAuthentication": true, "ssh": { "publicKeys": [ { "path": "/home/ubuntu/.ssh/authorized_keys", "keyData": "[parameters('sshKeyData')]" } ] } } }, "storageProfile": { "imageReference": { "publisher": "Canonical", "offer": "UbuntuServer", "sku": "[parameters('imageReferenceSku')]", "version": "latest" }, "osDisk": { "createOption": "FromImage" } }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', resourceGroup().name)]" } ] } } } ], "outputs": { "publicIPAddresses": { "type": "string", "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses',resourceGroup().name),providers('Microsoft.Network', 'publicIPAddresses').apiVersions[0]).ipAddress]", } } }