0

I am trying to create arm template which will create new VNET along with subnet and then create a peering between newly created vnet and existing vnet from different subscription. I was able to make arm template working when both vnets are in single subscription (first code), but when trying to create peering when resources are in different subscriptions (second code) I am getting errors.

    {
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vnet1Name": {
      "type": "string",
      "defaultValue": "VNet1",
      "metadata": {
        "description": "New VNet Name to be created"
      }
    },
    "vnet1AddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/16",
      "metadata": {
        "description": "Address prefix for the new VNet"
      }
    },
    "subnet1Name": {
      "type": "string",
      "defaultValue": "Subnet1",
      "metadata": {
        "description": "Subnet Name"
      }
    },
    "subnet1Prefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/24",
      "metadata": {
        "description": "Subnet Address Prefix"
      }
    },
    "vnet2Name": {
      "type": "string",
      "defaultValue": "Hub_network",
      "metadata": {
        "description": "Existing Hub VNet Name"
      }
    },
    "vnet2ResourceGroup": {
      "type": "string",
      "metadata": {
        "description": "Resource Group Name of the existing Hub VNet"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for the new VNet"
      }
    }
  },
  "resources": [
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2021-08-01",
      "name": "[parameters('vnet1Name')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('vnet1AddressPrefix')]"
          ]
        },
        "subnets": [
          {
            "name": "[parameters('subnet1Name')]",
            "properties": {
              "addressPrefix": "[parameters('subnet1Prefix')]"
            }
          }
        ]
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
      "apiVersion": "2021-08-01",
      "name": "[concat(parameters('vnet1Name'), '/to-', parameters('vnet2Name'))]",
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet1Name'))]"
      ],
      "properties": {
        "remoteVirtualNetwork": {
          "id": "[resourceId(parameters('vnet2ResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('vnet2Name'))]"
        },
        "allowVirtualNetworkAccess": true,
        "allowForwardedTraffic": true,
        "allowGatewayTransit": false,
        "useRemoteGateways": false
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
      "apiVersion": "2021-08-01",
      "name": "[concat(parameters('vnet2Name'), '/to-', parameters('vnet1Name'))]",
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet1Name'))]"
      ],
      "properties": {
        "remoteVirtualNetwork": {
          "id": "[resourceId(parameters('vnet2ResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('vnet1Name'))]"
        },
        "allowVirtualNetworkAccess": true,
        "allowForwardedTraffic": true,
        "allowGatewayTransit": false,
        "useRemoteGateways": false
      }
    }
  ]
}

this is how the code looks like when combining with suggestions from this thread: Azure ARM template vnet peering different subscriptions

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vnet1Name": {
      "type": "string",
      "defaultValue": "VNet1",
      "metadata": {
        "description": "New VNet Name to be created"
      }
    },
    "vnet1AddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/16",
      "metadata": {
        "description": "Address prefix for the new VNet"
      }
    },
    "subnet1Name": {
      "type": "string",
      "defaultValue": "Subnet1",
      "metadata": {
        "description": "Subnet Name"
      }
    },
    "subnet1Prefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/24",
      "metadata": {
        "description": "Subnet Address Prefix"
      }
    },
    "vnet2Name": {
      "type": "string",
      "defaultValue": "Hub_network",
      "metadata": {
        "description": "Existing Hub VNet Name"
      }
    },
    "vnet2ResourceGroup": {
      "type": "string",
      "metadata": {
        "description": "Resource Group Name of the existing Hub VNet"
      }
    },
    "subscription1ID": {
      "type": "string",
      "metadata": {
        "description": "Subscription ID for the first VNet"
      }
    },
    "subscription2ID": {
      "type": "string",
      "metadata": {
        "description": "Subscription ID for the second VNet"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for the new VNet"
      }
    }
  },
  "resources": [
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2021-08-01",
      "name": "[parameters('vnet1Name')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('vnet1AddressPrefix')]"
          ]
        },
        "subnets": [
          {
            "name": "[parameters('subnet1Name')]",
            "properties": {
              "addressPrefix": "[parameters('subnet1Prefix')]"
            }
          }
        ]
      }
    },
    {
      "apiVersion": "2020-06-01",
      "name": "createPeeringAtoB",
      "type": "Microsoft.Resources/deployments",
      "location": "[parameters('location')]",
      "subscriptionId": "[parameters('subscription1ID')]",
      "properties": {
        "mode": "Incremental",
        "template": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "1.0.0.0",
          "resources": [
            {
              "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
              "apiVersion": "2020-05-01",
              "name": "[concat(parameters('vnet1Name'), '/to-', parameters('vnet2Name'))]",
              "properties": {
                "peeringState": "Connected",
                "remoteVirtualNetwork": {
                  "id": "[concat('/subscriptions/',parameters('subscription2ID'),'/resourceGroups/',parameters('vnet2ResourceGroup'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnet2Name'))]"
                },
                "allowVirtualNetworkAccess": true,
                "allowForwardedTraffic": true,
                "allowGatewayTransit": false,
                "useRemoteGateways": false
              }
            }
          ]
        }
      }
    },
    {
      "apiVersion": "2020-06-01",
      "name": "createPeeringBtoA",
      "type": "Microsoft.Resources/deployments",
      "location": "[parameters('location')]",
      "subscriptionId": "[parameters('subscription2ID')]",
      "properties": {
        "mode": "Incremental",
        "template": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "1.0.0.0",
          "resources": [
            {
              "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
              "apiVersion": "2020-05-01",
              "name": "[concat(parameters('vnet2Name'), '/to-', parameters('vnet1Name'))]",
              "properties": {
                "peeringState": "Connected",
                "remoteVirtualNetwork": {
                  "id": "[concat('/subscriptions/',parameters('subscription1ID'),'/resourceGroups/',resourceGroup().name,'/providers/Microsoft.Network/virtualNetworks/', parameters('vnet1Name'))]"
                },
                "allowVirtualNetworkAccess": true,
                "allowForwardedTraffic": true,
                "allowGatewayTransit": false,
                "useRemoteGateways": false
              }
            }
          ]
        }
      }
    }
  ]
}

and errors I am getting

{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"NotFound","message":"{\r\n  \"error\": {\r\n    \"code\": \"ResourceNotFound\",\r\n    \"message\": \"The Resource 'Microsoft.Network/virtualNetworks/VNet1' under resource group '<null>' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix\"\r\n  }\r\n}"}]}

Any suggestions please?

Improve this question
2
  • Did you try using depends_on for VNet1 creation using this so will ensure that the resource was fully provision and readily available resource IDs @MichalOlczyk Commented Mar 4 at 5:29
  • I do not think you can use resourceId to refer another subscription vnet. Have you tried simply hardcode the vnet resourceId here. "remoteVirtualNetwork": { "id": "/subscriptions/xxx-sub2id--xxx-xxx/resourceGroups/xxx-rg-in-sub2-name-xxx/providers/Microsoft.Network/virtualNetworks/xx-vnetname2-xx" }, Commented Mar 5 at 3:31

1 Answer 1

Reset to default
0

ARM template: creating new vnet and peering with existing vnet from different subscription

I do agree with wenbo for suggesting the same point.

You can hardcode it resourceId to refer to a VNet in another subscription.

Here is the updated code to create a VNet and enable peering with a VNet in another subscription


{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vnet1Name": {
      "type": "string",
      "defaultValue": "remote-vnet",
      "metadata": {
        "description": "New VNet Name to be created"
      }
    },
    "vnet1AddressPrefix": {
      "type": "string",
      "defaultValue": "10.1.0.0/16",
      "metadata": {
        "description": "Address prefix for the new VNet to be created"
      }
    },
    "subnet1Name": {
      "type": "string",
      "defaultValue": "remotesubnet",
      "metadata": {
        "description": "Subnet Name for the new VNet to be created"
      }
    },
    "subnet1Prefix": {
      "type": "string",
      "defaultValue": "10.1.0.0/24",
      "metadata": {
        "description": "Subnet Address Prefix to be created"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for the new VNet"
      }
    }
  },
  "resources": [
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2021-08-01",
      "name": "[parameters('vnet1Name')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('vnet1AddressPrefix')]"
          ]
        },
        "subnets": [
          {
            "name": "[parameters('subnet1Name')]",
            "properties": {
              "addressPrefix": "[parameters('subnet1Prefix')]"
            }
          }
        ]
      },
      "resources": [
        {
          "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
          "apiVersion": "2020-05-01",
          "name": "[concat(parameters('vnet1Name'), '/peering-to-venkat-vnet')]",
          "dependsOn": [
            "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet1Name'))]"
          ],
          "properties": {
            "peeringState": "Connected",
            "remoteVirtualNetwork": {
              "id": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/Automation_RG/providers/Microsoft.Network/virtualNetworks/venkat-vnet"
            },
            "allowVirtualNetworkAccess": true,
            "allowForwardedTraffic": true,
            "allowGatewayTransit": false,
            "useRemoteGateways": false
          }
        }
      ]
    },
    {
      "type": "Microsoft.Resources/deployments",
      "apiVersion": "2020-06-01",
      "name": "PeeringVenkatToVksb",
      "subscriptionId": "8332xxxxxxxxxxxxxxx60e5f09a9",
      "resourceGroup": "Automation_RG",
      "properties": {
        "mode": "Incremental",
        "template": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "1.0.0.0",
          "resources": [
            {
              "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
              "apiVersion": "2020-05-01",
              "name": "venkat-vnet/peering-to-vksb-vnet",
              "properties": {
                "peeringState": "Connected",
                "remoteVirtualNetwork": {
                  "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', parameters('vnet1Name'))]"
                },
                "allowVirtualNetworkAccess": true,
                "allowForwardedTraffic": true,
                "allowGatewayTransit": false,
                "useRemoteGateways": false
              }
            }
          ]
        }
      }
    }
  ]
}


az deployment group create --resource-group vksb-rg --template-file vnet-peering.json

Output: enter image description here

After running the code, the VNet peering has been successfully enabled on the VNet in another subscription.

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.