New-AzVirtualNetwork
Creates a virtual network.
Syntax
New-AzVirtualNetwork
-Name <String>
-ResourceGroupName <String>
-Location <String>
-AddressPrefix <String[]>
[-IpamPoolPrefixAllocation <PSIpamPoolPrefixAllocation[]>]
[-DnsServer <String[]>]
[-FlowTimeout <Int32>]
[-Subnet <PSSubnet[]>]
[-BgpCommunity <String>]
[-EnableEncryption <String>]
[-EncryptionEnforcementPolicy <String>]
[-Tag <Hashtable>]
[-EnableDdosProtection]
[-DdosProtectionPlanId <String>]
[-IpAllocation <PSIpAllocation[]>]
[-EdgeZone <String>]
[-PrivateEndpointVNetPoliciesValue <String>]
[-Force]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-AzVirtualNetwork cmdlet creates an Azure virtual network.
Examples
Example 1: Create a virtual network with two subnets
New-AzResourceGroup -Name TestResourceGroup -Location centralus
$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet -AddressPrefix "10.0.1.0/24"
$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name backendSubnet -AddressPrefix "10.0.2.0/24"
New-AzVirtualNetwork -Name MyVirtualNetwork -ResourceGroupName TestResourceGroup -Location centralus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet,$backendSubnet
This example creates a virtual network with two subnets. First, a new resource group is created in the centralus region. Then, the example creates in-memory representations of two subnets. The New-AzVirtualNetworkSubnetConfig cmdlet will not create any subnet on the server side. There is one subnet called frontendSubnet and one subnet called backendSubnet. The New-AzVirtualNetwork cmdlet then creates a virtual network using the CIDR 10.0.0.0/16 as the address prefix and two subnets.
Example 2: Create a virtual network with DNS settings
New-AzResourceGroup -Name TestResourceGroup -Location centralus
$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet -AddressPrefix "10.0.1.0/24"
$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name backendSubnet -AddressPrefix "10.0.2.0/24"
New-AzVirtualNetwork -Name MyVirtualNetwork -ResourceGroupName TestResourceGroup -Location centralus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet,$backendSubnet -DnsServer 10.0.1.5,10.0.1.6
This example create a virtual network with two subnets and two DNS servers. The effect of specifying the DNS servers on the virtual network is that the NICs/VMs that are deployed into this virtual network inherit these DNS servers as defaults. These defaults can be overwritten per NIC through a NIC-level setting. If no DNS servers are specified on a VNET and no DNS servers on the NICs, then the default Azure DNS servers are used for DNS resolution.
Example 3: Create a virtual network with a subnet referencing a network security group
New-AzResourceGroup -Name TestResourceGroup -Location centralus
$rdpRule = New-AzNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389
$networkSecurityGroup = New-AzNetworkSecurityGroup -ResourceGroupName TestResourceGroup -Location centralus -Name "NSG-FrontEnd" -SecurityRules $rdpRule
$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet -AddressPrefix "10.0.1.0/24" -NetworkSecurityGroup $networkSecurityGroup
$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name backendSubnet -AddressPrefix "10.0.2.0/24" -NetworkSecurityGroup $networkSecurityGroup
New-AzVirtualNetwork -Name MyVirtualNetwork -ResourceGroupName TestResourceGroup -Location centralus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet,$backendSubnet
This example creates a virtual network with subnets that reference a network security group. First, the example creates a resource group as a container for the resources that will be created. Then, a network security group is created that allows inbound RDP access, but otherwise enforces the default network security group rules. The New-AzVirtualNetworkSubnetConfig cmdlet then creates in-memory representations of two subnets that both reference the network security group that was created. The New-AzVirtualNetwork command then creates the virtual network.
Example 4: Create a virtual network with an IPAM Pool to auto allocate from for address prefixes
New-AzNetworkManagerIpamPool -ResourceGroupName "testRG" -NetworkManagerName "testNM" -Name "testIpamPool" -Location "centralus" -AddressPrefix @("10.0.0.0/16")
$ipamPool = Get-AzNetworkManagerIpamPool -ResourceGroupName "testRG" -NetworkManagerName "testNM" -Name "testIpamPool"
$ipamPoolPrefixAllocation = [PSCustomObject]@{
Id = $ipamPool.Id
NumberOfIpAddresses = "256"
}
$subnet = New-AzVirtualNetworkSubnetConfig -Name "testSubnet" -IpamPoolPrefixAllocation $ipamPoolPrefixAllocation
New-AzVirtualNetwork -Name "testVnet" -ResourceGroupName "testRG" -Location "centralus" -Subnet $subnet -IpamPoolPrefixAllocation $ipamPoolPrefixAllocation
This example creates a virtual network with an IPAM (IP Address Management) pool to automatically allocate address prefixes. First, an IPAM pool named testIpamPool is created in the testRG resource group and testNM network manager in the centralus region with the address prefix 10.0.0.0/16. The Get-AzNetworkManagerIpamPool cmdlet retrieves the IPAM pool that was just created. Next, a custom object representing the IPAM pool prefix allocation is created. This object includes the Id of the IPAM pool and the NumberOfIpAddresses to allocate. The New-AzVirtualNetworkSubnetConfig cmdlet creates a subnet named testSubnet configured to use the IPAM pool prefix allocation object. Finally, the New-AzVirtualNetwork cmdlet creates a virtual network named testVnet in the testRG resource group and centralus location. The virtual network includes the subnet created in the previous step and uses the IPAM pool prefix allocation for address prefix allocation.
Parameters
-AddressPrefix
Specifies a range of IP addresses for a virtual network.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AsJob
Run cmdlet in the background
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BgpCommunity
The BGP Community advertised over ExpressRoute.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DdosProtectionPlanId
Reference to the DDoS protection plan resource associated with the virtual network.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DnsServer
Specifies the DNS server for a subnet.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-EdgeZone
{{ Fill EdgeZone Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-EnableDdosProtection
A switch parameter which represents if DDoS protection is enabled or not.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnableEncryption
Indicates if encryption is enabled on the virtual network. The value should be true to enable encryption on the virtual network, false to disable encryption.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-EncryptionEnforcementPolicy
Set the Encryption EnforcementPolicy. The value should be allowUnencrypted to allow VMs without encryption capability inside an encrypted virtual network, or dropUnencrypted to disable any VM without encryption capability from being added into an encrypted virtual network.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-FlowTimeout
FlowTimeout enables connection tracking for intra-VM flows. The value should be between 4 and 30 minutes (inclusive) to enable tracking, or null to disable tracking.
Type: | Nullable<T>[Int32] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IpAllocation
Specifies IpAllocations for a virtual network.
Type: | PSIpAllocation[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IpamPoolPrefixAllocation
Specifies a list of PSIpamPoolPrefixAllocation objects to auto allocate from for virtual network address prefixes.
Type: | Microsoft.Azure.Commands.Network.Models.PSIpamPoolPrefixAllocation[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Location
Specifies the region for the virtual network.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Name
Specifies the name of the virtual network that this cmdlet creates.
Type: | String |
Aliases: | ResourceName |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-PrivateEndpointVNetPoliciesValue
The PrivateEndpointVNetPolicies of the virtual network
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ResourceGroupName
Specifies the name of a resource group to contain the virtual network.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Subnet
Specifies a list of subnets to associate with the virtual network.
Type: | PSSubnet[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Tag
Key-value pairs in the form of a hash table. For example: @{key0="value0";key1=$null;key2="value2"}
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
String[]
PSSubnet[]
Outputs
Related Links
Azure PowerShell