How to manage firewall public ips for secure virtual hub?

Question

Hi all,

I've created a virtual hub in my environment, and now I'm trying to make it a secure virtual hub by adding an Azure Firewall instance. For the firewall I want to use two public ips that I have created previously. From looking at the [documentation][1], is seems that I need to use the 'hubIPAddresses' property to specify the number of ips I want to use aswell as the public ip addresses. Using Bicep, I've created the following object:

hubIPAddresses: {
addresses: [
{
address: '

Answer 1

Hello @Matthijs de Beer ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

I understand that you would like to deploy a Secure virtual hub and use an existing Public IP address for the Azure Firewall instance.

Currently, it is not possible to use/select an existing Public IP address for the Azure Firewall instance while deploying a secure virtual hub.

Refer : https://learn.microsoft.com/en-us/azure/firewall-manager/secure-cloud-network
https://learn.microsoft.com/en-us/azure/firewall-manager/quick-secure-virtual-hub-bicep?tabs=CLI

You can see the same while going through the deployment process via Azure Portal. There is no option to choose an existing Public IP address.

In case of secured virtual hub, the firewall public IP address is automatically created and you can get it after the deployment completes.

As you mentioned, it is possible to deploy a normal Azure Firewall instance into a Vnet using an existing Public IP as shown below:

Kindly let us know if the above helps or you need further assistance on this issue.

----------------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.