New-AzVirtualNetworkSubnetConfig

Creates a virtual network subnet configuration.

Syntax

New-AzVirtualNetworkSubnetConfig
   -Name <String>
   -AddressPrefix <String[]>
   [-NetworkSecurityGroup <PSNetworkSecurityGroup>]
   [-RouteTable <PSRouteTable>]
   [-InputObject <PSNatGateway>]
   [-ServiceEndpoint <String[]>]
   [-NetworkIdentifier <PSResourceId>]
   [-ServiceEndpointConfig <PSServiceEndpoint[]>]
   [-ServiceEndpointPolicy <PSServiceEndpointPolicy[]>]
   [-Delegation <PSDelegation[]>]
   [-PrivateEndpointNetworkPoliciesFlag <String>]
   [-PrivateLinkServiceNetworkPoliciesFlag <String>]
   [-IpAllocation <PSIpAllocation[]>]
   [-DefaultOutboundAccess <Boolean>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzVirtualNetworkSubnetConfig
   -Name <String>
   -AddressPrefix <String[]>
   [-NetworkSecurityGroupId <String>]
   [-RouteTableId <String>]
   [-ResourceId <String>]
   [-ServiceEndpoint <String[]>]
   [-NetworkIdentifier <PSResourceId>]
   [-ServiceEndpointConfig <PSServiceEndpoint[]>]
   [-ServiceEndpointPolicy <PSServiceEndpointPolicy[]>]
   [-Delegation <PSDelegation[]>]
   [-PrivateEndpointNetworkPoliciesFlag <String>]
   [-PrivateLinkServiceNetworkPoliciesFlag <String>]
   [-IpAllocation <PSIpAllocation[]>]
   [-DefaultOutboundAccess <Boolean>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzVirtualNetworkSubnetConfig cmdlet creates a virtual network subnet configuration.

Examples

Example 1: Create a virtual network with two subnets and a network security group

New-AzResourceGroup -Name TestResourceGroup -Location centralus

$rdpRule = New-AzNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" `
   -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 `
   -SourceAddressPrefix Internet -SourcePortRange * `
   -DestinationAddressPrefix * -DestinationPortRange 3389 
    
$networkSecurityGroup = New-AzNetworkSecurityGroup -ResourceGroupName TestResourceGroup `
  -Location centralus -Name "NSG-FrontEnd" -SecurityRules $rdpRule

$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet `
    -AddressPrefix "10.0.1.0/24" -NetworkSecurityGroup $networkSecurityGroup

$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name backendSubnet `
    -AddressPrefix "10.0.2.0/24" -NetworkSecurityGroup $networkSecurityGroup

$pip = New-AzPublicIpAddress -Name "pip" -ResourceGroupName "natgateway_test" `
   -Location "eastus2" -Sku "Standard" -IdleTimeoutInMinutes 4 -AllocationMethod "static"

$natgateway = New-AzNatGateway -ResourceGroupName "natgateway_test" -Name "nat_gateway" `
   -IdleTimeoutInMinutes 4 -Sku "Standard" -Location "eastus2" -PublicIpAddress $pip

$natGatewaySubnet = New-AzVirtualNetworkSubnetConfig -Name natGatewaySubnet `
   -AddressPrefix "10.0.3.0/24" -InputObject $natGateway

New-AzVirtualNetwork -Name MyVirtualNetwork -ResourceGroupName TestResourceGroup `
    -Location centralus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet,$backendSubnet,$natGatewaySubnet

This example creates two new subnet configurations using the New-AzVirtualNetworkSubnetConfig cmdlet, and then uses them to create a virtual network. The New-AzVirtualNetworkSubnetConfig template only creates an in-memory representation of the subnet. In this example, the frontendSubnet has CIDR 10.0.1.0/24 and references a network security group that allows RDP access. The backendSubnet has CIDR 10.0.2.0/24 and references the same network security group.

Parameters

-AddressPrefix

Specifies a range of IP addresses for a subnet configuration.

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-DefaultOutboundAccess

Default outbound connectivity for all VMs in the subnet

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Delegation

List of services that have permission to perform operations on this subnet.

Type:PSDelegation[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-InputObject

Specifies the nat gateway associated with the subnet configuration

Type:PSNatGateway
Aliases:NatGateway
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-IpAllocation

Specifies IpAllocations for a subnet.

Type:PSIpAllocation[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Name

Specifies the name of the subnet configuration to create.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-NetworkIdentifier

NetworkIdentifier Value for ServiceEndpoint

Type:PSResourceId
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-NetworkSecurityGroup

Specifies a NetworkSecurityGroup object.

Type:PSNetworkSecurityGroup
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-NetworkSecurityGroupId

Specifies the ID of a network security group.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PrivateEndpointNetworkPoliciesFlag

Configure to enable or disable applying network policies on private endpoint in the subnet. Default value is Disabled.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PrivateLinkServiceNetworkPoliciesFlag

Configure to enable or disable applying network policies on private link service in the subnet.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceId

Specifies the Id of NAT Gateway resource associated with the subnet configuration.

Type:String
Aliases:NatGatewayId
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RouteTable

Specifies the route table associated with the subnet configuration.

Type:PSRouteTable
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RouteTableId

Specifies the ID of the route table associated with the subnet configuration.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ServiceEndpoint

Service Endpoint Value

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ServiceEndpointConfig

Service Endpoint with NetworkIdentifier Value

Type:PSServiceEndpoint[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ServiceEndpointPolicy

Service Endpoint Policies

Type:PSServiceEndpointPolicy[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

Inputs

String

PSNetworkSecurityGroup

PSRouteTable

PSNatGateway

String[]

PSServiceEndpointPolicy[]

PSDelegation[]

Outputs

PSSubnet