{"id":311,"date":"2019-11-11T21:03:39","date_gmt":"2019-11-11T21:03:39","guid":{"rendered":"https:\/\/iddles.co.uk\/?p=311"},"modified":"2019-11-11T21:03:39","modified_gmt":"2019-11-11T21:03:39","slug":"deploying-infrastructure-without-public-ip-addresses-in-azure-part-2","status":"publish","type":"post","link":"https:\/\/iddles.co.uk\/index.php\/2019\/11\/11\/deploying-infrastructure-without-public-ip-addresses-in-azure-part-2\/","title":{"rendered":"Deploying Infrastructure without Public IP addresses in Azure – Part 2"},"content":{"rendered":"\n

So now we have discussed the issue of Public IP addresses as well as concepts around Azure ARM templates.<\/p>\n\n\n\n

Next step is to remove their use. Its really quite a simple process of removing entries from both the parameters.json<\/strong> and template.json<\/strong> files.<\/p>\n\n\n\n

\"ASAv<\/figure><\/div>\n\n\n\n

Consider the Cisco ASAv deployment from the previous deployment. <\/p>\n\n\n\n

Looking through the values a number of items relating to the devices Public IP address can be found. Luckilly Cisco used the string public<\/strong> to make things simple to find.<\/p>\n\n\n\n

They set things like Public IP sku (Basic), Allocation method, the DNS name along with the address object name.<\/p>\n\n\n\n

These values are referenced within the template.json<\/strong> file. Again looking at the ASAv version an excerpt is shown below<\/p>\n\n\n\n

\"ASAv<\/figure><\/div>\n\n\n\n

The first section is used to describe the varibles for interactive deploymentsor if they are not specified within the parameters.json or overwridden during deploment.<\/p>\n\n\n\n

Further down each one is described as a resource. This is the main section that defines the underlying Azure resource. Consider the snip shown below showing a public IP address name object, along with the Azure ARM API that is called to create the object.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Lastly, towards the bottom of the file is an area where the public IP address is bound to the network adaptor. In this case its Nic0<\/strong> the ASAv’s primary interface.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

I’d love to tell you there is a magic way of editing this but sadly there is not. Using a little bit of search\/delete my method is to:<\/p>\n\n\n\n

  1. Back all files up<\/li>
  2. Identify in parameters.json<\/strong> any entry relating to the Public IP address.<\/li>
  3. Search for those names within the deploy.json<\/strong> file.<\/li>
  4. Remove the entries and the regions around them, remembering to keep the json formatting.<\/li>
  5. Delete the entry from the parameters.json<\/strong><\/li>
  6. Repeat until entries are removed.<\/li>
  7. Test a deployment, verifying using the Azure Activity Log for your subscription <\/li><\/ol>\n\n\n\n

    I have successfully created these for the following infrastructure devices:<\/p>\n\n\n\n

    • Cisco ASAv<\/li>
    • Palo Alto NG Firewall<\/li>
    • CheckPoint NGX Firewall<\/li>
    • Pulse VPN appliance (used to be Juniper)<\/li>
    • RSA Authentication Server<\/li>
    • F5 BIG-IP<\/li><\/ul>\n\n\n\n

      Ill add some links to some before and after examples, however be aware that the templates as well as Azure API’s could in theory change.<\/p>\n\n\n\n

      Good luck. As I say its not easy however is very<\/span> possible.<\/p>\n","protected":false},"excerpt":{"rendered":"

      So now we have discussed the issue of Public IP addresses as well as concepts around Azure ARM templates. Next step is to remove their use. Its really quite a simple process of removing entries from both the parameters.json and template.json files. Consider the Cisco ASAv deployment from the previous deployment. Looking through the values […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[71,68,82,81],"tags":[],"class_list":["post-311","post","type-post","status-publish","format-standard","hentry","category-azure","category-cloud","category-powershell","category-scripting","post-preview"],"_links":{"self":[{"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=311"}],"version-history":[{"count":4,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/311\/revisions"}],"predecessor-version":[{"id":341,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/311\/revisions\/341"}],"wp:attachment":[{"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iddles.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}