Connect Azure VMware Solution with an existing Azure Virtual Network by creating and redeeming Authorization Key
Azure VMware Solution Private cloud comes with a preconfigured dedicated ExpressRoute circuit. This circuit can be used to establish connectivity with Azure Virtual Network. Same circuit can also be used for establishing connectivity with on-premise site using GlobalReach. This tutorial will cover generating an ExpressRoute Authorization Key. This key will be redeemed to create connection with an existing Virtual Network ExpressRoute Gateway in Azure.
-
Steps as outlined in Create Private Cloud or Create Private Cloud with HCX section are completed.
-
Be aware of the limit on number of authorization keys that can be generated per ExpressRoute circuit.
-
Update the parameter values in appropriate parameter file.
-
Run one of the following scripts.
cd Bicep
az deployment group create -g AVS-Step-By-Step-RG -n AVS-ExR-Deployment -c -f "ExRConnection.bicep" -p "@ExRConnection.parameters.json"
cd ARM
az deployment group create -g AVS-Step-By-Step-RG -n AVS-ExR-Deployment -c -f "ExRConnection.deploy.json" -p "@ExRConnection.parameters.json"
cd PowerShell
./Deploy-ExRConnection-GenerateAuthKey.ps1
- If deploying stand-alone, update the sample .tfvars.sample file in the Terraform directory with the deployment values, remove the .sample extension, and run the terraform workflow that fits your environment.
terraform init
terraform plan
terraform apply
- If deploying as a module within a larger implementation, use a module block similar to the following sample and follow your organization's Terraform workflow:
module "AVS-to-New-Vnet" {
source = "../AVS-to-VNet-ExistingVNet/Terraform/"
DeploymentResourceGroupName = "<resource group name where new expressroute connection will be deployed>"
PrivateCloudName = "<existing private cloud name>"
PrivateCloudResourceGroup = "<resource group where existing private cloud is deployed"
Location = "<vnet deployment region>"
GatewayName = "<name for the existing vnet gateway>"
}
- Validate that Authorization Key is generated. This can be validated by either navigating to "Connectivity" menu under Private Cloud Azure Portal or by running equivalent CLI/Powershell command.