{ "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "apiVersion": { "type": "string" }, "sku": { "type": "string" }, "domainConfigurationType": { "type": "string" }, "domainName": { "type": "string" }, "filteredSync": { "type": "string" }, "location": { "type": "string" }, "notificationSettings": { "type": "object" }, "subnetName": { "type": "string" }, "vnetName": { "type": "string" }, "vnetAddressPrefixes": { "type": "array" }, "subnetAddressPrefix": { "type": "string" }, "nsgName": { "type": "string" } }, "resources": [ { "apiVersion": "2017-06-01", "type": "Microsoft.AAD/DomainServices", "name": "[parameters('domainName')]", "location": "[parameters('location')]", "dependsOn": [ "[concat('Microsoft.Network/virtualNetworks/', parameters('vnetName'))]" ], "properties": { "domainName": "[parameters('domainName')]", "subnetId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetName'), '/subnets/', parameters('subnetName'))]", "filteredSync": "[parameters('filteredSync')]", "domainConfigurationType": "[parameters('domainConfigurationType')]", "notificationSettings": "[parameters('notificationSettings')]", "sku": "[parameters('sku')]" } }, { "type": "Microsoft.Network/NetworkSecurityGroups", "name": "[parameters('nsgName')]", "location": "[parameters('location')]", "properties": { "securityRules": [ { "name": "AllowSyncWithAzureAD", "properties": { "access": "Allow", "priority": 101, "direction": "Inbound", "protocol": "Tcp", "sourceAddressPrefix": "AzureActiveDirectoryDomainServices", "sourcePortRange": "*", "destinationAddressPrefix": "*", "destinationPortRange": "443" } }, { "name": "AllowPSRemoting", "properties": { "access": "Allow", "priority": 301, "direction": "Inbound", "protocol": "Tcp", "sourceAddressPrefix": "AzureActiveDirectoryDomainServices", "sourcePortRange": "*", "destinationAddressPrefix": "*", "destinationPortRange": "5986" } }, { "name": "AllowRD", "properties": { "access": "Allow", "priority": 201, "direction": "Inbound", "protocol": "Tcp", "sourceAddressPrefix": "CorpNetSaw", "sourcePortRange": "*", "destinationAddressPrefix": "*", "destinationPortRange": "3389" } } ] }, "apiVersion": "2019-09-01" }, { "type": "Microsoft.Network/virtualNetworks", "name": "[parameters('vnetName')]", "location": "[parameters('location')]", "apiVersion": "2019-09-01", "dependsOn": [ "[concat('Microsoft.Network/NetworkSecurityGroups/', parameters('nsgName'))]" ], "properties": { "addressSpace": { "addressPrefixes": "[parameters('vnetAddressPrefixes')]" }, "subnets": [ { "name": "[parameters('subnetName')]", "properties": { "addressPrefix": "[parameters('subnetAddressPrefix')]", "networkSecurityGroup": { "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/NetworkSecurityGroups/', parameters('nsgName'))]" } } } ] } } ], "outputs": {} }