azurermNetworkConnectionMonitor

Manages a Network Connection Monitor.

\~> NOTE: Any Network Connection Monitor resource created with API versions 2019-06-01 or earlier (v1) are now incompatible with Terraform, which now only supports v2.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-Watcher-resources",
  }
);
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
  this,
  "example_1",
  {
    address_space: ["10.0.0.0/16"],
    location: azurermResourceGroupExample.location,
    name: "example-Vnet",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermLogAnalyticsWorkspaceExample =
  new azurerm.logAnalyticsWorkspace.LogAnalyticsWorkspace(this, "example_2", {
    location: azurermResourceGroupExample.location,
    name: "example-Workspace",
    resource_group_name: azurermResourceGroupExample.name,
    sku: "PerGB2018",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLogAnalyticsWorkspaceExample.overrideLogicalId("example");
const azurermNetworkWatcherExample = new azurerm.networkWatcher.NetworkWatcher(
  this,
  "example_3",
  {
    location: azurermResourceGroupExample.location,
    name: "example-Watcher",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkWatcherExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_4", {
  address_prefixes: ["10.0.2.0/24"],
  name: "example-Subnet",
  resource_group_name: azurermResourceGroupExample.name,
  virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermNetworkInterfaceExample =
  new azurerm.networkInterface.NetworkInterface(this, "example_5", {
    ip_configuration: [
      {
        name: "testconfiguration1",
        private_ip_address_allocation: "Dynamic",
        subnet_id: azurermSubnetExample.id,
      },
    ],
    location: azurermResourceGroupExample.location,
    name: "example-Nic",
    resource_group_name: azurermResourceGroupExample.name,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkInterfaceExample.overrideLogicalId("example");
const azurermVirtualMachineExample = new azurerm.virtualMachine.VirtualMachine(
  this,
  "example_6",
  {
    location: azurermResourceGroupExample.location,
    name: "example-VM",
    network_interface_ids: [azurermNetworkInterfaceExample.id],
    os_profile: [
      {
        admin_password: "Password1234!",
        admin_username: "testadmin",
        computer_name: "hostnametest01",
      },
    ],
    os_profile_linux_config: [
      {
        disable_password_authentication: false,
      },
    ],
    resource_group_name: azurermResourceGroupExample.name,
    storage_image_reference: [
      {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
      },
    ],
    storage_os_disk: [
      {
        caching: "ReadWrite",
        create_option: "FromImage",
        managed_disk_type: "Standard_LRS",
        name: "osdisk-example01",
      },
    ],
    vm_size: "Standard_D2s_v3",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExample.overrideLogicalId("example");
const azurermVirtualMachineExtensionExample =
  new azurerm.virtualMachineExtension.VirtualMachineExtension(
    this,
    "example_7",
    {
      auto_upgrade_minor_version: true,
      name: "example-VMExtension",
      publisher: "Microsoft.Azure.NetworkWatcher",
      type: "NetworkWatcherAgentLinux",
      type_handler_version: "1.4",
      virtual_machine_id: azurermVirtualMachineExample.id,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExtensionExample.overrideLogicalId("example");
const azurermNetworkConnectionMonitorExample =
  new azurerm.networkConnectionMonitor.NetworkConnectionMonitor(
    this,
    "example_8",
    {
      depends_on: [`\${${azurermVirtualMachineExtensionExample.fqn}}`],
      endpoint: [
        {
          filter: [
            {
              item: [
                {
                  address: azurermVirtualMachineExample.id,
                  type: "AgentAddress",
                },
              ],
              type: "Include",
            },
          ],
          name: "source",
          target_resource_id: azurermVirtualMachineExample.id,
        },
        {
          address: "terraform.io",
          name: "destination",
        },
      ],
      location: azurermNetworkWatcherExample.location,
      name: "example-Monitor",
      network_watcher_id: azurermNetworkWatcherExample.id,
      notes: "examplenote",
      output_workspace_resource_ids: [azurermLogAnalyticsWorkspaceExample.id],
      test_configuration: [
        {
          name: "tcpName",
          protocol: "Tcp",
          tcp_configuration: [
            {
              port: 80,
            },
          ],
          test_frequency_in_seconds: 60,
        },
      ],
      test_group: [
        {
          destination_endpoints: ["destination"],
          name: "exampletg",
          source_endpoints: ["source"],
          test_configuration_names: ["tcpName"],
        },
      ],
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkConnectionMonitorExample.overrideLogicalId("example");

Arguments Reference

The following arguments are supported:

name - (Required) The name which should be used for this Network Connection Monitor. Changing this forces a new resource to be created.
location - (Required) The Azure Region where the Network Connection Monitor should exist. Changing this forces a new resource to be created.
networkWatcherId - (Required) The ID of the Network Watcher. Changing this forces a new resource to be created.
endpoint - (Required) A endpoint block as defined below.
testConfiguration - (Required) A testConfiguration block as defined below.
testGroup - (Required) A testGroup block as defined below.

notes - (Optional) The description of the Network Connection Monitor.
outputWorkspaceResourceIds - (Optional) A list of IDs of the Log Analytics Workspace which will accept the output from the Network Connection Monitor.
tags - (Optional) A mapping of tags which should be assigned to the Network Connection Monitor.

A endpoint block supports the following:

name - (Required) The name of the endpoint for the Network Connection Monitor .
address - (Optional) The IP address or domain name of the Network Connection Monitor endpoint.
coverageLevel - (Optional) The test coverage for the Network Connection Monitor endpoint. Possible values are aboveAverage, average, belowAverage, default, full and low.
excludedIpAddresses - (Optional) A list of IPv4/IPv6 subnet masks or IPv4/IPv6 IP addresses to be excluded to the Network Connection Monitor endpoint.
includedIpAddresses - (Optional) A list of IPv4/IPv6 subnet masks or IPv4/IPv6 IP addresses to be included to the Network Connection Monitor endpoint.
targetResourceId - (Optional) The resource ID which is used as the endpoint by the Network Connection Monitor.
filter - (Optional) A filter block as defined below.
targetResourceType - (Optional) The endpoint type of the Network Connection Monitor. Possible values are azureSubnet, azureVm, azureVNet, externalAddress, mmaWorkspaceMachine and mmaWorkspaceNetwork.

A filter block supports the following:

type - (Optional) The behaviour type of this endpoint filter. Currently the only allowed value is include. Defaults to include.
item - (Optional) A item block as defined below.

A item block supports the following:

type - (Optional) The type of items included in the filter. Possible values are agentAddress. Defaults to agentAddress.
address - (Optional) The address of the filter item.

A testConfiguration block supports the following:

name - (Required) The name of test configuration for the Network Connection Monitor.
protocol - (Required) The protocol used to evaluate tests. Possible values are tcp, http and icmp.
testFrequencyInSeconds - (Optional) The time interval in seconds at which the test evaluation will happen. Defaults to 60.
httpConfiguration - (Optional) A httpConfiguration block as defined below.
icmpConfiguration - (Optional) A icmpConfiguration block as defined below.
preferredIpVersion - (Optional) The preferred IP version which is used in the test evaluation. Possible values are iPv4 and iPv6.
successThreshold - (Optional) A successThreshold block as defined below.
tcpConfiguration - (Optional) A tcpConfiguration block as defined below.

A httpConfiguration block supports the following:

method - (Optional) The HTTP method for the HTTP request. Possible values are get and post. Defaults to get.
port - (Optional) The port for the HTTP connection.
path - (Optional) The path component of the URI. It only accepts the absolute path.
preferHttps - (Optional) Should HTTPS be preferred over HTTP in cases where the choice is not explicit? Defaults to false.
requestHeader - (Optional) A requestHeader block as defined below.
validStatusCodeRanges - (Optional) The HTTP status codes to consider successful. For instance, 2Xx, 301304 and 418.

A requestHeader block supports the following:

name - (Required) The name of the HTTP header.
value - (Required) The value of the HTTP header.

A icmpConfiguration block supports the following:

traceRouteEnabled - (Optional) Should path evaluation with trace route be enabled? Defaults to true.

A successThreshold block supports the following:

checksFailedPercent - (Optional) The maximum percentage of failed checks permitted for a test to be successful.
roundTripTimeMs - (Optional) The maximum round-trip time in milliseconds permitted for a test to be successful.

A tcpConfiguration block supports the following:

port - (Required) The port for the TCP connection.
traceRouteEnabled - (Optional) Should path evaluation with trace route be enabled? Defaults to true.
destinationPortBehavior - (Optional) The destination port behavior for the TCP connection. Possible values are none and listenIfAvailable.

A testGroup block supports the following:

name - (Required) The name of the test group for the Network Connection Monitor.
destinationEndpoints - (Required) A list of destination endpoint names.
sourceEndpoints - (Required) A list of source endpoint names.
testConfigurationNames - (Required) A list of test configuration names.
enabled - (Optional) Should the test group be enabled? Defaults to true.

Attributes Reference

The following attributes are exported:

id - The ID of the Network Connection Monitor.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 30 minutes) Used when creating the Network Connection Monitor.
read - (Defaults to 5 minutes) Used when retrieving the Network Connection Monitor.
update - (Defaults to 30 minutes) Used when updating the Network Connection Monitor.
delete - (Defaults to 30 minutes) Used when deleting the Network Connection Monitor.

Import

Network Connection Monitors can be imported using the resourceId, e.g.

terraform import azurerm_network_connection_monitor.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/networkWatchers/watcher1/connectionMonitors/connectionMonitor1