azurermNetworkPacketCapture
Configures Network Packet Capturing against a Virtual Machine using a Network Watcher.
!> NOTE: The azurermNetworkPacketCapture resource is deprecated and will be removed in favour of azurermVirtualMachinePacketCapture and azurermVirtualMachineScaleSetPacketCapture in version 4.0 of the AzureRM Provider.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "packet-capture-rg",
}
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
this,
"example_1",
{
account_replication_type: "LRS",
account_tier: "Standard",
location: azurermResourceGroupExample.location,
name: "pctestsa",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
this,
"example_2",
{
address_space: ["10.0.0.0/16"],
location: azurermResourceGroupExample.location,
name: "production-network",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermNetworkWatcherExample = new azurerm.networkWatcher.NetworkWatcher(
this,
"example_3",
{
location: azurermResourceGroupExample.location,
name: "network-watcher",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkWatcherExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_4", {
address_prefixes: ["10.0.2.0/24"],
name: "internal",
resource_group_name: azurermResourceGroupExample.name,
virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermNetworkInterfaceExample =
new azurerm.networkInterface.NetworkInterface(this, "example_5", {
ip_configuration: [
{
name: "testconfiguration1",
private_ip_address_allocation: "Dynamic",
subnet_id: azurermSubnetExample.id,
},
],
location: azurermResourceGroupExample.location,
name: "pctest-nic",
resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkInterfaceExample.overrideLogicalId("example");
const azurermVirtualMachineExample = new azurerm.virtualMachine.VirtualMachine(
this,
"example_6",
{
location: azurermResourceGroupExample.location,
name: "pctest-vm",
network_interface_ids: [azurermNetworkInterfaceExample.id],
os_profile: [
{
admin_password: "Password1234!",
admin_username: "testadmin",
computer_name: "pctest-vm",
},
],
os_profile_linux_config: [
{
disable_password_authentication: false,
},
],
resource_group_name: azurermResourceGroupExample.name,
storage_image_reference: [
{
offer: "UbuntuServer",
publisher: "Canonical",
sku: "16.04-LTS",
version: "latest",
},
],
storage_os_disk: [
{
caching: "ReadWrite",
create_option: "FromImage",
managed_disk_type: "Standard_LRS",
name: "osdisk",
},
],
vm_size: "Standard_F2",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExample.overrideLogicalId("example");
const azurermVirtualMachineExtensionExample =
new azurerm.virtualMachineExtension.VirtualMachineExtension(
this,
"example_7",
{
auto_upgrade_minor_version: true,
name: "network-watcher",
publisher: "Microsoft.Azure.NetworkWatcher",
type: "NetworkWatcherAgentLinux",
type_handler_version: "1.4",
virtual_machine_id: azurermVirtualMachineExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExtensionExample.overrideLogicalId("example");
const azurermNetworkPacketCaptureExample =
new azurerm.networkPacketCapture.NetworkPacketCapture(this, "example_8", {
depends_on: [`\${${azurermVirtualMachineExtensionExample.fqn}}`],
name: "pctestcapture",
network_watcher_name: azurermNetworkWatcherExample.name,
resource_group_name: azurermResourceGroupExample.name,
storage_location: [
{
storage_account_id: azurermStorageAccountExample.id,
},
],
target_resource_id: azurermVirtualMachineExample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkPacketCaptureExample.overrideLogicalId("example");
\~> NOTE: This Resource requires that the Network Watcher Virtual Machine Extension is installed on the Virtual Machine before capturing can be enabled which can be installed via the azurermVirtualMachineExtension resource.
Argument Reference
The following arguments are supported:
-
name- (Required) The name to use for this Network Packet Capture. Changing this forces a new resource to be created. -
networkWatcherName- (Required) The name of the Network Watcher. Changing this forces a new resource to be created. -
resourceGroupName- (Required) The name of the resource group in which the Network Watcher exists. Changing this forces a new resource to be created. -
targetResourceId- (Required) The ID of the Resource to capture packets from. Changing this forces a new resource to be created.
\~> NOTE: Currently only Virtual Machines IDs are supported.
-
maximumBytesPerPacket- (Optional) The number of bytes captured per packet. The remaining bytes are truncated. Defaults to0(Entire Packet Captured). Changing this forces a new resource to be created. -
maximumBytesPerSession- (Optional) Maximum size of the capture in Bytes. Defaults to1073741824(1GB). Changing this forces a new resource to be created. -
maximumCaptureDuration- (Optional) The maximum duration of the capture session in seconds. Defaults to18000(5 hours). Changing this forces a new resource to be created. -
storageLocation- (Required) AstorageLocationblock as defined below. Changing this forces a new resource to be created. -
filter- (Optional) One or morefilterblocks as defined below. Changing this forces a new resource to be created.
A storageLocation block contains:
-
filePath- (Optional) A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For Linux virtual machine it must start with/var/captures. -
storageAccountId- (Optional) The ID of the storage account to save the packet capture session
\~> NOTE: At least one of filePath or storageAccountId must be specified.
A filter block contains:
-
localIpAddress- (Optional) The local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created. -
localPort- (Optional) The local port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created. -
protocol- (Required) The Protocol to be filtered on. Possible values includeany,tcpandudp. Changing this forces a new resource to be created. -
remoteIpAddress- (Optional) The remote IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported.. Changing this forces a new resource to be created. -
remotePort- (Optional) The remote port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Changing this forces a new resource to be created.
Attributes Reference
The following attributes are exported:
-
id- The Packet Capture ID. -
storageLocation- (Required) AstorageLocationblock as defined below.
A storageLocation block contains:
storagePath- The URI of the storage path to save the packet capture.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Packet Capture.update- (Defaults to 30 minutes) Used when updating the Packet Capture.read- (Defaults to 5 minutes) Used when retrieving the Packet Capture.delete- (Defaults to 30 minutes) Used when deleting the Packet Capture.
Import
Packet Captures can be imported using the resourceId, e.g.