Subscribing Gateway and Firewall Offers to Private Azure Marketplace for Aviatrix Deployments

​

Subscribing an Aviatrix Gateway Offer to Azure Private Marketplace

​

Prerequisites

• Verify that the Private Azure Marketplace is enabled for your tenant. If it is not enabled, enable it in the Azure portal. See Azure documentation for detailed steps. By default, only Microsoft offers are available in the private Azure Marketplace.
• Assign the Marketplace Admin role to the user account that will manage the private Azure Marketplace. See Assign the Marketplace Admin role.
• Create the Private Azure Marketplace if it does not already exist. This is a one-time operation per tenant. When you create it, a single collection called “Default Collection” is automatically created. It includes all existing subscriptions in the tenant. See Create a Private Azure Marketplace.
• Ensure that the Azure collection you plan to use is enabled. By default, a single collection called “Default Collection” is created. It includes all existing subscriptions in the tenant, but contains only Microsoft offers by default. You must explicitly add and approve other offers. Make sure the collection is enabled in the Azure Manage Marketplace page. See Enable or disable a collection.
• Identify the Azure subscription that will be used for billing resources. Run the following command to confirm that your current Azure subscription is in the Enabled state:
  Copy

  Ask AI

  az account show --query "{Name:name, SubscriptionId:id, State:state}" -o table
  

​

Subscribing to the Aviatrix Gateway Offer

1. Log in to your Azure account using PowerShell. Use an account that has the Marketplace Admin role in your tenant.
   Copy

   Ask AI

   Connect-AzAccount
   
2. Run the following PowerShell script to subscribe to the Aviatrix Gateway offer in your private Azure Marketplace. Where:
   • Replace CollectionName with your actual collection name. If you do not have a custom collection, use DefaultCollection (no space) in PowerShell.
   • Replace OfferId and SpecificPlanIdLimitation with the appropriate values for your Controller’s software version. See the table below for related values.
   Copy

   Ask AI

   # Provide Azure Private Marketplace Collection Name. By default, a collection is scoped to all subscriptions
   $CollectionName="Default Collection"
   if ($CollectionName -eq "Default Collection") {$CollectionName="DefaultCollection"}
   
   # Install the Az.Marketplace module
   Install-Module -Name Az.Marketplace -Confirm:$false -Force
   
   # Get the Private Store ID
   $PrivateStore = Get-AzMarketplacePrivateStore
   if ($PrivateStore.Availability -ne "enabled") {
       throw "Azure Private Marketplace is not enabled. Follow https://learn.microsoft.com/en-us/marketplace/create-manage-private-azure-marketplace-new#enabledisable-private-azure-marketplace to enable it"
   }
   $PrivateStoreId = $PrivateStore.PrivateStoreId
   
   # Get the Collection ID
   $Collection = Get-AzMarketplacePrivateStoreCollection -PrivateStoreId $PrivateStoreId | Where-Object {$_.CollectionName -eq $CollectionName}
   if (!($Collection.Enabled)) {
       throw "Azure Private Marketplace Collection: $CollectionName is not enabled. Follow https://learn.microsoft.com/en-us/marketplace/create-manage-private-azure-marketplace-new#enabledisable-a-collection to enable it"
   }
   $CollectionId = $Collection.CollectionId
   
   # Add the offer to the private Azure Marketplace
   $Params = @{
       privateStoreId = $PrivateStoreId
       collectionId = $CollectionId
       offerId = "aviatrix-systems.aviatrix-gateway"
       SpecificPlanIdLimitation = @("aviatrix-gateway-g3")
   }
   
   # Set the offer to the private Marketplace
   Set-AzMarketplacePrivateStoreCollectionOffer @Params
   

​

Example Code

# Replace <offer_id> and <specific_plan_id_limitation> (or sku) with appropriate values
$OfferId = "aviatrix-systems.aviatrix-gateway"
$SpecificPlanIdLimitation = "aviatrix-gateway-g3" # Example for 8.0 G3 Gateway

$CollectionName="Default Collection"
if ($CollectionName -eq "Default Collection") {$CollectionName="DefaultCollection"}

Install-Module -Name Az.Marketplace -Confirm:$false -Force

$PrivateStore = Get-AzMarketplacePrivateStore
if ($PrivateStore.Availability -ne "enabled") {
    throw "Azure Private Marketplace is not enabled. Follow https://learn.microsoft.com/en-us/marketplace/create-manage-private-azure-marketplace-new#enabledisable-private-azure-marketplace to enable it"
}
$PrivateStoreId = $PrivateStore.PrivateStoreId

$Collection = Get-AzMarketplacePrivateStoreCollection -PrivateStoreId $PrivateStoreId | Where-Object {$_.CollectionName -eq $CollectionName}
if (!($Collection.Enabled)) {
    throw "Azure Private Marketplace Collection: $CollectionName is not enabled. Follow https://learn.microsoft.com/en-us/marketplace/create-manage-private-azure-marketplace-new#enabledisable-a-collection to enable it"
}
$CollectionId = $Collection.CollectionId

$Params = @{
    privateStoreId = $PrivateStoreId
    collectionId = $CollectionId
    offerId = $OfferId
    SpecificPlanIdLimitation = @($SpecificPlanIdLimitation)
}

Set-AzMarketplacePrivateStoreCollectionOffer @Params

​

Accepting the Marketplace Terms for the Subscription

$PublisherId = "aviatrix-systems"
$OfferId = "aviatrix-gateway"
$PlanId = "aviatrix-gateway-g3"
Set-AzMarketplaceTerms -Publisher $PublisherId -Product $OfferId -Name $PlanId -Accept

az vm image terms accept --publisher aviatrix-systems --offer aviatrix-gateway --plan aviatrix-gateway-g3

​

Subscribing an Aviatrix Firewall Offer to Your Private Azure Marketplace

​

Next Steps

• In the Azure portal, onboard the service principal created under the subscription you used to add the gateway offer. See the relevant Microsoft documentation, if needed.
• You can now deploy Aviatrix Gateways for Azure from the Aviatrix Controller. See Building Your Network in the Aviatrix documentation.