Deploying Azure Gateways and Firewalls using PowerShell
Depending on your company’s security policies, you may need to use Azure PowerShell to deploy gateways and firewalls in Azure. This document explains how to use PowerShell commands to deploy gateways and firewalls in Azure and partner firewall offers to your Private Azure Marketplace.
Be aware that this Companion Gateway is not immediately visible in the Azure Marketplace. Hiding the gateway offer makes the Controller deployment process simpler and easier, as when you first deploy an Aviatrix Controller, you only have one marketplace offer to select.
The user who runs this command via Azure PowerShell must have admin permissions for the Azure Private Marketplace. |
Please see this article for general instructions about adding offers to your Azure Private Marketplace.
Listing Aviatrix Available Images
-
Log into Azure PowerShell.
-
Use the following PowerShell command to get a list of possible Aviatrix Azure Companion Gateway Images so you can choose one to add to the marketplace:
az vm image list --publisher aviatrix --all "architecture": "x64", "offer": "aviatrix-companion-gateway-v10", "publisher": "aviatrix-systems", "sku": "aviatrix-companion-gateway-v10", "urn": "aviatrix-systems:aviatrix-companion-gateway-v10:aviatrix-companion-gateway-v10:6.7.7", "version": "6.7.7"
Retrieving the PrivateStoreID
-
Log into your Azure account.
-
Install the Az. Marketplace PowerShell module using this command:
Install-Module -Name Az.Marketplace
-
Next, retrieve a list of private stores created in this Azure tenant to retrieve the PrivateStoreID you need to install on the Private Marketplace. Use this command:
Get-AzMarketplacePrivateStore.
The output generated includes your Private Store ID.
-
Now, validate the offer. Use this command:
Get-AzMarketplacePrivateStoreOffer -PrivateStoreId <PS_id> -OfferId <UniqueOfferId>
-
For <PS_id>, use the PrivateStoreID you retrieved.
-
For <UniqueOfferId>, use publisherId.offerId.
-
|
-
Use the PrivateStoreId from step 3 and follow the steps below to add the offer to your Private Store.
Adding the Aviatrix Companion Gateway Offer to Your Private Marketplace
Use this command to add the gateway image from the public marketplace to your private marketplace:
$Params = @{ privateStoreId = "03e6c03e-074e-474c-8d40-3eac96d82a77" collectionId = "03e6c03e-074e-474c-8d40-3eac96d82a77" offerId = "<offerID for the Aviatrix Companion Gateway>" SpecificPlanIdLimitation =@("<SpecificPlanIdLimitation for the Aviatrix Companion Gateway>") } Set-AzMarketplacePrivateStoreCollectionOffer @Params Collection ID == Private Store ID
Depending on your Controller’s current software version, replace the offerID and SpecificPlanldLimitation values with the correct values. Use this table:
Release | offerID | SpecificPlanIdLimitation |
---|---|---|
6.7 |
aviatrix-systems.aviatrix-companion-gateway-v10 |
aviatrix-companion-gateway-v10u |
6.8 |
aviatrix-systems.aviatrix-companion-gateway-v13 |
aviatrix-companion-gateway-v13u |
6.9 |
aviatrix-systems.aviatrix-companion-gateway-v15 |
aviatrix-companion-gateway-v15u-6-9 |
7.0 |
aviatrix-systems.aviatrix-companion-gateway-v16 |
aviatrix-companion-gateway-v16 |
The Aviatrix Companion Gateway is now part of your Azure Private Marketplace. You can now deploy Aviatrix Companion Gateways for Azure from the Aviatrix Controller.
Adding the Aviatrix Firewall Offer to Your Private Marketplace
Repeat the steps above to add an offer for the Azure Firewall to your Private Marketplace. Use the table below to find the correct Publisher and OfferID.
Name | Publisher | Offer (plan product) | SKU (plan name) |
---|---|---|---|
PAN |
paloaltonetworks |
vmseries1, vmseries-flex |
bundle1, bundle2, byol |
Fortinet |
fortinet |
fortinet_fortigate-vm_v5 |
fortinet_fg-vm fortinet_fg-vm_payg fortinet_fg-vm_payg_20190624 |
Check Point |
checkpoint |
check-point-cg-r81, check-point-cg-r8110 |
sg-ngtp, sg-ngtx, sg-byol, mgmt-byol |
After following these steps, you can deploy Azure Firewalls from your Azure Private Marketplace through the Aviatrix Controller.