Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
- Latest
- 2025-05-01
- 2025-03-01
- 2025-01-01
- 2024-10-01
- 2024-07-01
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
- 2018-07-01
- 2018-06-01
- 2018-04-01
- 2018-02-01
- 2018-01-01
- 2017-11-01
- 2017-10-01
- 2017-09-01
- 2017-08-01
- 2017-06-01
- 2017-03-30
- 2017-03-01
- 2016-12-01
- 2016-09-01
Bicep resource definition
The networkWatchers/packetCaptures resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkWatchers/packetCaptures resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/networkWatchers/packetCaptures@2025-05-01' = {
parent: resourceSymbolicName
name: 'string'
properties: {
bytesToCapturePerPacket: int
captureSettings: {
fileCount: int
fileSizeInBytes: int
sessionTimeLimitInSeconds: int
}
continuousCapture: bool
filters: [
{
localIPAddress: 'string'
localPort: 'string'
protocol: 'string'
remoteIPAddress: 'string'
remotePort: 'string'
}
]
scope: {
exclude: [
'string'
]
include: [
'string'
]
}
storageLocation: {
filePath: 'string'
localPath: 'string'
storageId: 'string'
storagePath: 'string'
}
target: 'string'
targetType: 'string'
timeLimitInSeconds: int
totalBytesPerSession: int
}
}
Property Values
Microsoft.Network/networkWatchers/packetCaptures
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: networkWatchers |
| properties | Properties of the packet capture. | PacketCaptureParametersOrPacketCaptureResultProperties (required) |
PacketCaptureFilter
| Name | Description | Value |
|---|---|---|
| localIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5"? for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| localPort | Local port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| protocol | Protocol to be filtered on. | 'Any' 'TCP' 'UDP' |
| remoteIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| remotePort | Remote port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
PacketCaptureMachineScope
| Name | Description | Value |
|---|---|---|
| exclude | List of AzureVMSS instances which has to be excluded from the AzureVMSS from running packet capture. | string[] |
| include | List of AzureVMSS instances to run packet capture on. | string[] |
PacketCaptureParametersOrPacketCaptureResultProperties
| Name | Description | Value |
|---|---|---|
| bytesToCapturePerPacket | Number of bytes captured per packet, the remaining bytes are truncated. | int Constraints: Min value = 0 Max value = 4294967295 |
| captureSettings | The capture setting holds the 'FileCount', 'FileSizeInBytes', 'SessionTimeLimitInSeconds' values. | PacketCaptureSettings |
| continuousCapture | This continuous capture is a nullable boolean, which can hold 'null', 'true' or 'false' value. If we do not pass this parameter, it would be consider as 'null', default value is 'null'. | bool |
| filters | A list of packet capture filters. | PacketCaptureFilter[] |
| scope | A list of AzureVMSS instances which can be included or excluded to run packet capture. If both included and excluded are empty, then the packet capture will run on all instances of AzureVMSS. | PacketCaptureMachineScope |
| storageLocation | The storage location for a packet capture session. | PacketCaptureStorageLocation (required) |
| target | The ID of the targeted resource, only AzureVM and AzureVMSS as target type are currently supported. | string (required) |
| targetType | Target type of the resource provided. | 'AzureVM' 'AzureVMSS' |
| timeLimitInSeconds | Maximum duration of the capture session in seconds. | int Constraints: Min value = 0 Max value = 18000 |
| totalBytesPerSession | Maximum size of the capture output. | int Constraints: Min value = 0 Max value = 4294967295 |
PacketCaptureSettings
| Name | Description | Value |
|---|---|---|
| fileCount | Number of file count. Default value of count is 10 and maximum number is 10000. | int Constraints: Min value = 0 Max value = 10000 |
| fileSizeInBytes | Number of bytes captured per packet. Default value in bytes 104857600 (100MB) and maximum in bytes 4294967295 (4GB). | int Constraints: Min value = 0 Max value = 4294967295 |
| sessionTimeLimitInSeconds | Maximum duration of the capture session in seconds is 604800s (7 days) for a file. Default value in second 86400s (1 day). | int Constraints: Min value = 0 Max value = 604800 |
PacketCaptureStorageLocation
| Name | Description | Value |
|---|---|---|
| filePath | This path is invalid if 'Continuous Capture' is provided with 'true' or 'false'. A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. Required if no storage ID is provided, otherwise optional. | string |
| localPath | This path is valid if 'Continuous Capture' is provided with 'true' or 'false' and required if no storage ID is provided, otherwise optional. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. | string |
| storageId | The ID of the storage account to save the packet capture session. Required if no localPath or filePath is provided. | string |
| storagePath | The URI of the storage path to save the packet capture. Must be a well-formed URI describing the location to save the packet capture. | string |
Usage Examples
Bicep Samples
A basic example of deploying Configures Packet Capturing against a Virtual Machine using a Network Watcher.
param resourceName string = 'acctest0001'
param location string = 'westus'
@secure()
@description('The administrator password for the virtual machine')
param adminPassword string
resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = {
name: '${resourceName}-nic'
location: location
properties: {
enableAcceleratedNetworking: false
enableIPForwarding: false
ipConfigurations: [
{
name: 'ipconfig1'
properties: {
primary: true
privateIPAddressVersion: 'IPv4'
privateIPAllocationMethod: 'Dynamic'
subnet: {
id: subnet.id
}
}
}
]
}
}
resource networkWatcher 'Microsoft.Network/networkWatchers@2024-05-01' = {
name: '${resourceName}-nw'
location: location
}
resource virtualMachine 'Microsoft.Compute/virtualMachines@2024-03-01' = {
name: '${resourceName}-vm'
location: location
properties: {
hardwareProfile: {
vmSize: 'Standard_B1s'
}
networkProfile: {
networkInterfaces: [
{
id: networkInterface.id
properties: {
primary: true
}
}
]
}
osProfile: {
adminPassword: null
adminUsername: 'testadmin'
computerName: 'acctest0001-vm'
linuxConfiguration: {
disablePasswordAuthentication: false
}
}
storageProfile: {
imageReference: {
offer: '0001-com-ubuntu-server-jammy'
publisher: 'Canonical'
sku: '22_04-lts'
version: 'latest'
}
osDisk: {
caching: 'ReadWrite'
createOption: 'FromImage'
managedDisk: {
storageAccountType: 'Standard_LRS'
}
name: 'acctest0001-osdisk'
writeAcceleratorEnabled: false
}
}
}
}
resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = {
name: '${resourceName}-vnet'
location: location
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
]
}
dhcpOptions: {
dnsServers: []
}
privateEndpointVNetPolicies: 'Disabled'
}
}
resource extension 'Microsoft.Compute/virtualMachines/extensions@2024-03-01' = {
parent: virtualMachine
name: 'network-watcher'
location: location
properties: {
autoUpgradeMinorVersion: true
enableAutomaticUpgrade: false
publisher: 'Microsoft.Azure.NetworkWatcher'
suppressFailures: false
type: 'NetworkWatcherAgentLinux'
typeHandlerVersion: '1.4'
}
}
resource packetCapture 'Microsoft.Network/networkWatchers/packetCaptures@2024-05-01' = {
parent: networkWatcher
name: '${resourceName}-pc'
properties: {
bytesToCapturePerPacket: 0
storageLocation: {
filePath: '/var/captures/packet.cap'
}
target: virtualMachine.id
targetType: 'AzureVM'
timeLimitInSeconds: 18000
totalBytesPerSession: 1073741824
}
}
resource subnet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = {
parent: virtualNetwork
name: 'internal'
properties: {
addressPrefix: '10.0.2.0/24'
defaultOutboundAccess: true
delegations: []
privateEndpointNetworkPolicies: 'Disabled'
privateLinkServiceNetworkPolicies: 'Enabled'
serviceEndpointPolicies: []
serviceEndpoints: []
}
}
ARM template resource definition
The networkWatchers/packetCaptures resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkWatchers/packetCaptures resource, add the following JSON to your template.
{
"type": "Microsoft.Network/networkWatchers/packetCaptures",
"apiVersion": "2025-05-01",
"name": "string",
"properties": {
"bytesToCapturePerPacket": "int",
"captureSettings": {
"fileCount": "int",
"fileSizeInBytes": "int",
"sessionTimeLimitInSeconds": "int"
},
"continuousCapture": "bool",
"filters": [
{
"localIPAddress": "string",
"localPort": "string",
"protocol": "string",
"remoteIPAddress": "string",
"remotePort": "string"
}
],
"scope": {
"exclude": [ "string" ],
"include": [ "string" ]
},
"storageLocation": {
"filePath": "string",
"localPath": "string",
"storageId": "string",
"storagePath": "string"
},
"target": "string",
"targetType": "string",
"timeLimitInSeconds": "int",
"totalBytesPerSession": "int"
}
}
Property Values
Microsoft.Network/networkWatchers/packetCaptures
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2025-05-01' |
| name | The resource name | string (required) |
| properties | Properties of the packet capture. | PacketCaptureParametersOrPacketCaptureResultProperties (required) |
| type | The resource type | 'Microsoft.Network/networkWatchers/packetCaptures' |
PacketCaptureFilter
| Name | Description | Value |
|---|---|---|
| localIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5"? for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| localPort | Local port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| protocol | Protocol to be filtered on. | 'Any' 'TCP' 'UDP' |
| remoteIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| remotePort | Remote port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
PacketCaptureMachineScope
| Name | Description | Value |
|---|---|---|
| exclude | List of AzureVMSS instances which has to be excluded from the AzureVMSS from running packet capture. | string[] |
| include | List of AzureVMSS instances to run packet capture on. | string[] |
PacketCaptureParametersOrPacketCaptureResultProperties
| Name | Description | Value |
|---|---|---|
| bytesToCapturePerPacket | Number of bytes captured per packet, the remaining bytes are truncated. | int Constraints: Min value = 0 Max value = 4294967295 |
| captureSettings | The capture setting holds the 'FileCount', 'FileSizeInBytes', 'SessionTimeLimitInSeconds' values. | PacketCaptureSettings |
| continuousCapture | This continuous capture is a nullable boolean, which can hold 'null', 'true' or 'false' value. If we do not pass this parameter, it would be consider as 'null', default value is 'null'. | bool |
| filters | A list of packet capture filters. | PacketCaptureFilter[] |
| scope | A list of AzureVMSS instances which can be included or excluded to run packet capture. If both included and excluded are empty, then the packet capture will run on all instances of AzureVMSS. | PacketCaptureMachineScope |
| storageLocation | The storage location for a packet capture session. | PacketCaptureStorageLocation (required) |
| target | The ID of the targeted resource, only AzureVM and AzureVMSS as target type are currently supported. | string (required) |
| targetType | Target type of the resource provided. | 'AzureVM' 'AzureVMSS' |
| timeLimitInSeconds | Maximum duration of the capture session in seconds. | int Constraints: Min value = 0 Max value = 18000 |
| totalBytesPerSession | Maximum size of the capture output. | int Constraints: Min value = 0 Max value = 4294967295 |
PacketCaptureSettings
| Name | Description | Value |
|---|---|---|
| fileCount | Number of file count. Default value of count is 10 and maximum number is 10000. | int Constraints: Min value = 0 Max value = 10000 |
| fileSizeInBytes | Number of bytes captured per packet. Default value in bytes 104857600 (100MB) and maximum in bytes 4294967295 (4GB). | int Constraints: Min value = 0 Max value = 4294967295 |
| sessionTimeLimitInSeconds | Maximum duration of the capture session in seconds is 604800s (7 days) for a file. Default value in second 86400s (1 day). | int Constraints: Min value = 0 Max value = 604800 |
PacketCaptureStorageLocation
| Name | Description | Value |
|---|---|---|
| filePath | This path is invalid if 'Continuous Capture' is provided with 'true' or 'false'. A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. Required if no storage ID is provided, otherwise optional. | string |
| localPath | This path is valid if 'Continuous Capture' is provided with 'true' or 'false' and required if no storage ID is provided, otherwise optional. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. | string |
| storageId | The ID of the storage account to save the packet capture session. Required if no localPath or filePath is provided. | string |
| storagePath | The URI of the storage path to save the packet capture. Must be a well-formed URI describing the location to save the packet capture. | string |
Usage Examples
Terraform (AzAPI provider) resource definition
The networkWatchers/packetCaptures resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkWatchers/packetCaptures resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/networkWatchers/packetCaptures@2025-05-01"
name = "string"
parent_id = "string"
body = {
properties = {
bytesToCapturePerPacket = int
captureSettings = {
fileCount = int
fileSizeInBytes = int
sessionTimeLimitInSeconds = int
}
continuousCapture = bool
filters = [
{
localIPAddress = "string"
localPort = "string"
protocol = "string"
remoteIPAddress = "string"
remotePort = "string"
}
]
scope = {
exclude = [
"string"
]
include = [
"string"
]
}
storageLocation = {
filePath = "string"
localPath = "string"
storageId = "string"
storagePath = "string"
}
target = "string"
targetType = "string"
timeLimitInSeconds = int
totalBytesPerSession = int
}
}
}
Property Values
Microsoft.Network/networkWatchers/packetCaptures
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: networkWatchers |
| properties | Properties of the packet capture. | PacketCaptureParametersOrPacketCaptureResultProperties (required) |
| type | The resource type | "Microsoft.Network/networkWatchers/packetCaptures@2025-05-01" |
PacketCaptureFilter
| Name | Description | Value |
|---|---|---|
| localIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5"? for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| localPort | Local port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| protocol | Protocol to be filtered on. | 'Any' 'TCP' 'UDP' |
| remoteIPAddress | Local IP Address to be filtered on. Notation: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
| remotePort | Remote port to be filtered on. Notation: "80" for single port entry."80-85" for range. "80;443;" for multiple entries. Multiple ranges not currently supported. Mixing ranges with multiple entries not currently supported. Default = null. | string |
PacketCaptureMachineScope
| Name | Description | Value |
|---|---|---|
| exclude | List of AzureVMSS instances which has to be excluded from the AzureVMSS from running packet capture. | string[] |
| include | List of AzureVMSS instances to run packet capture on. | string[] |
PacketCaptureParametersOrPacketCaptureResultProperties
| Name | Description | Value |
|---|---|---|
| bytesToCapturePerPacket | Number of bytes captured per packet, the remaining bytes are truncated. | int Constraints: Min value = 0 Max value = 4294967295 |
| captureSettings | The capture setting holds the 'FileCount', 'FileSizeInBytes', 'SessionTimeLimitInSeconds' values. | PacketCaptureSettings |
| continuousCapture | This continuous capture is a nullable boolean, which can hold 'null', 'true' or 'false' value. If we do not pass this parameter, it would be consider as 'null', default value is 'null'. | bool |
| filters | A list of packet capture filters. | PacketCaptureFilter[] |
| scope | A list of AzureVMSS instances which can be included or excluded to run packet capture. If both included and excluded are empty, then the packet capture will run on all instances of AzureVMSS. | PacketCaptureMachineScope |
| storageLocation | The storage location for a packet capture session. | PacketCaptureStorageLocation (required) |
| target | The ID of the targeted resource, only AzureVM and AzureVMSS as target type are currently supported. | string (required) |
| targetType | Target type of the resource provided. | 'AzureVM' 'AzureVMSS' |
| timeLimitInSeconds | Maximum duration of the capture session in seconds. | int Constraints: Min value = 0 Max value = 18000 |
| totalBytesPerSession | Maximum size of the capture output. | int Constraints: Min value = 0 Max value = 4294967295 |
PacketCaptureSettings
| Name | Description | Value |
|---|---|---|
| fileCount | Number of file count. Default value of count is 10 and maximum number is 10000. | int Constraints: Min value = 0 Max value = 10000 |
| fileSizeInBytes | Number of bytes captured per packet. Default value in bytes 104857600 (100MB) and maximum in bytes 4294967295 (4GB). | int Constraints: Min value = 0 Max value = 4294967295 |
| sessionTimeLimitInSeconds | Maximum duration of the capture session in seconds is 604800s (7 days) for a file. Default value in second 86400s (1 day). | int Constraints: Min value = 0 Max value = 604800 |
PacketCaptureStorageLocation
| Name | Description | Value |
|---|---|---|
| filePath | This path is invalid if 'Continuous Capture' is provided with 'true' or 'false'. A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. Required if no storage ID is provided, otherwise optional. | string |
| localPath | This path is valid if 'Continuous Capture' is provided with 'true' or 'false' and required if no storage ID is provided, otherwise optional. Must include the name of the capture file (*.cap). For linux virtual machine it must start with /var/captures. | string |
| storageId | The ID of the storage account to save the packet capture session. Required if no localPath or filePath is provided. | string |
| storagePath | The URI of the storage path to save the packet capture. Must be a well-formed URI describing the location to save the packet capture. | string |
Usage Examples
Terraform Samples
A basic example of deploying Configures Packet Capturing against a Virtual Machine using a Network Watcher.
terraform {
required_providers {
azapi = {
source = "Azure/azapi"
}
}
}
provider "azapi" {
skip_provider_registration = false
}
variable "resource_name" {
type = string
default = "acctest0001"
}
variable "location" {
type = string
default = "westus"
}
variable "admin_password" {
type = string
sensitive = true
description = "The administrator password for the virtual machine"
}
resource "azapi_resource" "resourceGroup" {
type = "Microsoft.Resources/resourceGroups@2020-06-01"
name = var.resource_name
location = var.location
}
resource "azapi_resource" "networkWatcher" {
type = "Microsoft.Network/networkWatchers@2024-05-01"
parent_id = azapi_resource.resourceGroup.id
name = "${var.resource_name}-nw"
location = var.location
}
resource "azapi_resource" "virtualNetwork" {
type = "Microsoft.Network/virtualNetworks@2024-05-01"
parent_id = azapi_resource.resourceGroup.id
name = "${var.resource_name}-vnet"
location = var.location
body = {
properties = {
addressSpace = {
addressPrefixes = ["10.0.0.0/16"]
}
dhcpOptions = {
dnsServers = []
}
privateEndpointVNetPolicies = "Disabled"
}
}
}
resource "azapi_resource" "subnet" {
type = "Microsoft.Network/virtualNetworks/subnets@2024-05-01"
parent_id = azapi_resource.virtualNetwork.id
name = "internal"
body = {
properties = {
addressPrefix = "10.0.2.0/24"
defaultOutboundAccess = true
delegations = []
privateEndpointNetworkPolicies = "Disabled"
privateLinkServiceNetworkPolicies = "Enabled"
serviceEndpointPolicies = []
serviceEndpoints = []
}
}
}
resource "azapi_resource" "networkInterface" {
type = "Microsoft.Network/networkInterfaces@2024-05-01"
parent_id = azapi_resource.resourceGroup.id
name = "${var.resource_name}-nic"
location = var.location
body = {
properties = {
enableAcceleratedNetworking = false
enableIPForwarding = false
ipConfigurations = [{
name = "ipconfig1"
properties = {
primary = true
privateIPAddressVersion = "IPv4"
privateIPAllocationMethod = "Dynamic"
subnet = {
id = azapi_resource.subnet.id
}
}
}]
}
}
}
resource "azapi_resource" "virtualMachine" {
type = "Microsoft.Compute/virtualMachines@2024-03-01"
parent_id = azapi_resource.resourceGroup.id
name = "${var.resource_name}-vm"
location = var.location
body = {
properties = {
hardwareProfile = {
vmSize = "Standard_B1s"
}
networkProfile = {
networkInterfaces = [{
id = azapi_resource.networkInterface.id
properties = {
primary = true
}
}]
}
osProfile = {
adminPassword = var.admin_password
adminUsername = "testadmin"
computerName = "${var.resource_name}-vm"
linuxConfiguration = {
disablePasswordAuthentication = false
}
}
storageProfile = {
imageReference = {
offer = "0001-com-ubuntu-server-jammy"
publisher = "Canonical"
sku = "22_04-lts"
version = "latest"
}
osDisk = {
caching = "ReadWrite"
createOption = "FromImage"
managedDisk = {
storageAccountType = "Standard_LRS"
}
name = "${var.resource_name}-osdisk"
writeAcceleratorEnabled = false
}
}
}
}
}
resource "azapi_resource" "extension" {
type = "Microsoft.Compute/virtualMachines/extensions@2024-03-01"
parent_id = azapi_resource.virtualMachine.id
name = "network-watcher"
location = var.location
body = {
properties = {
autoUpgradeMinorVersion = true
enableAutomaticUpgrade = false
publisher = "Microsoft.Azure.NetworkWatcher"
suppressFailures = false
type = "NetworkWatcherAgentLinux"
typeHandlerVersion = "1.4"
}
}
}
resource "azapi_resource" "packetCapture" {
type = "Microsoft.Network/networkWatchers/packetCaptures@2024-05-01"
parent_id = azapi_resource.networkWatcher.id
name = "${var.resource_name}-pc"
body = {
properties = {
bytesToCapturePerPacket = 0
storageLocation = {
filePath = "/var/captures/packet.cap"
}
target = azapi_resource.virtualMachine.id
targetType = "AzureVM"
timeLimitInSeconds = 18000
totalBytesPerSession = 1073741824
}
}
}