CloudWiki
Resource
Get a free AWS Well-Architected Assessment ->

Microsoft Azure

Network Interface

Azure Network Interface (NIC) is a networking component that enables virtual machines (VMs) to communicate with other resources and services in a virtual network (VNet) or the internet. A NIC is assigned to each VM and provides connectivity to the network. A NIC is responsible for handling network traffic to and from a VM. It provides a virtual MAC address and virtualized set of network interface controllers to the VM, which allows it to send and receive network traffic. NICs can be associated with a specific subnet within a VNet, and can be assigned one or more IP addresses. Azure Network Interface also provides additional features such as network security groups, IP forwarding, and network virtual appliances. It allows users to control and manage network traffic for a specific VM or subnet.‍
aws cost
Costs
Direct Cost
Indirect Cost
No items found.
Terraform Name
terraform
azurerm_network_interface
Network Interface
attributes:

The following arguments are supported:

  • ip_configuration - (Required) One or more ip_configuration blocks as defined below.
  • location - (Required) The location where the Network Interface should exist. Changing this forces a new resource to be created.
  • name - (Required) The name of the Network Interface. Changing this forces a new resource to be created.
  • resource_group_name - (Required) The name of the Resource Group in which to create the Network Interface. Changing this forces a new resource to be created.
  • dns_servers - (Optional) A list of IP Addresses defining the DNS Servers which should be used for this Network Interface.

Note:

Configuring DNS Servers on the Network Interface will override the DNS Servers defined on the Virtual Network.

  • edge_zone - (Optional) Specifies the Edge Zone within the Azure Region where this Network Interface should exist. Changing this forces a new Network Interface to be created.
  • enable_ip_forwarding - (Optional) Should IP Forwarding be enabled? Defaults to false.
  • enable_accelerated_networking - (Optional) Should Accelerated Networking be enabled? Defaults to false.

Note:

Only certain Virtual Machine sizes are supported for Accelerated Networking - more information can be found in this document.

Note:

To use Accelerated Networking in an Availability Set, the Availability Set must be deployed onto an Accelerated Networking enabled cluster.

  • internal_dns_name_label - (Optional) The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network.
  • tags - (Optional) A mapping of tags to assign to the resource.

The ip_configuration block supports the following:

  • name - (Required) A name used for this IP Configuration.
  • gateway_load_balancer_frontend_ip_configuration_id - (Optional) The Frontend IP Configuration ID of a Gateway SKU Load Balancer.
  • subnet_id - (Optional) The ID of the Subnet where this Network Interface should be located in.

Note:

This is required when private_ip_address_version is set to IPv4.

  • private_ip_address_version - (Optional) The IP Version to use. Possible values are IPv4 or IPv6. Defaults to IPv4.
  • private_ip_address_allocation - (Required) The allocation method used for the Private IP Address. Possible values are Dynamic and Static.

Note:

Dynamic means "An IP is automatically assigned during creation of this Network Interface"; Static means "User supplied IP address will be used"

  • public_ip_address_id - (Optional) Reference to a Public IP Address to associate with this NIC
  • primary - (Optional) Is this the Primary IP Configuration? Must be true for the first ip_configuration when multiple are specified. Defaults to false.

When private_ip_address_allocation is set to Static the following fields can be configured:

  • private_ip_address - (Optional) The Static IP Address which should be used.

When private_ip_address_version is set to IPv4 the following fields can be configured:

  • subnet_id - (Optional) The ID of the Subnet where this Network Interface should be located in.

Associating resources with a
Network Interface
Resources do not "belong" to a
Network Interface
Rather, one or more Security Groups are associated to a resource.
Create
Network Interface
via Terraform:
The following HCL manages a network interface
Syntax:

resource "azurerm_resource_group" "example" {
 name     = "example-resources"
 location = "West Europe"
}

resource "azurerm_virtual_network" "example" {
 name                = "example-network"
 address_space       = ["10.0.0.0/16"]
 location            = azurerm_resource_group.example.location
 resource_group_name = azurerm_resource_group.example.name
}

resource "azurerm_subnet" "example" {
 name                 = "internal"
 resource_group_name  = azurerm_resource_group.example.name
 virtual_network_name = azurerm_virtual_network.example.name
 address_prefixes     = ["10.0.2.0/24"]
}

resource "azurerm_network_interface" "example" {
 name                = "example-nic"
 location            = azurerm_resource_group.example.location
 resource_group_name = azurerm_resource_group.example.name

 ip_configuration {
   name                          = "internal"
   subnet_id                     = azurerm_subnet.example.id
   private_ip_address_allocation = "Dynamic"
 }
}

Create
Network Interface
via CLI:
Parametres:

az network nic create --name
                     --resource-group
                     --subnet
                     [--accelerated-networking {0, 1, f, false, n, no, t, true, y, yes}]
                     [--ag-address-pools]
                     [--application-security-groups]
                     [--dns-servers]
                     [--edge-zone]
                     [--gateway-name]
                     [--internal-dns-name]
                     [--ip-forwarding {0, 1, f, false, n, no, t, true, y, yes}]
                     [--lb-address-pools]
                     [--lb-inbound-nat-rules]
                     [--lb-name]
                     [--location]
                     [--network-security-group]
                     [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                     [--private-ip-address]
                     [--private-ip-address-version {IPv4, IPv6}]
                     [--public-ip-address]
                     [--tags]
                     [--vnet-name]

Example:

az network nic create -g MyResourceGroup --vnet-name MyVnet --subnet MySubnet -n MyNic

Best Practices for
Network Interface

Categorized by Availability, Security & Compliance and Cost

No items found.
Explore all the rules our platform covers
Related blog posts
We haven't write about
Network Interface
yet.
View all blog posts ->
More from
Microsoft Azure
AKS
Containers
Active Directory
Identity
App-Service Plan
App Services
Blob Storage
Storage
Bot
AI & Machine Learning
CDN Profile
App Services
Cache for Redis
Databases
Cosmos DB
Databases
Data Lake Storage
Storage
Disk Storage
Storage
Domain Service
Identity
Files
Storage
Firewall
Networking
Firewall Policy
Networking
Firewall Policy Rule Collection Group
Networking
Front Door
Networking
Function App
Compute
Group
Identity
Image
Compute
Network Interface
Networking
Network Security Group
Networking
PostgreSQL
Databases
Queue Storage
Storage
Resource Group
Management & Governance
Role Definition
Identity
Route Table
Networking
SQL Database
Databases
SQL Server
Databases
Snapshot
Compute
Storage Account
Storage
Subnet
Networking
User
Identity
Virtual Machine
Compute
Virtual Network
Networking