create-virtual-network-manager-terraform.md

title	Quickstart: Create a mesh network topology with Azure Virtual Network Manager using Terraform
description	In this article, you create a mesh network topology with Azure Virtual Network Manager using Terraform
ms.service	azure-virtual-network-manager
ms.topic	quickstart
ms.custom	devx-track-terraform
author	mbender-ms
ms.author	mbender
ms.date	02/05/2025
content_well_notification	AI-contribution
zone_pivot_groups	azure-virtual-network-manager-quickstart-options
ai-usage	ai-assisted

Quickstart: Create a mesh network topology with Azure Virtual Network Manager using Terraform

Get started with Azure Virtual Network Manager by using Terraform to provision connectivity for all your virtual networks.

In this quickstart, you deploy three virtual networks and use Azure Virtual Network Manager to create a mesh network topology. Then, you verify that the connectivity configuration was applied. You can choose from a deployment with a Subscription scope or a management group scope. Learn more about network manager scopes.

[!INCLUDE Terraform abstract]

In this article, you learn how to:

[!div class="checklist"]

• Create a random value for the Azure resource group name using random_pet.
• Create an Azure resource group using azurerm_resource_group.
• Create an array of virtual networks using azurerm_virtual_network.
• Create an array of subnets using azurerm_subnet.
• Create a virtual network manager using azurerm_virtual_network_manager.
• Create a network manager network group using azurerm_network_manager_network_group.
• Create a network manager static member using azurerm_network_manager_static_member.
• Create a network manager connectivity configuration using azurerm_network_manager_connectivity_configuration.
• Create a network manager deployment using azurerm_network_manager_deployment.

Prerequisites

• Install and configure Terraform
• To modify dynamic network groups, you must be granted access via Azure RBAC role assignment only. Classic Admin/legacy authorization isn't supported

:::zone pivot="sub"

Implement the Terraform code

This code sample implements Azure Virtual Network Manager at the subscription scope.

Note

The sample code for this article is located in the Azure Terraform GitHub repo. You can view the log file containing the test results from current and previous versions of Terraform.

See more articles and sample code showing how to use Terraform to manage Azure resources

1. Create a directory in which to test and run the sample Terraform code and make it the current directory.

2. Create a file named providers.tf and insert the following code:

   [!code-terraformmaster]

3. Create a file named main.tf and insert the following code:

   [!code-terraformmaster]

4. Create a file named variables.tf and insert the following code:

   [!code-terraformmaster]

5. Create a file named outputs.tf and insert the following code:

   [!code-terraformmaster]

:::zone-end

:::zone pivot="mgmt-grp"

Implement the Terraform code

This code sample will implement Azure Virtual Network Manager at the management group scope.

Note

The sample code for this article is located in the Azure Terraform GitHub repo. You can view the log file containing the test results from current and previous versions of Terraform.

See more articles and sample code showing how to use Terraform to manage Azure resources

1. Create a directory in which to test and run the sample Terraform code and make it the current directory.

2. Create a file named providers.tf and insert the following code:

   [!code-terraformmaster]

3. Create a file named main.tf and insert the following code:

   [!code-terraformmaster]

4. Create a file named variables.tf and insert the following code:

   [!code-terraformmaster]

5. Create a file named outputs.tf and insert the following code:

   [!code-terraformmaster]

:::zone-end

Initialize Terraform

[!INCLUDE terraform-init.md]

Create a Terraform execution plan

[!INCLUDE terraform-plan.md]

Apply a Terraform execution plan

[!INCLUDE terraform-apply-plan.md]

Verify the results

Azure CLI

1. Get the Azure resource group name.

   resource_group_name=$(terraform output -raw resource_group_name)

2. Get the virtual network names.

   terraform output virtual_network_names

3. For each virtual network name printed in the previous step, run az network manager list-effective-connectivity-config to print the effective (applied) configurations. Replace the <virtual_network_name> placeholder with the virtual network name.

   az network manager list-effective-connectivity-config \
     --resource-group $resource_group_name \
     --vnet-name <virtual_network_name>
   

Azure PowerShell

1. Get the Azure resource group name.

   $resource_group_name=$(terraform output -raw resource_group_name)

2. Run Get-AzResourceGroup to display the resource group.

   Get-AzResourceGroup -Name $resource_group_name
   

3. For each virtual network name printed in the previous step, run Get-AzNetworkManagerEffectiveConnectivityConfiguration to print the effective (applied) configurations. Replace the <virtual_network_name> placeholder with the virtual network name.

    Get-AzNetworkManagerEffectiveConnectivityConfiguration 
   -VirtualNetworkName <String>
   -VirtualNetworkResourceGroupName $resource_group_name

---

Clean up resources

[!INCLUDE terraform-plan-destroy.md]

Troubleshoot Terraform on Azure

Troubleshoot common problems when using Terraform on Azure

Next steps

[!div class="nextstepaction"] Block network traffic with Azure Virtual Network Manager