Before You Deploy vSRX Using the Azure CLI
Starting in Junos OS Release 15.1X49-D80 and Junos OS Release 17.3R1, you can deploy the vSRX from the Azure CLI and customize the vSRX VM deployment settings and dependencies based on your network requirements in Microsoft Azure Cloud.
The vSRX deployment files in the GitHub repository include:
deploy-azure-vsrx.shshell script to automate the deployment and configuration of the vSRX virtual machine (VM).
vsrx.jsontemplate file to define the components of the Azure resource group and virtual hardware settings (VM size, interface number and network) of the vSRX VM.
vsrx.parameters.jsonparameter file to identify the network interface parameters used to deploy the vSRX VMin Azure.
Before you deploy the vSRX virtual security appliance from the Azure CLI:
Review the requirements for deploying a vSRX VM in Microsoft Azure Cloud in Requirements for vSRX on Microsoft Azure.
Obtain an account for and a subscription to Microsoft Azure (see Microsoft Azure).
From the Azure portal, you must first manually deploy the vSRX image (only once) by using either the vSRX Next Generation Firewall (BYOL) or the vSRX Next Generation Firewall (PAYG) SKU to accept the EULA terms. This is a requirement before you can deploy the vSRX image from the Azure CLI. By default, the Azure portal deployment tool uses vSRX Next Generation Firewall (BYOL) SKU as the source image. Use your Microsoft account username and password to log into the Microsoft Azure portal.
You will encounter a MarketplacePurchaseEligibilityFailed error if do not first accept the EULA terms for the vSRX image in the Azure portal before attempting to deploy the vSRX image from the Azure CLI.
Install Azure command line interface (Azure CLI) 1.0 and enable Azure Resource Management (ARM) mode (see Install the Azure CLI).
The vSRX for Azure deployment shell script
deploy-azure-vsrx.shis written in shell and Azure CLI version 1.0 commands and does not support Azure CLI version 2.0.
Purchase a vSRX license or request an evaluation license. Licenses can be procured from the Juniper Networks License Management System (LMS).
Deployment of vSRX to Microsoft Azure does not support the use of the Azure CLI from Microsoft Windows. This is because the deploy-azure-vsrx.sh shell script that is used as part of the deployment procedure can be run only from the Linux or Mac OS CLI.
When you deploy a vSRX VM in an Azure virtual network, note the following specifics of the deployment configuration:
Use your Microsoft account username and password to log into the Microsoft Azure portal.
Ensure that your Azure subscription includes the following for your vSRX VM:
vSRX deployment from the Azure CLI is described in detail in Deploying vSRX from the Azure CLI.