Merge pull request #113350 from vhorne/fw-qs-template

Update and move template in qs

Author: Court72

articles/firewall/deploy-template.md

@@ -1,68 +1,86 @@
 ---
-title: Deploy Azure Firewall using a template
-description: Deploy Azure Firewall using a template. The created network has one VNet with three subnets. Two, two-core Windows Server virtual machines are deployed.
+title: 'Quickstart: Create an Azure Firewall with Availability Zones - Resource Manager template'
+description: Deploy Azure Firewall using a template. The virtual network has one VNet with three subnets. Two Windows Server virtual machines are deployed; a jump box and a server.
 services: firewall
 author: vhorne
 ms.service: firewall
-ms.topic: article
-ms.date: 11/19/2019
+ms.topic: quickstart
+ms.date: 04/30/2020
 ms.author: victorh
 ---
 
-# Deploy Azure Firewall using a template
+# Quickstart: Deploy Azure Firewall with Availability Zones - Resource Manager template
 
-The [Create AzureFirewall sandbox setup template](https://github.com/Azure/azure-quickstart-templates/tree/master/101-azurefirewall-with-zones-sandbox) creates a test network environment with a firewall. The network has one virtual network (VNet) with three subnets: *AzureFirewallSubnet*, *ServersSubnet*, and *JumpboxSubnet*. The *ServersSubnet* and *JumpboxSubnet* subnet each have a single, two-core Windows Server virtual machine.
+In this quickstart, you use a Resource Manager template to deploy an Azure Firewall in three Availability Zones. 
+
+The template creates a test network environment with a firewall. The network has one virtual network (VNet) with three subnets: *AzureFirewallSubnet*, *ServersSubnet*, and *JumpboxSubnet*. The *ServersSubnet* and *JumpboxSubnet* subnet each have a single, two-core Windows Server virtual machine.
 
 The firewall is in the *AzureFirewallSubnet* subnet, and has an application rule collection with a single rule that allows access to `www.microsoft.com`.
 
 A user-defined route points network traffic from the *ServersSubnet* subnet through the firewall, where the firewall rules are applied.
 
+[!INCLUDE [About Azure Resource Manager](../../includes/resource-manager-quickstart-introduction.md)]
+
 For more information about Azure Firewall, see [Deploy and configure Azure Firewall using the Azure portal](tutorial-firewall-deploy-portal.md).
 
+## Prerequisites
+
+- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+
+## Create an Azure Firewall with Availability Zones
+
+This template creates an Azure Firewall with Availability Zones, along with the necessary resources to support the Azure Firewall.
+
+### Review the template
 
-[!INCLUDE [updated-for-az](../../includes/updated-for-az.md)]
+The template used in this quickstart is from [Azure Quickstart templates](https://github.com/Azure/azure-quickstart-templates/blob/master/101-azurefirewall-with-zones-sandbox/azuredeploy.json).
 
-## Use the template to deploy Azure Firewall
+:::code language="json" source="~/quickstart-templates/101-azurefirewall-with-zones-sandbox/azuredeploy.json" range="001-444" highlight="369-442":::
 
-If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+Multiple Azure resources are defined in the template:
 
-**To install and deploy Azure Firewall by using the template:**
+- [**Microsoft.Network/publicIPAddresses**](/azure/templates/microsoft.network/publicipaddresses)
+- [**Microsoft.Network/networkSecurityGroups**](/azure/templates/microsoft.network/networksecuritygroups)
+- [**Microsoft.Network/virtualNetworks**](/azure/templates/microsoft.network/virtualnetworks)
+- [**Microsoft.Compute/virtualMachines**](/azure/templates/microsoft.compute/virtualmachines)
+- [**Microsoft.Network/networkInterfaces**](/azure/templates/microsoft.network/networkinterfaces)
+- [**Microsoft.Storage/storageAccounts**](/azure/templates/microsoft.storage/storageAccounts)
+- [**Microsoft.Network/azureFirewalls**](/azure/templates/microsoft.network/azureFirewalls)
+- [**Microsoft.Network/routeTables**](/azure/templates/microsoft.network/routeTables)
 
-1. Access the template at [https://github.com/Azure/azure-quickstart-templates/tree/master/101-azurefirewall-with-zones-sandbox](https://github.com/Azure/azure-quickstart-templates/tree/master/101-azurefirewall-with-zones-sandbox).
-   
-1. Read the introduction, and when ready to deploy, select **Deploy to Azure**.
-   
-1. Sign in to the Azure portal if necessary. 
+### Deploy the template
 
-1. In the portal, on the **Create a sandbox setup of AzureFirewall** page, type or select the following values:
-   
+Deploy the Resource Manager template to Azure:
+
+1. Select **Deploy to Azure** to sign in to Azure and open the template. The template creates an Azure Firewall, the network infrastructure, and two virtual machines.
+
+   [![Deploy to Azure](../media/template-deployments/deploy-to-azure.svg)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2F101-azurefirewall-with-zones-sandbox%2Fazuredeploy.json)
+
+2. In the portal, on the **Create a sandbox setup of Azure Firewall with Zones** page, type or select the following values:
    - **Resource group**: Select **Create new**, type a name for the resource group, and select **OK**. 
    - **Virtual Network Name**: Type a name for the new VNet. 
    - **Admin Username**: Type a username for the administrator user account.
    - **Admin Password**: Type an administrator password. 
-   
-1. Read the terms and conditions, and then select **I agree to the terms and conditions stated above**.
-   
-1. Select **Purchase**.
-   
-   It will take a few minutes to create the resources. 
-   
-1. Explore the resources that were created with the firewall. 
+
+3. Read the terms and conditions, and then select **I agree to the terms and conditions stated above** and then select **Purchase**. The deployment can take 10 minutes or longer to complete.
+
+## Review deployed resources
+
+Explore the resources that were created with the firewall.
 
 To learn about the JSON syntax and properties for a firewall in a template, see [Microsoft.Network/azureFirewalls](/azure/templates/microsoft.network/azurefirewalls).
 
 ## Clean up resources
 
-When you no longer need them, you can remove the resource group, firewall, and all related resources by running the [Remove-AzResourceGroup](/powershell/module/az.resources/remove-azresourcegroup) PowerShell command. To remove a resource group named *MyResourceGroup*, run: 
+When you no longer need them, you can remove the resource group, firewall, and all related resources by running the `Remove-AzResourceGroup` PowerShell command. To remove a resource group named *MyResourceGroup*, run: 
 
 ```azurepowershell-interactive
 Remove-AzResourceGroup -Name MyResourceGroup
 ```
-Don't remove the resource group and firewall yet, if you plan to continue on to the firewall monitoring tutorial. 
+Don't remove the resource group and firewall if you plan to continue on to the firewall monitoring tutorial. 
 
 ## Next steps
 
 Next, you can monitor the Azure Firewall logs:
 
-> [!div class="nextstepaction"]
-> [Tutorial: Monitor Azure Firewall logs](./tutorial-diagnostics.md)
+[Tutorial: Monitor Azure Firewall logs](./tutorial-diagnostics.md)

articles/firewall/toc.yml

@@ -23,6 +23,9 @@
   - name: Deploy with multiple addresses
     displayName: Resource Manager
     href: quick-create-multiple-ip-template.md
+  - name: Deploy with Availability Zones
+    displayName: Resource Manager
+    href: deploy-template.md
 - name: Samples
   items:
   - name: Azure PowerShell
@@ -61,8 +64,6 @@
       href: tutorial-hybrid-ps.md
     - name: Deploy using Azure CLI
       href: deploy-cli.md
-    - name: Deploy using a template
-      href: deploy-template.md
     - name: Deploy with multiple public IP
       href: deploy-multi-public-ip-powershell.md
     - name: Deploy with Availability Zones