Azure ExpressRoute

To create an Azure connection, you will need to:

In the Microsoft Azure portal you will need to generate a new S-Key in the ExpressRoute service.
Use the Create an Azure Direct Connect Partner. connection endpoint to create a connection request in Console Connect using the service key from Azure.
- The connection group will be created and the status will be CREATING.
- After connection creation is completed, the status will become ACTIVE.
Configure your peering information

Provisioning Statuses

There are several sub-statuses available for Azure connections, which can be found in the connection.partner.peering field. These statuses are listed in the following table.

Provisioning Status	Description
NOT PROVISIONED	Not yet provisioned.
PROVISIONING	In the process of provisioning with Azure.
PROVISIONED	Connection is active & ready to use.
DEPROVISIONING	In the process of deprovisioning with Azure.

Create Azure Layer 2 connection

After creating a connection request via the Azure dashboard and generating a service key, create the connection by submitting the service key, speed, name and source port.

Azure DirectConnect Partner connections require redundancy - there are always two destination ports.

Because Azure connections require redundancy, this endpoint creates a 'GROUP_LAYER2' connection that groups two 'LAYER2' subconnections rather than a regular 'LAYER2' connection.

Securityapi-key

Request

path Parameters

username

string

The username of the company.

Example: Acme

Request Body schema: application/json

One of:

required	Array of objects List of source ports.
speed required	number Connection speed in Mbps.
azureServiceKey required	string Unique Azure service key.
name required	string Name of the connection.
srcVlanRequest	string or null VLAN request for the source, if applicable.
classOfService	string Class of service for the connection. Enum: "SILVER" "GOLD" "BRONZE"
srcConfigTag	string When "CUSTOMER", configure regular (802.1q) VLANs with consecutively numbered IDs (in dcpPeerings) and we'll map them to the correct endpoint; primary or redundant Enum: "CUSTOMER" "SERVICE"

Responses

200

put/api/company/{username}/connections/directConnectPartner/AZURE/layer2/create

Request samples

Payload

application/json

{"srcPort": [{"portId": "60bec23b28634d0015f872fa"
},
{"portId": "60bec23b28634d0015f872fa"
}
],
"speed": 1,
"azureServiceKey": "19ca18d7-0166-4190-8274-9568c50f4328",
"name": "AzureExpressRoute",
"srcVlanRequest": null,
"classOfService": "SILVER",
"srcConfigTag": "CUSTOMER"
}

Update an Azure connection's peering config

Use this endpoint to update your peering information with the three Azure services:

Type	Description
PUBLIC	Azure services available via public IP address. Examples include Azure storage, Azure SQL databases Azure Active Directory and Azure websites.
PRIVATE	Private Azure services, not available via public IP address. Examples include Azure virtual machines and cloud services hosted within a virtual network.
MICROSOFT	Other Microsoft services offered via public IP. Examples include Office 365.

You can not call this endpoint before the connection has been provisioned (before the connection status is ACTIVE)

Securityapi-key

Request

path Parameters

username required	string The username of the company that created the connection. Example: Acme
connectionId required	string The ObjectID from the Create Azure connection endpoint. Example: 507f1f77bcf86cd799439011
peeringType required	string The type of peering i.e Private Azure (PRIVATE), Public Azure (PUBLIC) or Microsoft / Office365 (MICROSOFT) Example: PRIVATE

Request Body schema: application/json

vlanId	integer The VLAN ID of the connection. This is used to identify the connection on the Azure side.
peerAsn	integer The Autonomous System Number (ASN) of the peer. This is used to identify the peer on the Azure side.
primaryPeerSubnet	string The primary subnet of the peer. This is used to identify the primary connection endpoint on the peer side.
secondaryPeerSubnet	string The secondary subnet of the peer. This is used to identify the secondary connection endpoint on the peer side.

Responses

200

post/api/company/{username}/connections/directConnectPartner/AZURE/layer2/{connectionId}/peering/{peeringType}(PUBLIC|PRIVATE|MICROSOFT)

Request samples

Payload

application/json

{"vlanId": 10,
"peerAsn": 2342,
"primaryPeerSubnet": "111.22.3.5/30",
"secondaryPeerSubnet": "111.22.3.6/30"
}

Response samples

application/json

{"peerAsn": 54321,
"vlanId": 1000,
"primaryPeerSubnet": "10.0.1.0/30",
"secondaryPeerSubnet": "10.0.2.0/30",
"azureAsn": 12345,
"primaryAzurePort": "azure1",
"secondaryAzurePort": "azure2",
"state": "Enabled"
}

Read an Azure connection's peering config

Read an Azure connection's peering config from the system. Note that if you have recently changed this information in the Azure dashboard it may take some time to propagate back to Console Connect.

syncStatus

Peering sync status can be one of the following values:

syncStatus	Description
PENDING	The request has been sent to the system
SYNCING	The system is syncing the configuration with Azure
SYNCED	The configuration is active in Azure

Note that 'advertisedPublicPrefixes' and 'routingRegistryName' are only used for configs of type MICROSOFT.

Securityapi-key

Request

path Parameters

username required	string The username of the company that created the connection. Example: Acme
connectionId required	string The ObjectID from the Create Azure connection endpoint. Example: 507f1f77bcf86cd799439011
peeringType required	string The type of peering i.e Private Azure (PRIVATE), Public Azure (PUBLIC) or Microsoft / Office365 (MICROSOFT) Example: PRIVATE

Responses

200

get/api/company/{username}/connections/directConnectPartner/AZURE/layer2/{connectionId}/peering/{peeringType}(PUBLIC|PRIVATE|MICROSOFT)

Response samples

application/json

{"peerAsn": 54321,
"vlanId": 1000,
"primaryPeerSubnet": "10.0.1.0/30",
"secondaryPeerSubnet": "10.0.2.0/30",
"azureAsn": 12345,
"primaryAzurePort": "azure1",
"secondaryAzurePort": "azure2",
"state": "Enabled"
}

Delete an Azure connection's peering config

Securityapi-key

Request

path Parameters

username required	string The username of the company that created the connection. Example: Acme
connectionId required	string The ObjectID from the Create Azure connection endpoint. Example: 507f1f77bcf86cd799439011
peeringType required	string The type of peering i.e Private Azure (PRIVATE), Public Azure (PUBLIC) or Microsoft / Office365 (MICROSOFT) Example: PRIVATE

Responses

200

delete/api/company/{username}/connections/directConnectPartner/AZURE/layer2/{connectionId}/peering/{peeringType}(PUBLIC|PRIVATE|MICROSOFT)

Verify the key

You can use this endpoint to verify and retrieve information from the service key before you create the connection.

Securityapi-key

Request

path Parameters

username

string

The username of the company.

Example: Acme

Request Body schema: application/json

azureServiceKey

string

Service key provided by Azure

Responses

200

post/api/company/{username}/connections/directConnectPartner/AZURE/serviceKey

Request samples

Payload

application/json

{"azureServiceKey": "example-service-key"
}

Response samples

application/json

{"azureConfig": {"serviceKey": null,
"primary": "HKB-PCCW-06GMR-CIS-1-PRI-A",
"secondary": "HKB-PCCW-06GMR-CIS-2-SEC-A",
"provisionState": "NotProvisioned",
"status": "Enabled",
"bandwidth": 50,
"stag": 66
},
"primaryPort": { },
"secondaryPort": { }
}

➔ Next to Google Cloud Engine