Document: "azureFirewall"
Azure Firewall resource.
azure_azure_firewall {
api_version => "api_version",
id => "id (optional)",
location => "location (optional)",
parameters => "parameters",
properties => $azure_azure_firewall_properties_format
resource_group_name => "resource_group_name",
subscription_id => "subscription_id",
tags => "tags (optional)",
zones => "zones (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| api_version | String | true | Client API version. |
| id | String | false | Resource ID. |
| location | String | false | Resource location. |
| parameters | Hash | true | Parameters supplied to the create or update Azure Firewall operation. |
| properties | AzureFirewallPropertiesFormat | false | Properties of the azure firewall. |
| resource_group_name | String | true | The name of the resource group. |
| subscription_id | String | true | The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call. |
| tags | Hash | false | Resource tags. |
| zones | Array | false | A list of availability zones denoting where the resource needs to come from. |
Properties of the Azure Firewall.
$azure_azure_firewall_properties_format = {
applicationRuleCollections => $azure_azure_firewall_application_rule_collection
firewallPolicy => $azure_sub_resource
hubIpAddresses => $azure_hub_ip_addresses
ipConfigurations => $azure_azure_firewall_ip_configuration
natRuleCollections => $azure_azure_firewall_nat_rule_collection
networkRuleCollections => $azure_azure_firewall_network_rule_collection
provisioningState => $azure_provisioning_state
threatIntelMode => $azure_azure_firewall_threat_intel_mode
virtualHub => $azure_sub_resource
}| Name | Type | Required | Description |
|---|---|---|---|
| applicationRuleCollections | AzureFirewallApplicationRuleCollection | false | Collection of application rule collections used by Azure Firewall. |
| firewallPolicy | SubResource | false | The firewallPolicy associated with this azure firewall. |
| hubIpAddresses | HubIPAddresses | false | IP addresses associated with AzureFirewall. |
| ipConfigurations | AzureFirewallIPConfiguration | false | IP configuration of the Azure Firewall resource. |
| natRuleCollections | AzureFirewallNatRuleCollection | false | Collection of NAT rule collections used by Azure Firewall. |
| networkRuleCollections | AzureFirewallNetworkRuleCollection | false | Collection of network rule collections used by Azure Firewall. |
| provisioningState | ProvisioningState | false | The provisioning state of the resource. |
| threatIntelMode | AzureFirewallThreatIntelMode | false | The operation mode for Threat Intelligence. |
| virtualHub | SubResource | false | The virtualHub to which the firewall belongs. |
Application rule collection resource.
$azure_azure_firewall_application_rule_collection = {
id => "id (optional)",
name => "name (optional)",
properties => $azure_azure_firewall_application_rule_collection_properties_format
}| Name | Type | Required | Description |
|---|---|---|---|
| id | String | false | Resource ID. |
| name | String | false | Gets name of the resource that is unique within a resource group. This name can be used to access the resource. |
| properties | AzureFirewallApplicationRuleCollectionPropertiesFormat | false | Properties of the azure firewall application rule collection. |
Properties of the application rule collection.
$azure_azure_firewall_application_rule_collection_properties_format = {
action => $azure_azure_firewall_rc_action
priority => "1234 (optional)",
provisioningState => $azure_provisioning_state
rules => $azure_azure_firewall_application_rule
}| Name | Type | Required | Description |
|---|---|---|---|
| action | AzureFirewallRCAction | false | The action type of a rule collection. |
| priority | Integer | false | Priority of the application rule collection resource. |
| provisioningState | ProvisioningState | false | The provisioning state of the resource. |
| rules | AzureFirewallApplicationRule | false | Collection of rules used by a application rule collection. |
Properties of the AzureFirewallRCAction.
$azure_azure_firewall_rc_action = {
type => $azure_azure_firewall_rc_action_type
}| Name | Type | Required | Description |
|---|---|---|---|
| type | AzureFirewallRCActionType | false | The type of action. |
The action type of a rule collection.
$azure_azure_firewall_rc_action_type = {
}| Name | Type | Required | Description |
|---|
The current provisioning state.
$azure_provisioning_state = {
}| Name | Type | Required | Description |
|---|
Properties of an application rule.
$azure_azure_firewall_application_rule = {
description => "description (optional)",
fqdnTags => "fqdnTags (optional)",
name => "name (optional)",
protocols => $azure_azure_firewall_application_rule_protocol
sourceAddresses => "sourceAddresses (optional)",
targetFqdns => "targetFqdns (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| description | String | false | Description of the rule. |
| fqdnTags | Array | false | List of FQDN Tags for this rule. |
| name | String | false | Name of the application rule. |
| protocols | AzureFirewallApplicationRuleProtocol | false | Array of ApplicationRuleProtocols. |
| sourceAddresses | Array | false | List of source IP addresses for this rule. |
| targetFqdns | Array | false | List of FQDNs for this rule. |
Properties of the application rule protocol.
$azure_azure_firewall_application_rule_protocol = {
port => "1234 (optional)",
protocolType => $azure_azure_firewall_application_rule_protocol_type
}| Name | Type | Required | Description |
|---|---|---|---|
| port | Integer | false | Port number for the protocol, cannot be greater than 64000. This field is optional. |
| protocolType | AzureFirewallApplicationRuleProtocolType | false | Protocol type. |
The protocol type of a Application Rule resource.
$azure_azure_firewall_application_rule_protocol_type = {
}| Name | Type | Required | Description |
|---|
Reference to another subresource.
$azure_sub_resource = {
id => "id (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| id | String | false | Resource ID. |
IP addresses associated with azure firewall.
$azure_hub_ip_addresses = {
privateIPAddress => "privateIPAddress (optional)",
publicIPAddresses => $azure_azure_firewall_public_ip_address
}| Name | Type | Required | Description |
|---|---|---|---|
| privateIPAddress | String | false | Private IP Address associated with azure firewall. |
| publicIPAddresses | AzureFirewallPublicIPAddress | false | List of Public IP addresses associated with azure firewall. |
Public IP Address associated with azure firewall.
$azure_azure_firewall_public_ip_address = {
address => "address (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| address | String | false | Public IP Address value. |
IP configuration of an Azure Firewall.
$azure_azure_firewall_ip_configuration = {
id => "id (optional)",
name => "name (optional)",
properties => $azure_azure_firewall_ip_configuration_properties_format
}| Name | Type | Required | Description |
|---|---|---|---|
| id | String | false | Resource ID. |
| name | String | false | Name of the resource that is unique within a resource group. This name can be used to access the resource. |
| properties | AzureFirewallIPConfigurationPropertiesFormat | false | Properties of the azure firewall IP configuration. |
Properties of IP configuration of an Azure Firewall.
$azure_azure_firewall_ip_configuration_properties_format = {
provisioningState => $azure_provisioning_state
publicIPAddress => $azure_sub_resource
subnet => $azure_sub_resource
}| Name | Type | Required | Description |
|---|---|---|---|
| provisioningState | ProvisioningState | false | The provisioning state of the resource. |
| publicIPAddress | SubResource | false | Reference of the PublicIP resource. This field is a mandatory input if subnet is not null. |
| subnet | SubResource | false | Reference of the subnet resource. This resource must be named 'AzureFirewallSubnet'. |
NAT rule collection resource.
$azure_azure_firewall_nat_rule_collection = {
id => "id (optional)",
name => "name (optional)",
properties => $azure_azure_firewall_nat_rule_collection_properties
}| Name | Type | Required | Description |
|---|---|---|---|
| id | String | false | Resource ID. |
| name | String | false | Gets name of the resource that is unique within a resource group. This name can be used to access the resource. |
| properties | AzureFirewallNatRuleCollectionProperties | false | Properties of the azure firewall NAT rule collection. |
Properties of the NAT rule collection.
$azure_azure_firewall_nat_rule_collection_properties = {
action => $azure_azure_firewall_nat_rc_action
priority => "1234 (optional)",
provisioningState => $azure_provisioning_state
rules => $azure_azure_firewall_nat_rule
}| Name | Type | Required | Description |
|---|---|---|---|
| action | AzureFirewallNatRCAction | false | The action type of a NAT rule collection. |
| priority | Integer | false | Priority of the NAT rule collection resource. |
| provisioningState | ProvisioningState | false | The provisioning state of the resource. |
| rules | AzureFirewallNatRule | false | Collection of rules used by a NAT rule collection. |
AzureFirewall NAT Rule Collection Action.
$azure_azure_firewall_nat_rc_action = {
type => $azure_azure_firewall_nat_rc_action_type
}| Name | Type | Required | Description |
|---|---|---|---|
| type | AzureFirewallNatRCActionType | false | The type of action. |
The action type of a NAT rule collection.
$azure_azure_firewall_nat_rc_action_type = {
}| Name | Type | Required | Description |
|---|
Properties of a NAT rule.
$azure_azure_firewall_nat_rule = {
description => "description (optional)",
destinationAddresses => "destinationAddresses (optional)",
destinationPorts => "destinationPorts (optional)",
name => "name (optional)",
protocols => $azure_azure_firewall_network_rule_protocol
sourceAddresses => "sourceAddresses (optional)",
translatedAddress => "translatedAddress (optional)",
translatedPort => "translatedPort (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| description | String | false | Description of the rule. |
| destinationAddresses | Array | false | List of destination IP addresses for this rule. Supports IP ranges, prefixes, and service tags. |
| destinationPorts | Array | false | List of destination ports. |
| name | String | false | Name of the NAT rule. |
| protocols | AzureFirewallNetworkRuleProtocol | false | Array of AzureFirewallNetworkRuleProtocols applicable to this NAT rule. |
| sourceAddresses | Array | false | List of source IP addresses for this rule. |
| translatedAddress | String | false | The translated address for this NAT rule. |
| translatedPort | String | false | The translated port for this NAT rule. |
The protocol of a Network Rule resource.
$azure_azure_firewall_network_rule_protocol = {
}| Name | Type | Required | Description |
|---|
Network rule collection resource.
$azure_azure_firewall_network_rule_collection = {
id => "id (optional)",
name => "name (optional)",
properties => $azure_azure_firewall_network_rule_collection_properties_format
}| Name | Type | Required | Description |
|---|---|---|---|
| id | String | false | Resource ID. |
| name | String | false | Gets name of the resource that is unique within a resource group. This name can be used to access the resource. |
| properties | AzureFirewallNetworkRuleCollectionPropertiesFormat | false | Properties of the azure firewall network rule collection. |
Properties of the network rule collection.
$azure_azure_firewall_network_rule_collection_properties_format = {
action => $azure_azure_firewall_rc_action
priority => "1234 (optional)",
provisioningState => $azure_provisioning_state
rules => $azure_azure_firewall_network_rule
}| Name | Type | Required | Description |
|---|---|---|---|
| action | AzureFirewallRCAction | false | The action type of a rule collection. |
| priority | Integer | false | Priority of the network rule collection resource. |
| provisioningState | ProvisioningState | false | The provisioning state of the resource. |
| rules | AzureFirewallNetworkRule | false | Collection of rules used by a network rule collection. |
Properties of the network rule.
$azure_azure_firewall_network_rule = {
description => "description (optional)",
destinationAddresses => "destinationAddresses (optional)",
destinationPorts => "destinationPorts (optional)",
name => "name (optional)",
protocols => $azure_azure_firewall_network_rule_protocol
sourceAddresses => "sourceAddresses (optional)",
}| Name | Type | Required | Description |
|---|---|---|---|
| description | String | false | Description of the rule. |
| destinationAddresses | Array | false | List of destination IP addresses. |
| destinationPorts | Array | false | List of destination ports. |
| name | String | false | Name of the network rule. |
| protocols | AzureFirewallNetworkRuleProtocol | false | Array of AzureFirewallNetworkRuleProtocols. |
| sourceAddresses | Array | false | List of source IP addresses for this rule. |
The operation mode for Threat Intel.
$azure_azure_firewall_threat_intel_mode = {
}| Name | Type | Required | Description |
|---|
Here is a list of endpoints that we use to create, read, update and delete the AzureFirewall
| Operation | Path | Verb | Description | OperationID |
|---|---|---|---|---|
| Create | /subscriptions/%{subscription_id}/resourceGroups/%{resource_group_name}/providers/Microsoft.Network/azureFirewalls/%{azure_firewall_name} |
Put | Creates or updates the specified Azure Firewall. | AzureFirewalls_CreateOrUpdate |
| List - list all | /subscriptions/%{subscription_id}/providers/Microsoft.Network/azureFirewalls |
Get | Gets all the Azure Firewalls in a subscription. | AzureFirewalls_ListAll |
| List - get one | /subscriptions/%{subscription_id}/resourceGroups/%{resource_group_name}/providers/Microsoft.Network/azureFirewalls/%{azure_firewall_name} |
Get | Gets the specified Azure Firewall. | AzureFirewalls_Get |
| List - get list using params | /subscriptions/%{subscription_id}/resourceGroups/%{resource_group_name}/providers/Microsoft.Network/azureFirewalls |
Get | Lists all Azure Firewalls in a resource group. | AzureFirewalls_List |
| Update | /subscriptions/%{subscription_id}/resourceGroups/%{resource_group_name}/providers/Microsoft.Network/azureFirewalls/%{azure_firewall_name} |
Put | Creates or updates the specified Azure Firewall. | AzureFirewalls_CreateOrUpdate |
| Delete | /subscriptions/%{subscription_id}/resourceGroups/%{resource_group_name}/providers/Microsoft.Network/azureFirewalls/%{azure_firewall_name} |
Delete | Deletes the specified Azure Firewall. | AzureFirewalls_Delete |