Firewall
Manages a Firewall Policy Rule Collection Group.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.FirewallPolicy;
import com.pulumi.azure.network.FirewallPolicyArgs;
import com.pulumi.azure.network.FirewallPolicyRuleCollectionGroup;
import com.pulumi.azure.network.FirewallPolicyRuleCollectionGroupArgs;
import com.pulumi.azure.network.inputs.FirewallPolicyRuleCollectionGroupApplicationRuleCollectionArgs;
import com.pulumi.azure.network.inputs.FirewallPolicyRuleCollectionGroupNetworkRuleCollectionArgs;
import com.pulumi.azure.network.inputs.FirewallPolicyRuleCollectionGroupNatRuleCollectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleFirewallPolicy = new FirewallPolicy("exampleFirewallPolicy", FirewallPolicyArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.build());
var exampleFirewallPolicyRuleCollectionGroup = new FirewallPolicyRuleCollectionGroup("exampleFirewallPolicyRuleCollectionGroup", FirewallPolicyRuleCollectionGroupArgs.builder()
.firewallPolicyId(exampleFirewallPolicy.id())
.priority(500)
.applicationRuleCollections(FirewallPolicyRuleCollectionGroupApplicationRuleCollectionArgs.builder()
.name("app_rule_collection1")
.priority(500)
.action("Deny")
.rules(FirewallPolicyRuleCollectionGroupApplicationRuleCollectionRuleArgs.builder()
.name("app_rule_collection1_rule1")
.protocols(
FirewallPolicyRuleCollectionGroupApplicationRuleCollectionRuleProtocolArgs.builder()
.type("Http")
.port(80)
.build(),
FirewallPolicyRuleCollectionGroupApplicationRuleCollectionRuleProtocolArgs.builder()
.type("Https")
.port(443)
.build())
.sourceAddresses("10.0.0.1")
.destinationFqdns("*.microsoft.com")
.build())
.build())
.networkRuleCollections(FirewallPolicyRuleCollectionGroupNetworkRuleCollectionArgs.builder()
.name("network_rule_collection1")
.priority(400)
.action("Deny")
.rules(FirewallPolicyRuleCollectionGroupNetworkRuleCollectionRuleArgs.builder()
.name("network_rule_collection1_rule1")
.protocols(
"TCP",
"UDP")
.sourceAddresses("10.0.0.1")
.destinationAddresses(
"192.168.1.1",
"192.168.1.2")
.destinationPorts(
"80",
"1000-2000")
.build())
.build())
.natRuleCollections(FirewallPolicyRuleCollectionGroupNatRuleCollectionArgs.builder()
.name("nat_rule_collection1")
.priority(300)
.action("Dnat")
.rules(FirewallPolicyRuleCollectionGroupNatRuleCollectionRuleArgs.builder()
.name("nat_rule_collection1_rule1")
.protocols(
"TCP",
"UDP")
.sourceAddresses(
"10.0.0.1",
"10.0.0.2")
.destinationAddress("192.168.1.1")
.destinationPorts("80")
.translatedAddress("192.168.0.1")
.translatedPort("8080")
.build())
.build())
.build());
}
}Content copied to clipboard
Import
Firewall Policy Rule Collection Groups can be imported using the resource id, e.g.
$ pulumi import azure:network/firewallPolicyRuleCollectionGroup:FirewallPolicyRuleCollectionGroup example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/firewallPolicies/policy1/ruleCollectionGroups/gruop1Content copied to clipboard
Properties
Link copied to clipboard