Firewall
Manages a Firewall Policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleFirewallPolicy = new azure.network.FirewallPolicy("example", {
name: "example-policy",
resourceGroupName: example.name,
location: example.location,
});import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_firewall_policy = azure.network.FirewallPolicy("example",
name="example-policy",
resource_group_name=example.name,
location=example.location)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleFirewallPolicy = new Azure.Network.FirewallPolicy("example", new()
{
Name = "example-policy",
ResourceGroupName = example.Name,
Location = example.Location,
});
});package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
_, err = network.NewFirewallPolicy(ctx, "example", &network.FirewallPolicyArgs{
Name: pulumi.String("example-policy"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.FirewallPolicy;
import com.pulumi.azure.network.FirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleFirewallPolicy = new FirewallPolicy("exampleFirewallPolicy", FirewallPolicyArgs.builder()
.name("example-policy")
.resourceGroupName(example.name())
.location(example.location())
.build());
}
}resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleFirewallPolicy:
type: azure:network:FirewallPolicy
name: example
properties:
name: example-policy
resourceGroupName: ${example.name}
location: ${example.location}API Providers
This resource uses the following Azure API Providers:
Microsoft.Network: 2024-05-01
Import
Firewall Policies can be imported using the resource id, e.g.
$ pulumi import azure:network/firewallPolicy:FirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/firewallPolicies/policy1Properties
Whether enable auto learn private ip range.
The ID of the base Firewall Policy.
A list of reference to child Firewall Policies of this Firewall Policy.
A dns block as defined below.
A explicit_proxy block as defined below.
An identity block as defined below.
An insights block as defined below.
A intrusion_detection block as defined below.
A list of private IP ranges to which traffic will not be SNAT.
The name of the Resource Group where the Firewall Policy should exist. Changing this forces a new Firewall Policy to be created.
A list of references to Firewall Policy Rule Collection Groups that belongs to this Firewall Policy.
Whether SQL Redirect traffic filtering is allowed. Enabling this flag requires no rule using ports between 11000-11999.
A threat_intelligence_allowlist block as defined below.
The operation mode for Threat Intelligence. Possible values are Alert, Deny and Off. Defaults to Alert.
A tls_certificate block as defined below.