Erstellt oder aktualisiert die angegebene FirewallPolicyRuleCollectionGroup.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}/ruleCollectionGroups/{ruleCollectionGroupName}?api-version=2024-05-01
URI-Parameter
| Name |
In |
Erforderlich |
Typ |
Beschreibung |
|
firewallPolicyName
|
path |
True
|
string
|
Der Name der Firewallrichtlinie.
|
|
resourceGroupName
|
path |
True
|
string
|
Der Name der Ressourcengruppe.
|
|
ruleCollectionGroupName
|
path |
True
|
string
|
Der Name der FirewallPolicyRuleCollectionGroup.
|
|
subscriptionId
|
path |
True
|
string
|
Die Abonnementanmeldeinformationen, die das Microsoft Azure-Abonnement eindeutig identifizieren. Die Abonnement-ID ist Teil des URI für jeden Dienstaufruf.
|
|
api-version
|
query |
True
|
string
|
Client-API-Version.
|
Anforderungstext
| Name |
Typ |
Beschreibung |
|
id
|
string
|
Ressourcen-ID.
|
|
name
|
string
|
Der Name der Ressource, die innerhalb einer Ressourcengruppe eindeutig ist. Dieser Name kann für den Zugriff auf die Ressource verwendet werden.
|
|
properties.priority
|
integer
|
Priorität der Gruppenressource der Firewallrichtlinienregelsammlung.
|
|
properties.ruleCollections
|
FirewallPolicyRuleCollection[]:
|
Gruppe von Firewallrichtlinienregelsammlungen.
|
Antworten
| Name |
Typ |
Beschreibung |
|
200 OK
|
FirewallPolicyRuleCollectionGroup
|
Anforderung erfolgreich. Der Vorgang gibt die resultierende FirewallPolicyRuleCollectionGroup-Ressource zurück.
|
|
201 Created
|
FirewallPolicyRuleCollectionGroup
|
Die Anforderung wurde erfolgreich empfangen. Der Vorgang gibt die resultierende FirewallPolicyRuleCollectionGroup-Ressource zurück.
|
|
Other Status Codes
|
CloudError
|
Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist.
|
Sicherheit
azure_auth
Azure Active Directory OAuth2-Fluss.
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name |
Beschreibung |
|
user_impersonation
|
Identitätswechsel ihres Benutzerkontos
|
Beispiele
Create Firewall Policy Nat Rule Collection Group
Beispielanforderung
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1?api-version=2024-05-01
{
"properties": {
"priority": 100,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyNatRuleCollection",
"priority": 100,
"name": "Example-Nat-Rule-Collection",
"action": {
"type": "DNAT"
},
"rules": [
{
"ruleType": "NatRule",
"name": "nat-rule1",
"translatedFqdn": "internalhttp.server.net",
"translatedPort": "8080",
"ipProtocols": [
"TCP",
"UDP"
],
"sourceAddresses": [
"2.2.2.2"
],
"sourceIpGroups": [],
"destinationAddresses": [
"152.23.32.23"
],
"destinationPorts": [
"8080"
]
}
]
}
]
}
}
import com.azure.resourcemanager.network.fluent.models.FirewallPolicyRuleCollectionGroupInner;
import com.azure.resourcemanager.network.models.FirewallPolicyNatRuleCollection;
import com.azure.resourcemanager.network.models.FirewallPolicyNatRuleCollectionAction;
import com.azure.resourcemanager.network.models.FirewallPolicyNatRuleCollectionActionType;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleNetworkProtocol;
import com.azure.resourcemanager.network.models.NatRule;
import java.util.Arrays;
/**
* Samples for FirewallPolicyRuleCollectionGroups CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
* FirewallPolicyNatRuleCollectionGroupPut.json
*/
/**
* Sample code: Create Firewall Policy Nat Rule Collection Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createFirewallPolicyNatRuleCollectionGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getFirewallPolicyRuleCollectionGroups().createOrUpdate("rg1",
"firewallPolicy", "ruleCollectionGroup1",
new FirewallPolicyRuleCollectionGroupInner().withPriority(100)
.withRuleCollections(Arrays.asList(new FirewallPolicyNatRuleCollection()
.withName("Example-Nat-Rule-Collection").withPriority(100)
.withAction(new FirewallPolicyNatRuleCollectionAction()
.withType(FirewallPolicyNatRuleCollectionActionType.DNAT))
.withRules(Arrays.asList(new NatRule().withName("nat-rule1")
.withIpProtocols(
Arrays.asList(FirewallPolicyRuleNetworkProtocol.TCP, FirewallPolicyRuleNetworkProtocol.UDP))
.withSourceAddresses(Arrays.asList("2.2.2.2"))
.withDestinationAddresses(Arrays.asList("152.23.32.23"))
.withDestinationPorts(Arrays.asList("8080")).withTranslatedPort("8080")
.withSourceIpGroups(Arrays.asList()).withTranslatedFqdn("internalhttp.server.net"))))),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python firewall_policy_nat_rule_collection_group_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.firewall_policy_rule_collection_groups.begin_create_or_update(
resource_group_name="rg1",
firewall_policy_name="firewallPolicy",
rule_collection_group_name="ruleCollectionGroup1",
parameters={
"properties": {
"priority": 100,
"ruleCollections": [
{
"action": {"type": "DNAT"},
"name": "Example-Nat-Rule-Collection",
"priority": 100,
"ruleCollectionType": "FirewallPolicyNatRuleCollection",
"rules": [
{
"destinationAddresses": ["152.23.32.23"],
"destinationPorts": ["8080"],
"ipProtocols": ["TCP", "UDP"],
"name": "nat-rule1",
"ruleType": "NatRule",
"sourceAddresses": ["2.2.2.2"],
"sourceIpGroups": [],
"translatedFqdn": "internalhttp.server.net",
"translatedPort": "8080",
}
],
}
],
}
},
).result()
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyNatRuleCollectionGroupPut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyNatRuleCollectionGroupPut.json
func ExampleFirewallPolicyRuleCollectionGroupsClient_BeginCreateOrUpdate_createFirewallPolicyNatRuleCollectionGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewFirewallPolicyRuleCollectionGroupsClient().BeginCreateOrUpdate(ctx, "rg1", "firewallPolicy", "ruleCollectionGroup1", armnetwork.FirewallPolicyRuleCollectionGroup{
Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
Priority: to.Ptr[int32](100),
RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
&armnetwork.FirewallPolicyNatRuleCollection{
Name: to.Ptr("Example-Nat-Rule-Collection"),
Priority: to.Ptr[int32](100),
RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyNatRuleCollection),
Action: &armnetwork.FirewallPolicyNatRuleCollectionAction{
Type: to.Ptr(armnetwork.FirewallPolicyNatRuleCollectionActionTypeDNAT),
},
Rules: []armnetwork.FirewallPolicyRuleClassification{
&armnetwork.NatRule{
Name: to.Ptr("nat-rule1"),
RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNatRule),
DestinationAddresses: []*string{
to.Ptr("152.23.32.23")},
DestinationPorts: []*string{
to.Ptr("8080")},
IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP),
to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolUDP)},
SourceAddresses: []*string{
to.Ptr("2.2.2.2")},
SourceIPGroups: []*string{},
TranslatedFqdn: to.Ptr("internalhttp.server.net"),
TranslatedPort: to.Ptr("8080"),
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.FirewallPolicyRuleCollectionGroup = armnetwork.FirewallPolicyRuleCollectionGroup{
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1"),
// Name: to.Ptr("ruleCollectionGroup1"),
// Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
// Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
// Priority: to.Ptr[int32](100),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
// &armnetwork.FirewallPolicyNatRuleCollection{
// Name: to.Ptr("Example-Nat-Rule-Collection"),
// Priority: to.Ptr[int32](100),
// RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyNatRuleCollection),
// Action: &armnetwork.FirewallPolicyNatRuleCollectionAction{
// Type: to.Ptr(armnetwork.FirewallPolicyNatRuleCollectionActionTypeDNAT),
// },
// Rules: []armnetwork.FirewallPolicyRuleClassification{
// &armnetwork.NatRule{
// Name: to.Ptr("nat-rule1"),
// RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNatRule),
// DestinationAddresses: []*string{
// to.Ptr("152.23.32.23")},
// DestinationPorts: []*string{
// to.Ptr("8080")},
// IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
// to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP),
// to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolUDP)},
// SourceAddresses: []*string{
// to.Ptr("2.2.2.2")},
// SourceIPGroups: []*string{
// },
// TranslatedFqdn: to.Ptr("internalhttp.server.net"),
// TranslatedPort: to.Ptr("8080"),
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the specified FirewallPolicyRuleCollectionGroup.
*
* @summary Creates or updates the specified FirewallPolicyRuleCollectionGroup.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyNatRuleCollectionGroupPut.json
*/
async function createFirewallPolicyNatRuleCollectionGroup() {
const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const firewallPolicyName = "firewallPolicy";
const ruleCollectionGroupName = "ruleCollectionGroup1";
const parameters = {
priority: 100,
ruleCollections: [
{
name: "Example-Nat-Rule-Collection",
action: { type: "DNAT" },
priority: 100,
ruleCollectionType: "FirewallPolicyNatRuleCollection",
rules: [
{
name: "nat-rule1",
destinationAddresses: ["152.23.32.23"],
destinationPorts: ["8080"],
ipProtocols: ["TCP", "UDP"],
ruleType: "NatRule",
sourceAddresses: ["2.2.2.2"],
sourceIpGroups: [],
translatedFqdn: "internalhttp.server.net",
translatedPort: "8080",
},
],
},
],
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.firewallPolicyRuleCollectionGroups.beginCreateOrUpdateAndWait(
resourceGroupName,
firewallPolicyName,
ruleCollectionGroupName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyNatRuleCollectionGroupPut.json
// this example is just showing the usage of "FirewallPolicyRuleCollectionGroups_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this FirewallPolicyResource created on azure
// for more information of creating FirewallPolicyResource, please refer to the document of FirewallPolicyResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
string firewallPolicyName = "firewallPolicy";
ResourceIdentifier firewallPolicyResourceId = FirewallPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, firewallPolicyName);
FirewallPolicyResource firewallPolicy = client.GetFirewallPolicyResource(firewallPolicyResourceId);
// get the collection of this FirewallPolicyRuleCollectionGroupResource
FirewallPolicyRuleCollectionGroupCollection collection = firewallPolicy.GetFirewallPolicyRuleCollectionGroups();
// invoke the operation
string ruleCollectionGroupName = "ruleCollectionGroup1";
FirewallPolicyRuleCollectionGroupData data = new FirewallPolicyRuleCollectionGroupData
{
Priority = 100,
RuleCollections = {new FirewallPolicyNatRuleCollectionInfo
{
ActionType = FirewallPolicyNatRuleCollectionActionType.Dnat,
Rules = {new NatRule
{
IPProtocols = {FirewallPolicyRuleNetworkProtocol.Tcp, FirewallPolicyRuleNetworkProtocol.Udp},
SourceAddresses = {"2.2.2.2"},
DestinationAddresses = {"152.23.32.23"},
DestinationPorts = {"8080"},
TranslatedPort = "8080",
SourceIPGroups = {},
TranslatedFqdn = "internalhttp.server.net",
Name = "nat-rule1",
}},
Name = "Example-Nat-Rule-Collection",
Priority = 100,
}},
};
ArmOperation<FirewallPolicyRuleCollectionGroupResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, ruleCollectionGroupName, data);
FirewallPolicyRuleCollectionGroupResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
FirewallPolicyRuleCollectionGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 100,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyNatRuleCollection",
"name": "Example-Nat-Rule-Collection",
"priority": 100,
"action": {
"type": "DNAT"
},
"rules": [
{
"ruleType": "NatRule",
"name": "nat-rule1",
"translatedFqdn": "internalhttp.server.net",
"translatedPort": "8080",
"ipProtocols": [
"TCP",
"UDP"
],
"sourceAddresses": [
"2.2.2.2"
],
"sourceIpGroups": [],
"destinationAddresses": [
"152.23.32.23"
],
"destinationPorts": [
"8080"
]
}
]
}
]
}
}
{
"name": "firewallPolicy",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyNatRuleCollection",
"name": "Example-Nat-Rule-Collection",
"priority": 100,
"action": {
"type": "DNAT"
},
"rules": [
{
"ruleType": "NatRule",
"name": "nat-rule1",
"translatedFqdn": "internalhttp.server.net",
"translatedPort": "8080",
"ipProtocols": [
"TCP",
"UDP"
],
"sourceAddresses": [
"2.2.2.2"
],
"sourceIpGroups": [],
"destinationAddresses": [
"152.23.32.23"
],
"destinationPorts": [
"8080"
]
}
]
}
]
}
}
Create Firewall Policy Rule Collection Group
Beispielanforderung
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1?api-version=2024-05-01
{
"properties": {
"priority": 100,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"priority": 100,
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-rule1",
"sourceAddresses": [
"10.1.25.0/24"
],
"destinationAddresses": [
"*"
],
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
]
}
]
}
]
}
}
import com.azure.resourcemanager.network.fluent.models.FirewallPolicyRuleCollectionGroupInner;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollection;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionAction;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionActionType;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleNetworkProtocol;
import com.azure.resourcemanager.network.models.NetworkRule;
import java.util.Arrays;
/**
* Samples for FirewallPolicyRuleCollectionGroups CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
* FirewallPolicyRuleCollectionGroupPut.json
*/
/**
* Sample code: Create Firewall Policy Rule Collection Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createFirewallPolicyRuleCollectionGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getFirewallPolicyRuleCollectionGroups().createOrUpdate("rg1",
"firewallPolicy", "ruleCollectionGroup1",
new FirewallPolicyRuleCollectionGroupInner().withPriority(100)
.withRuleCollections(Arrays.asList(new FirewallPolicyFilterRuleCollection()
.withName("Example-Filter-Rule-Collection").withPriority(100)
.withAction(new FirewallPolicyFilterRuleCollectionAction()
.withType(FirewallPolicyFilterRuleCollectionActionType.DENY))
.withRules(Arrays.asList(new NetworkRule().withName("network-rule1")
.withIpProtocols(Arrays.asList(FirewallPolicyRuleNetworkProtocol.TCP))
.withSourceAddresses(Arrays.asList("10.1.25.0/24")).withDestinationAddresses(Arrays.asList("*"))
.withDestinationPorts(Arrays.asList("*")))))),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python firewall_policy_rule_collection_group_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.firewall_policy_rule_collection_groups.begin_create_or_update(
resource_group_name="rg1",
firewall_policy_name="firewallPolicy",
rule_collection_group_name="ruleCollectionGroup1",
parameters={
"properties": {
"priority": 100,
"ruleCollections": [
{
"action": {"type": "Deny"},
"name": "Example-Filter-Rule-Collection",
"priority": 100,
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"rules": [
{
"destinationAddresses": ["*"],
"destinationPorts": ["*"],
"ipProtocols": ["TCP"],
"name": "network-rule1",
"ruleType": "NetworkRule",
"sourceAddresses": ["10.1.25.0/24"],
}
],
}
],
}
},
).result()
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupPut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupPut.json
func ExampleFirewallPolicyRuleCollectionGroupsClient_BeginCreateOrUpdate_createFirewallPolicyRuleCollectionGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewFirewallPolicyRuleCollectionGroupsClient().BeginCreateOrUpdate(ctx, "rg1", "firewallPolicy", "ruleCollectionGroup1", armnetwork.FirewallPolicyRuleCollectionGroup{
Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
Priority: to.Ptr[int32](100),
RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
&armnetwork.FirewallPolicyFilterRuleCollection{
Name: to.Ptr("Example-Filter-Rule-Collection"),
Priority: to.Ptr[int32](100),
RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
},
Rules: []armnetwork.FirewallPolicyRuleClassification{
&armnetwork.Rule{
Name: to.Ptr("network-rule1"),
RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNetworkRule),
DestinationAddresses: []*string{
to.Ptr("*")},
DestinationPorts: []*string{
to.Ptr("*")},
IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP)},
SourceAddresses: []*string{
to.Ptr("10.1.25.0/24")},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.FirewallPolicyRuleCollectionGroup = armnetwork.FirewallPolicyRuleCollectionGroup{
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1"),
// Name: to.Ptr("ruleCollectionGroup1"),
// Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
// Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
// Priority: to.Ptr[int32](100),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
// &armnetwork.FirewallPolicyFilterRuleCollection{
// Name: to.Ptr("Example-Filter-Rule-Collection"),
// Priority: to.Ptr[int32](100),
// RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
// Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
// Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
// },
// Rules: []armnetwork.FirewallPolicyRuleClassification{
// &armnetwork.Rule{
// Name: to.Ptr("network-rule1"),
// RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNetworkRule),
// DestinationAddresses: []*string{
// to.Ptr("*")},
// DestinationPorts: []*string{
// to.Ptr("*")},
// IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
// to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP)},
// SourceAddresses: []*string{
// to.Ptr("10.1.25.0/24")},
// }},
// }},
// Size: to.Ptr("1.2MB"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the specified FirewallPolicyRuleCollectionGroup.
*
* @summary Creates or updates the specified FirewallPolicyRuleCollectionGroup.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupPut.json
*/
async function createFirewallPolicyRuleCollectionGroup() {
const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const firewallPolicyName = "firewallPolicy";
const ruleCollectionGroupName = "ruleCollectionGroup1";
const parameters = {
priority: 100,
ruleCollections: [
{
name: "Example-Filter-Rule-Collection",
action: { type: "Deny" },
priority: 100,
ruleCollectionType: "FirewallPolicyFilterRuleCollection",
rules: [
{
name: "network-rule1",
destinationAddresses: ["*"],
destinationPorts: ["*"],
ipProtocols: ["TCP"],
ruleType: "NetworkRule",
sourceAddresses: ["10.1.25.0/24"],
},
],
},
],
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.firewallPolicyRuleCollectionGroups.beginCreateOrUpdateAndWait(
resourceGroupName,
firewallPolicyName,
ruleCollectionGroupName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupPut.json
// this example is just showing the usage of "FirewallPolicyRuleCollectionGroups_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this FirewallPolicyResource created on azure
// for more information of creating FirewallPolicyResource, please refer to the document of FirewallPolicyResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
string firewallPolicyName = "firewallPolicy";
ResourceIdentifier firewallPolicyResourceId = FirewallPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, firewallPolicyName);
FirewallPolicyResource firewallPolicy = client.GetFirewallPolicyResource(firewallPolicyResourceId);
// get the collection of this FirewallPolicyRuleCollectionGroupResource
FirewallPolicyRuleCollectionGroupCollection collection = firewallPolicy.GetFirewallPolicyRuleCollectionGroups();
// invoke the operation
string ruleCollectionGroupName = "ruleCollectionGroup1";
FirewallPolicyRuleCollectionGroupData data = new FirewallPolicyRuleCollectionGroupData
{
Priority = 100,
RuleCollections = {new FirewallPolicyFilterRuleCollectionInfo
{
ActionType = FirewallPolicyFilterRuleCollectionActionType.Deny,
Rules = {new NetworkRule
{
IPProtocols = {FirewallPolicyRuleNetworkProtocol.Tcp},
SourceAddresses = {"10.1.25.0/24"},
DestinationAddresses = {"*"},
DestinationPorts = {"*"},
Name = "network-rule1",
}},
Name = "Example-Filter-Rule-Collection",
Priority = 100,
}},
};
ArmOperation<FirewallPolicyRuleCollectionGroupResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, ruleCollectionGroupName, data);
FirewallPolicyRuleCollectionGroupResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
FirewallPolicyRuleCollectionGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"size": "1.2MB",
"provisioningState": "Succeeded",
"priority": 100,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"priority": 100,
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-rule1",
"sourceAddresses": [
"10.1.25.0/24"
],
"destinationAddresses": [
"*"
],
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
]
}
]
}
]
}
}
{
"name": "firewallPolicy",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"size": "1.2MB",
"provisioningState": "Succeeded",
"priority": 100,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"priority": 100,
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-rule1",
"sourceAddresses": [
"10.1.25.0/24"
],
"destinationAddresses": [
"*"
],
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
]
}
]
}
]
}
}
Beispielanforderung
PUT https://management.azure.com/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1?api-version=2024-05-01
{
"properties": {
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Allow"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Insert trusted tenants header",
"protocols": [
{
"protocolType": "Http",
"port": 80
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"fqdnTags": [
"WindowsVirtualDesktop"
],
"httpHeadersToInsert": [
{
"headerName": "Restrict-Access-To-Tenants",
"headerValue": "contoso.com,fabrikam.onmicrosoft.com"
}
]
}
]
}
]
}
}
import com.azure.resourcemanager.network.fluent.models.FirewallPolicyRuleCollectionGroupInner;
import com.azure.resourcemanager.network.models.ApplicationRule;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollection;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionAction;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionActionType;
import com.azure.resourcemanager.network.models.FirewallPolicyHttpHeaderToInsert;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleApplicationProtocol;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleApplicationProtocolType;
import java.util.Arrays;
/**
* Samples for FirewallPolicyRuleCollectionGroups CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
* FirewallPolicyRuleCollectionGroupWithHttpHeadersToInsert.json
*/
/**
* Sample code: Create Firewall Policy Rule Collection Group With http header to insert.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createFirewallPolicyRuleCollectionGroupWithHttpHeaderToInsert(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getFirewallPolicyRuleCollectionGroups()
.createOrUpdate("rg1", "firewallPolicy", "ruleCollectionGroup1",
new FirewallPolicyRuleCollectionGroupInner().withPriority(110)
.withRuleCollections(Arrays
.asList(new FirewallPolicyFilterRuleCollection().withName("Example-Filter-Rule-Collection")
.withAction(new FirewallPolicyFilterRuleCollectionAction()
.withType(FirewallPolicyFilterRuleCollectionActionType.ALLOW))
.withRules(Arrays.asList(
new ApplicationRule().withName("rule1").withDescription("Insert trusted tenants header")
.withSourceAddresses(Arrays.asList("216.58.216.164", "10.0.0.0/24"))
.withProtocols(Arrays.asList(new FirewallPolicyRuleApplicationProtocol()
.withProtocolType(FirewallPolicyRuleApplicationProtocolType.HTTP).withPort(80)))
.withFqdnTags(Arrays.asList("WindowsVirtualDesktop"))
.withHttpHeadersToInsert(Arrays.asList(new FirewallPolicyHttpHeaderToInsert()
.withHeaderName("Restrict-Access-To-Tenants")
.withHeaderValue("contoso.com,fabrikam.onmicrosoft.com"))))))),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python firewall_policy_rule_collection_group_with_http_headers_to_insert.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="e747cc13-97d4-4a79-b463-42d7f4e558f2",
)
response = client.firewall_policy_rule_collection_groups.begin_create_or_update(
resource_group_name="rg1",
firewall_policy_name="firewallPolicy",
rule_collection_group_name="ruleCollectionGroup1",
parameters={
"properties": {
"priority": 110,
"ruleCollections": [
{
"action": {"type": "Allow"},
"name": "Example-Filter-Rule-Collection",
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"rules": [
{
"description": "Insert trusted tenants header",
"fqdnTags": ["WindowsVirtualDesktop"],
"httpHeadersToInsert": [
{
"headerName": "Restrict-Access-To-Tenants",
"headerValue": "contoso.com,fabrikam.onmicrosoft.com",
}
],
"name": "rule1",
"protocols": [{"port": 80, "protocolType": "Http"}],
"ruleType": "ApplicationRule",
"sourceAddresses": ["216.58.216.164", "10.0.0.0/24"],
}
],
}
],
}
},
).result()
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithHttpHeadersToInsert.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithHttpHeadersToInsert.json
func ExampleFirewallPolicyRuleCollectionGroupsClient_BeginCreateOrUpdate_createFirewallPolicyRuleCollectionGroupWithHttpHeaderToInsert() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewFirewallPolicyRuleCollectionGroupsClient().BeginCreateOrUpdate(ctx, "rg1", "firewallPolicy", "ruleCollectionGroup1", armnetwork.FirewallPolicyRuleCollectionGroup{
Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
Priority: to.Ptr[int32](110),
RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
&armnetwork.FirewallPolicyFilterRuleCollection{
Name: to.Ptr("Example-Filter-Rule-Collection"),
RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeAllow),
},
Rules: []armnetwork.FirewallPolicyRuleClassification{
&armnetwork.ApplicationRule{
Name: to.Ptr("rule1"),
Description: to.Ptr("Insert trusted tenants header"),
RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeApplicationRule),
FqdnTags: []*string{
to.Ptr("WindowsVirtualDesktop")},
HTTPHeadersToInsert: []*armnetwork.FirewallPolicyHTTPHeaderToInsert{
{
HeaderName: to.Ptr("Restrict-Access-To-Tenants"),
HeaderValue: to.Ptr("contoso.com,fabrikam.onmicrosoft.com"),
}},
Protocols: []*armnetwork.FirewallPolicyRuleApplicationProtocol{
{
Port: to.Ptr[int32](80),
ProtocolType: to.Ptr(armnetwork.FirewallPolicyRuleApplicationProtocolTypeHTTP),
}},
SourceAddresses: []*string{
to.Ptr("216.58.216.164"),
to.Ptr("10.0.0.0/24")},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.FirewallPolicyRuleCollectionGroup = armnetwork.FirewallPolicyRuleCollectionGroup{
// ID: to.Ptr("/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1"),
// Name: to.Ptr("ruleCollectionGroup1"),
// Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
// Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
// Priority: to.Ptr[int32](110),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
// &armnetwork.FirewallPolicyFilterRuleCollection{
// Name: to.Ptr("Example-Filter-Rule-Collection"),
// RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
// Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
// Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeAllow),
// },
// Rules: []armnetwork.FirewallPolicyRuleClassification{
// &armnetwork.ApplicationRule{
// Name: to.Ptr("rule1"),
// Description: to.Ptr("Insert trusted tenants header"),
// RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeApplicationRule),
// FqdnTags: []*string{
// to.Ptr("WindowsVirtualDesktop")},
// HTTPHeadersToInsert: []*armnetwork.FirewallPolicyHTTPHeaderToInsert{
// {
// HeaderName: to.Ptr("Restrict-Access-To-Tenants"),
// HeaderValue: to.Ptr("contoso.com,fabrikam.onmicrosoft.com"),
// }},
// Protocols: []*armnetwork.FirewallPolicyRuleApplicationProtocol{
// {
// Port: to.Ptr[int32](80),
// ProtocolType: to.Ptr(armnetwork.FirewallPolicyRuleApplicationProtocolTypeHTTP),
// }},
// SourceAddresses: []*string{
// to.Ptr("216.58.216.164"),
// to.Ptr("10.0.0.0/24")},
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the specified FirewallPolicyRuleCollectionGroup.
*
* @summary Creates or updates the specified FirewallPolicyRuleCollectionGroup.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithHttpHeadersToInsert.json
*/
async function createFirewallPolicyRuleCollectionGroupWithHttpHeaderToInsert() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "e747cc13-97d4-4a79-b463-42d7f4e558f2";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const firewallPolicyName = "firewallPolicy";
const ruleCollectionGroupName = "ruleCollectionGroup1";
const parameters = {
priority: 110,
ruleCollections: [
{
name: "Example-Filter-Rule-Collection",
action: { type: "Allow" },
ruleCollectionType: "FirewallPolicyFilterRuleCollection",
rules: [
{
name: "rule1",
description: "Insert trusted tenants header",
fqdnTags: ["WindowsVirtualDesktop"],
httpHeadersToInsert: [
{
headerName: "Restrict-Access-To-Tenants",
headerValue: "contoso.com,fabrikam.onmicrosoft.com",
},
],
protocols: [{ port: 80, protocolType: "Http" }],
ruleType: "ApplicationRule",
sourceAddresses: ["216.58.216.164", "10.0.0.0/24"],
},
],
},
],
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.firewallPolicyRuleCollectionGroups.beginCreateOrUpdateAndWait(
resourceGroupName,
firewallPolicyName,
ruleCollectionGroupName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithHttpHeadersToInsert.json
// this example is just showing the usage of "FirewallPolicyRuleCollectionGroups_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this FirewallPolicyResource created on azure
// for more information of creating FirewallPolicyResource, please refer to the document of FirewallPolicyResource
string subscriptionId = "e747cc13-97d4-4a79-b463-42d7f4e558f2";
string resourceGroupName = "rg1";
string firewallPolicyName = "firewallPolicy";
ResourceIdentifier firewallPolicyResourceId = FirewallPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, firewallPolicyName);
FirewallPolicyResource firewallPolicy = client.GetFirewallPolicyResource(firewallPolicyResourceId);
// get the collection of this FirewallPolicyRuleCollectionGroupResource
FirewallPolicyRuleCollectionGroupCollection collection = firewallPolicy.GetFirewallPolicyRuleCollectionGroups();
// invoke the operation
string ruleCollectionGroupName = "ruleCollectionGroup1";
FirewallPolicyRuleCollectionGroupData data = new FirewallPolicyRuleCollectionGroupData
{
Priority = 110,
RuleCollections = {new FirewallPolicyFilterRuleCollectionInfo
{
ActionType = FirewallPolicyFilterRuleCollectionActionType.Allow,
Rules = {new ApplicationRule
{
SourceAddresses = {"216.58.216.164", "10.0.0.0/24"},
Protocols = {new FirewallPolicyRuleApplicationProtocol
{
ProtocolType = FirewallPolicyRuleApplicationProtocolType.Http,
Port = 80,
}},
FqdnTags = {"WindowsVirtualDesktop"},
HttpHeadersToInsert = {new FirewallPolicyHttpHeaderToInsert
{
HeaderName = "Restrict-Access-To-Tenants",
HeaderValue = "contoso.com,fabrikam.onmicrosoft.com",
}},
Name = "rule1",
Description = "Insert trusted tenants header",
}},
Name = "Example-Filter-Rule-Collection",
}},
};
ArmOperation<FirewallPolicyRuleCollectionGroupResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, ruleCollectionGroupName, data);
FirewallPolicyRuleCollectionGroupResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
FirewallPolicyRuleCollectionGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Allow"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Insert trusted tenants header",
"protocols": [
{
"protocolType": "Http",
"port": 80
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"fqdnTags": [
"WindowsVirtualDesktop"
],
"httpHeadersToInsert": [
{
"headerName": "Restrict-Access-To-Tenants",
"headerValue": "contoso.com,fabrikam.onmicrosoft.com"
}
]
}
]
}
]
}
}
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Allow"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Insert trusted tenants header",
"protocols": [
{
"protocolType": "Http",
"port": 80
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"fqdnTags": [
"WindowsVirtualDesktop"
],
"httpHeadersToInsert": [
{
"headerName": "Restrict-Access-To-Tenants",
"headerValue": "contoso.com,fabrikam.onmicrosoft.com"
}
]
}
]
}
]
}
}
Create Firewall Policy Rule Collection Group With IP Groups
Beispielanforderung
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1?api-version=2024-05-01
{
"properties": {
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-1",
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
],
"sourceIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"
],
"destinationIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2"
]
}
]
}
]
}
}
import com.azure.resourcemanager.network.fluent.models.FirewallPolicyRuleCollectionGroupInner;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollection;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionAction;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionActionType;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleNetworkProtocol;
import com.azure.resourcemanager.network.models.NetworkRule;
import java.util.Arrays;
/**
* Samples for FirewallPolicyRuleCollectionGroups CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
* FirewallPolicyRuleCollectionGroupWithIpGroupsPut.json
*/
/**
* Sample code: Create Firewall Policy Rule Collection Group With IP Groups.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createFirewallPolicyRuleCollectionGroupWithIPGroups(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getFirewallPolicyRuleCollectionGroups().createOrUpdate("rg1",
"firewallPolicy", "ruleCollectionGroup1",
new FirewallPolicyRuleCollectionGroupInner().withPriority(110)
.withRuleCollections(Arrays.asList(new FirewallPolicyFilterRuleCollection()
.withName("Example-Filter-Rule-Collection")
.withAction(new FirewallPolicyFilterRuleCollectionAction()
.withType(FirewallPolicyFilterRuleCollectionActionType.DENY))
.withRules(Arrays.asList(new NetworkRule().withName("network-1")
.withIpProtocols(Arrays.asList(FirewallPolicyRuleNetworkProtocol.TCP))
.withDestinationPorts(Arrays.asList("*"))
.withSourceIpGroups(Arrays.asList(
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"))
.withDestinationIpGroups(Arrays.asList(
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2")))))),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python firewall_policy_rule_collection_group_with_ip_groups_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.firewall_policy_rule_collection_groups.begin_create_or_update(
resource_group_name="rg1",
firewall_policy_name="firewallPolicy",
rule_collection_group_name="ruleCollectionGroup1",
parameters={
"properties": {
"priority": 110,
"ruleCollections": [
{
"action": {"type": "Deny"},
"name": "Example-Filter-Rule-Collection",
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"rules": [
{
"destinationIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2"
],
"destinationPorts": ["*"],
"ipProtocols": ["TCP"],
"name": "network-1",
"ruleType": "NetworkRule",
"sourceIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"
],
}
],
}
],
}
},
).result()
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithIpGroupsPut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithIpGroupsPut.json
func ExampleFirewallPolicyRuleCollectionGroupsClient_BeginCreateOrUpdate_createFirewallPolicyRuleCollectionGroupWithIpGroups() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewFirewallPolicyRuleCollectionGroupsClient().BeginCreateOrUpdate(ctx, "rg1", "firewallPolicy", "ruleCollectionGroup1", armnetwork.FirewallPolicyRuleCollectionGroup{
Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
Priority: to.Ptr[int32](110),
RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
&armnetwork.FirewallPolicyFilterRuleCollection{
Name: to.Ptr("Example-Filter-Rule-Collection"),
RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
},
Rules: []armnetwork.FirewallPolicyRuleClassification{
&armnetwork.Rule{
Name: to.Ptr("network-1"),
RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNetworkRule),
DestinationIPGroups: []*string{
to.Ptr("/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2")},
DestinationPorts: []*string{
to.Ptr("*")},
IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP)},
SourceIPGroups: []*string{
to.Ptr("/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1")},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.FirewallPolicyRuleCollectionGroup = armnetwork.FirewallPolicyRuleCollectionGroup{
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1"),
// Name: to.Ptr("ruleCollectionGroup1"),
// Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
// Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
// Priority: to.Ptr[int32](110),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
// &armnetwork.FirewallPolicyFilterRuleCollection{
// Name: to.Ptr("Example-Filter-Rule-Collection"),
// RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
// Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
// Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
// },
// Rules: []armnetwork.FirewallPolicyRuleClassification{
// &armnetwork.Rule{
// Name: to.Ptr("network-1"),
// RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeNetworkRule),
// DestinationIPGroups: []*string{
// to.Ptr("/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2")},
// DestinationPorts: []*string{
// to.Ptr("*")},
// IPProtocols: []*armnetwork.FirewallPolicyRuleNetworkProtocol{
// to.Ptr(armnetwork.FirewallPolicyRuleNetworkProtocolTCP)},
// SourceIPGroups: []*string{
// to.Ptr("/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1")},
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the specified FirewallPolicyRuleCollectionGroup.
*
* @summary Creates or updates the specified FirewallPolicyRuleCollectionGroup.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithIpGroupsPut.json
*/
async function createFirewallPolicyRuleCollectionGroupWithIPGroups() {
const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const firewallPolicyName = "firewallPolicy";
const ruleCollectionGroupName = "ruleCollectionGroup1";
const parameters = {
priority: 110,
ruleCollections: [
{
name: "Example-Filter-Rule-Collection",
action: { type: "Deny" },
ruleCollectionType: "FirewallPolicyFilterRuleCollection",
rules: [
{
name: "network-1",
destinationIpGroups: [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2",
],
destinationPorts: ["*"],
ipProtocols: ["TCP"],
ruleType: "NetworkRule",
sourceIpGroups: [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1",
],
},
],
},
],
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.firewallPolicyRuleCollectionGroups.beginCreateOrUpdateAndWait(
resourceGroupName,
firewallPolicyName,
ruleCollectionGroupName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithIpGroupsPut.json
// this example is just showing the usage of "FirewallPolicyRuleCollectionGroups_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this FirewallPolicyResource created on azure
// for more information of creating FirewallPolicyResource, please refer to the document of FirewallPolicyResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
string firewallPolicyName = "firewallPolicy";
ResourceIdentifier firewallPolicyResourceId = FirewallPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, firewallPolicyName);
FirewallPolicyResource firewallPolicy = client.GetFirewallPolicyResource(firewallPolicyResourceId);
// get the collection of this FirewallPolicyRuleCollectionGroupResource
FirewallPolicyRuleCollectionGroupCollection collection = firewallPolicy.GetFirewallPolicyRuleCollectionGroups();
// invoke the operation
string ruleCollectionGroupName = "ruleCollectionGroup1";
FirewallPolicyRuleCollectionGroupData data = new FirewallPolicyRuleCollectionGroupData
{
Priority = 110,
RuleCollections = {new FirewallPolicyFilterRuleCollectionInfo
{
ActionType = FirewallPolicyFilterRuleCollectionActionType.Deny,
Rules = {new NetworkRule
{
IPProtocols = {FirewallPolicyRuleNetworkProtocol.Tcp},
DestinationPorts = {"*"},
SourceIPGroups = {"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"},
DestinationIPGroups = {"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2"},
Name = "network-1",
}},
Name = "Example-Filter-Rule-Collection",
}},
};
ArmOperation<FirewallPolicyRuleCollectionGroupResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, ruleCollectionGroupName, data);
FirewallPolicyRuleCollectionGroupResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
FirewallPolicyRuleCollectionGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-1",
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
],
"sourceIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"
],
"destinationIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2"
]
}
]
}
]
}
}
{
"name": "firewallPolicy",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "NetworkRule",
"name": "network-1",
"ipProtocols": [
"TCP"
],
"destinationPorts": [
"*"
],
"sourceIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups1"
],
"destinationIpGroups": [
"/subscriptions/subid/providers/Microsoft.Network/resourceGroup/rg1/ipGroups/ipGroups2"
]
}
]
}
]
}
}
Create Firewall Policy Rule Collection Group With Web Categories
Beispielanforderung
PUT https://management.azure.com/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1?api-version=2024-05-01
{
"properties": {
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Deny inbound rule",
"protocols": [
{
"protocolType": "Https",
"port": 443
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"webCategories": [
"Hacking"
]
}
]
}
]
}
}
import com.azure.resourcemanager.network.fluent.models.FirewallPolicyRuleCollectionGroupInner;
import com.azure.resourcemanager.network.models.ApplicationRule;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollection;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionAction;
import com.azure.resourcemanager.network.models.FirewallPolicyFilterRuleCollectionActionType;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleApplicationProtocol;
import com.azure.resourcemanager.network.models.FirewallPolicyRuleApplicationProtocolType;
import java.util.Arrays;
/**
* Samples for FirewallPolicyRuleCollectionGroups CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/
* FirewallPolicyRuleCollectionGroupWithWebCategoriesPut.json
*/
/**
* Sample code: Create Firewall Policy Rule Collection Group With Web Categories.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createFirewallPolicyRuleCollectionGroupWithWebCategories(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getFirewallPolicyRuleCollectionGroups().createOrUpdate("rg1",
"firewallPolicy", "ruleCollectionGroup1",
new FirewallPolicyRuleCollectionGroupInner().withPriority(110)
.withRuleCollections(Arrays.asList(new FirewallPolicyFilterRuleCollection()
.withName("Example-Filter-Rule-Collection")
.withAction(new FirewallPolicyFilterRuleCollectionAction()
.withType(FirewallPolicyFilterRuleCollectionActionType.DENY))
.withRules(
Arrays.asList(new ApplicationRule().withName("rule1").withDescription("Deny inbound rule")
.withSourceAddresses(Arrays.asList("216.58.216.164", "10.0.0.0/24"))
.withProtocols(Arrays.asList(new FirewallPolicyRuleApplicationProtocol()
.withProtocolType(FirewallPolicyRuleApplicationProtocolType.HTTPS).withPort(443)))
.withWebCategories(Arrays.asList("Hacking")))))),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python firewall_policy_rule_collection_group_with_web_categories_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="e747cc13-97d4-4a79-b463-42d7f4e558f2",
)
response = client.firewall_policy_rule_collection_groups.begin_create_or_update(
resource_group_name="rg1",
firewall_policy_name="firewallPolicy",
rule_collection_group_name="ruleCollectionGroup1",
parameters={
"properties": {
"priority": 110,
"ruleCollections": [
{
"action": {"type": "Deny"},
"name": "Example-Filter-Rule-Collection",
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"rules": [
{
"description": "Deny inbound rule",
"name": "rule1",
"protocols": [{"port": 443, "protocolType": "Https"}],
"ruleType": "ApplicationRule",
"sourceAddresses": ["216.58.216.164", "10.0.0.0/24"],
"webCategories": ["Hacking"],
}
],
}
],
}
},
).result()
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithWebCategoriesPut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithWebCategoriesPut.json
func ExampleFirewallPolicyRuleCollectionGroupsClient_BeginCreateOrUpdate_createFirewallPolicyRuleCollectionGroupWithWebCategories() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewFirewallPolicyRuleCollectionGroupsClient().BeginCreateOrUpdate(ctx, "rg1", "firewallPolicy", "ruleCollectionGroup1", armnetwork.FirewallPolicyRuleCollectionGroup{
Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
Priority: to.Ptr[int32](110),
RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
&armnetwork.FirewallPolicyFilterRuleCollection{
Name: to.Ptr("Example-Filter-Rule-Collection"),
RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
},
Rules: []armnetwork.FirewallPolicyRuleClassification{
&armnetwork.ApplicationRule{
Name: to.Ptr("rule1"),
Description: to.Ptr("Deny inbound rule"),
RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeApplicationRule),
Protocols: []*armnetwork.FirewallPolicyRuleApplicationProtocol{
{
Port: to.Ptr[int32](443),
ProtocolType: to.Ptr(armnetwork.FirewallPolicyRuleApplicationProtocolTypeHTTPS),
}},
SourceAddresses: []*string{
to.Ptr("216.58.216.164"),
to.Ptr("10.0.0.0/24")},
WebCategories: []*string{
to.Ptr("Hacking")},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.FirewallPolicyRuleCollectionGroup = armnetwork.FirewallPolicyRuleCollectionGroup{
// ID: to.Ptr("/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1"),
// Name: to.Ptr("ruleCollectionGroup1"),
// Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
// Properties: &armnetwork.FirewallPolicyRuleCollectionGroupProperties{
// Priority: to.Ptr[int32](110),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// RuleCollections: []armnetwork.FirewallPolicyRuleCollectionClassification{
// &armnetwork.FirewallPolicyFilterRuleCollection{
// Name: to.Ptr("Example-Filter-Rule-Collection"),
// RuleCollectionType: to.Ptr(armnetwork.FirewallPolicyRuleCollectionTypeFirewallPolicyFilterRuleCollection),
// Action: &armnetwork.FirewallPolicyFilterRuleCollectionAction{
// Type: to.Ptr(armnetwork.FirewallPolicyFilterRuleCollectionActionTypeDeny),
// },
// Rules: []armnetwork.FirewallPolicyRuleClassification{
// &armnetwork.ApplicationRule{
// Name: to.Ptr("rule1"),
// Description: to.Ptr("Deny inbound rule"),
// RuleType: to.Ptr(armnetwork.FirewallPolicyRuleTypeApplicationRule),
// Protocols: []*armnetwork.FirewallPolicyRuleApplicationProtocol{
// {
// Port: to.Ptr[int32](443),
// ProtocolType: to.Ptr(armnetwork.FirewallPolicyRuleApplicationProtocolTypeHTTPS),
// }},
// SourceAddresses: []*string{
// to.Ptr("216.58.216.164"),
// to.Ptr("10.0.0.0/24")},
// WebCategories: []*string{
// to.Ptr("Hacking")},
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the specified FirewallPolicyRuleCollectionGroup.
*
* @summary Creates or updates the specified FirewallPolicyRuleCollectionGroup.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithWebCategoriesPut.json
*/
async function createFirewallPolicyRuleCollectionGroupWithWebCategories() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "e747cc13-97d4-4a79-b463-42d7f4e558f2";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const firewallPolicyName = "firewallPolicy";
const ruleCollectionGroupName = "ruleCollectionGroup1";
const parameters = {
priority: 110,
ruleCollections: [
{
name: "Example-Filter-Rule-Collection",
action: { type: "Deny" },
ruleCollectionType: "FirewallPolicyFilterRuleCollection",
rules: [
{
name: "rule1",
description: "Deny inbound rule",
protocols: [{ port: 443, protocolType: "Https" }],
ruleType: "ApplicationRule",
sourceAddresses: ["216.58.216.164", "10.0.0.0/24"],
webCategories: ["Hacking"],
},
],
},
],
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.firewallPolicyRuleCollectionGroups.beginCreateOrUpdateAndWait(
resourceGroupName,
firewallPolicyName,
ruleCollectionGroupName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/FirewallPolicyRuleCollectionGroupWithWebCategoriesPut.json
// this example is just showing the usage of "FirewallPolicyRuleCollectionGroups_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this FirewallPolicyResource created on azure
// for more information of creating FirewallPolicyResource, please refer to the document of FirewallPolicyResource
string subscriptionId = "e747cc13-97d4-4a79-b463-42d7f4e558f2";
string resourceGroupName = "rg1";
string firewallPolicyName = "firewallPolicy";
ResourceIdentifier firewallPolicyResourceId = FirewallPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, firewallPolicyName);
FirewallPolicyResource firewallPolicy = client.GetFirewallPolicyResource(firewallPolicyResourceId);
// get the collection of this FirewallPolicyRuleCollectionGroupResource
FirewallPolicyRuleCollectionGroupCollection collection = firewallPolicy.GetFirewallPolicyRuleCollectionGroups();
// invoke the operation
string ruleCollectionGroupName = "ruleCollectionGroup1";
FirewallPolicyRuleCollectionGroupData data = new FirewallPolicyRuleCollectionGroupData
{
Priority = 110,
RuleCollections = {new FirewallPolicyFilterRuleCollectionInfo
{
ActionType = FirewallPolicyFilterRuleCollectionActionType.Deny,
Rules = {new ApplicationRule
{
SourceAddresses = {"216.58.216.164", "10.0.0.0/24"},
Protocols = {new FirewallPolicyRuleApplicationProtocol
{
ProtocolType = FirewallPolicyRuleApplicationProtocolType.Https,
Port = 443,
}},
WebCategories = {"Hacking"},
Name = "rule1",
Description = "Deny inbound rule",
}},
Name = "Example-Filter-Rule-Collection",
}},
};
ArmOperation<FirewallPolicyRuleCollectionGroupResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, ruleCollectionGroupName, data);
FirewallPolicyRuleCollectionGroupResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
FirewallPolicyRuleCollectionGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "ruleCollectionGroup1",
"id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Deny inbound rule",
"protocols": [
{
"protocolType": "Https",
"port": 443
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"webCategories": [
"Hacking"
]
}
]
}
]
}
}
{
"name": "firewallPolicy",
"id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"priority": 110,
"ruleCollections": [
{
"ruleCollectionType": "FirewallPolicyFilterRuleCollection",
"name": "Example-Filter-Rule-Collection",
"action": {
"type": "Deny"
},
"rules": [
{
"ruleType": "ApplicationRule",
"name": "rule1",
"description": "Deny inbound rule",
"protocols": [
{
"protocolType": "Https",
"port": 443
}
],
"sourceAddresses": [
"216.58.216.164",
"10.0.0.0/24"
],
"webCategories": [
"Hacking"
]
}
]
}
]
}
}
Definitionen
ApplicationRule
Objekt
Regel des Typs "Anwendung".
| Name |
Typ |
Beschreibung |
|
description
|
string
|
Beschreibung der Regel.
|
|
destinationAddresses
|
string[]
|
Liste der Ziel-IP-Adressen oder Diensttags.
|
|
fqdnTags
|
string[]
|
Liste der FQDN-Tags für diese Regel.
|
|
httpHeadersToInsert
|
FirewallPolicyHttpHeaderToInsert[]
|
Liste der einzufügenden HTTP/S-Header.
|
|
name
|
string
|
Name der Regel.
|
|
protocols
|
FirewallPolicyRuleApplicationProtocol[]
|
Array von Anwendungsprotokollen.
|
|
ruleType
|
string:
ApplicationRule
|
Regeltyp.
|
|
sourceAddresses
|
string[]
|
Liste der Quell-IP-Adressen für diese Regel.
|
|
sourceIpGroups
|
string[]
|
Liste der Quell-IpGroups für diese Regel.
|
|
targetFqdns
|
string[]
|
Liste der FQDNs für diese Regel.
|
|
targetUrls
|
string[]
|
Liste der URLs für diese Regelbedingung.
|
|
terminateTLS
|
boolean
|
Beenden Sie TLS-Verbindungen für diese Regel.
|
|
webCategories
|
string[]
|
Liste der Ziel-Azure-Webkategorien.
|
CloudError
Objekt
Eine Fehlerantwort des Diensts.
CloudErrorBody
Objekt
Eine Fehlerantwort des Diensts.
| Name |
Typ |
Beschreibung |
|
code
|
string
|
Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollen programmgesteuert genutzt werden.
|
|
details
|
CloudErrorBody[]
|
Eine Liste mit zusätzlichen Details zum Fehler.
|
|
message
|
string
|
Eine Meldung, die den Fehler beschreibt, der für die Anzeige in einer Benutzeroberfläche geeignet ist.
|
|
target
|
string
|
Das Ziel des bestimmten Fehlers. Beispielsweise der Name der Eigenschaft im Fehler.
|
FirewallPolicyFilterRuleCollection
Objekt
Regelsammlung für Firewallrichtlinienfilter.
| Name |
Typ |
Beschreibung |
|
action
|
FirewallPolicyFilterRuleCollectionAction
|
Der Aktionstyp einer Filterregelsammlung.
|
|
name
|
string
|
Der Name der Regelsammlung.
|
|
priority
|
integer
|
Priorität der Firewallrichtlinienregelsammlungsressource.
|
|
ruleCollectionType
|
string:
FirewallPolicyFilterRuleCollection
|
Der Typ der Regelauflistung.
|
|
rules
|
FirewallPolicyRule[]:
|
Liste der regeln, die in einer Regelsammlung enthalten sind.
|
FirewallPolicyFilterRuleCollectionAction
Objekt
Eigenschaften der FirewallPolicyFilterRuleCollectionAction.
FirewallPolicyFilterRuleCollectionActionType
Enumeration
Der Aktionstyp einer Regel.
| Wert |
Beschreibung |
|
Allow
|
|
|
Deny
|
|
Objekt
Name und Wert des einzufügenden HTTP/S-Headers
| Name |
Typ |
Beschreibung |
|
headerName
|
string
|
Enthält den Namen der Kopfzeile.
|
|
headerValue
|
string
|
Enthält den Wert der Kopfzeile.
|
FirewallPolicyNatRuleCollection
Objekt
Nat-Regelsammlung für Firewallrichtlinien.
| Name |
Typ |
Beschreibung |
|
action
|
FirewallPolicyNatRuleCollectionAction
|
Der Aktionstyp einer Nat-Regelauflistung.
|
|
name
|
string
|
Der Name der Regelsammlung.
|
|
priority
|
integer
|
Priorität der Firewallrichtlinienregelsammlungsressource.
|
|
ruleCollectionType
|
string:
FirewallPolicyNatRuleCollection
|
Der Typ der Regelauflistung.
|
|
rules
|
FirewallPolicyRule[]:
|
Liste der regeln, die in einer Regelsammlung enthalten sind.
|
FirewallPolicyNatRuleCollectionAction
Objekt
Eigenschaften der FirewallPolicyNatRuleCollectionAction.
FirewallPolicyNatRuleCollectionActionType
Enumeration
Der Aktionstyp einer Regel.
FirewallPolicyRuleApplicationProtocol
Objekt
Eigenschaften des Anwendungsregelprotokolls.
FirewallPolicyRuleApplicationProtocolType
Enumeration
Der Anwendungsprotokolltyp einer Regel.
| Wert |
Beschreibung |
|
Http
|
|
|
Https
|
|
FirewallPolicyRuleCollectionGroup
Objekt
Regelsammlungsgruppenressource.
| Name |
Typ |
Beschreibung |
|
etag
|
string
|
Eine eindeutige schreibgeschützte Zeichenfolge, die sich ändert, wenn die Ressource aktualisiert wird.
|
|
id
|
string
|
Ressourcen-ID.
|
|
name
|
string
|
Der Name der Ressource, die innerhalb einer Ressourcengruppe eindeutig ist. Dieser Name kann für den Zugriff auf die Ressource verwendet werden.
|
|
properties.priority
|
integer
|
Priorität der Gruppenressource der Firewallrichtlinienregelsammlung.
|
|
properties.provisioningState
|
ProvisioningState
|
Der Bereitstellungsstatus der Gruppenressource der Firewallrichtlinienregelsammlung.
|
|
properties.ruleCollections
|
FirewallPolicyRuleCollection[]:
|
Gruppe von Firewallrichtlinienregelsammlungen.
|
|
properties.size
|
string
|
Eine schreibgeschützte Zeichenfolge, die die Größe der FirewallPolicyRuleCollectionGroupProperties in MB darstellt. (z. B. 1,2 MB)
|
|
type
|
string
|
Regelgruppentyp.
|
FirewallPolicyRuleNetworkProtocol
Enumeration
Das Netzwerkprotokoll einer Regel.
| Wert |
Beschreibung |
|
Any
|
|
|
ICMP
|
|
|
TCP
|
|
|
UDP
|
|
NatRule
Objekt
Regel vom Typ NAT.
| Name |
Typ |
Beschreibung |
|
description
|
string
|
Beschreibung der Regel.
|
|
destinationAddresses
|
string[]
|
Liste der Ziel-IP-Adressen oder Diensttags.
|
|
destinationPorts
|
string[]
|
Liste der Zielports.
|
|
ipProtocols
|
FirewallPolicyRuleNetworkProtocol[]
|
Array von FirewallPolicyRuleNetworkProtocols.
|
|
name
|
string
|
Name der Regel.
|
|
ruleType
|
string:
NatRule
|
Regeltyp.
|
|
sourceAddresses
|
string[]
|
Liste der Quell-IP-Adressen für diese Regel.
|
|
sourceIpGroups
|
string[]
|
Liste der Quell-IpGroups für diese Regel.
|
|
translatedAddress
|
string
|
Die übersetzte Adresse für diese NAT-Regel.
|
|
translatedFqdn
|
string
|
Der übersetzte FQDN für diese NAT-Regel.
|
|
translatedPort
|
string
|
Der übersetzte Port für diese NAT-Regel.
|
NetworkRule
Objekt
Regel des Typnetzwerks.
| Name |
Typ |
Beschreibung |
|
description
|
string
|
Beschreibung der Regel.
|
|
destinationAddresses
|
string[]
|
Liste der Ziel-IP-Adressen oder Diensttags.
|
|
destinationFqdns
|
string[]
|
Liste der Ziel-FQDNs.
|
|
destinationIpGroups
|
string[]
|
Liste der Ziel-IpGroups für diese Regel.
|
|
destinationPorts
|
string[]
|
Liste der Zielports.
|
|
ipProtocols
|
FirewallPolicyRuleNetworkProtocol[]
|
Array von FirewallPolicyRuleNetworkProtocols.
|
|
name
|
string
|
Name der Regel.
|
|
ruleType
|
string:
NetworkRule
|
Regeltyp.
|
|
sourceAddresses
|
string[]
|
Liste der Quell-IP-Adressen für diese Regel.
|
|
sourceIpGroups
|
string[]
|
Liste der Quell-IpGroups für diese Regel.
|
ProvisioningState
Enumeration
Der aktuelle Bereitstellungsstatus.
| Wert |
Beschreibung |
|
Deleting
|
|
|
Failed
|
|
|
Succeeded
|
|
|
Updating
|
|