New-AzureRmFirewallNetworkRuleCollection

Reference

Module:: AzureRM.Network

Creates a Azure Firewall Network Collection of Network rules.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

New-AzureRmFirewallNetworkRuleCollection
   -Name <String>
   -Priority <UInt32>
   -Rule <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSAzureFirewallNetworkRule]>
   -ActionType <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzureRmFirewallNetworkRuleCollection cmdlet creates a collection of Firewall Network Rules.

Examples

1: Create a network collection with two rules

$rule1 = New-AzureRmFirewallNetworkRule -Name "all-udp-traffic" -Description "Rule for all UDP traffic" -Protocol UDP -SourceAddress "*" -DestinationAddress "*" -DestinationPort "*"
$rule2 = New-AzureRmFirewallNetworkRule -Name "partial-tcp-rule" -Description "Rule for all TCP traffic from 10.0.0.0 to 60.1.5.0:4040" -Protocol TCP -SourceAddress "10.0.0.0" -DestinationAddress "60.1.5.0" -DestinationPort "4040"
New-AzureRmFirewallNetworkRuleCollection -Name RC1 -Priority 100 -Rule $rule1, $rule2 -ActionType "Allow"

This example creates a collection which will allow all traffic that matches either of the two rules. The first rule is for all UDP traffic. The second rule is for TCP traffic from 10.0.0.0 to 60.1.5.0:4040. If there is another Network rule collection with higher priority (smaller number) which also matches traffic identified in $rule1 or $rule2, the action of the rule collection with higher priority will take in effect instead.

2: Add a rule to a rule collection

$rule1 = New-AzureRmFirewallNetworkRule -Name "all-udp-traffic" -Description "Rule for all UDP traffic" -Protocol UDP -SourceAddress "*" -DestinationAddress "*" -DestinationPort "*"
$ruleCollection = New-AzureRmFirewallNetworkRuleCollection -Name "MyNetworkRuleCollection" -Priority 100 -Rule $rule1 -ActionType "Allow"

$rule2 = New-AzureRmFirewallNetworkRule -Name "partial-tcp-rule" -Description "Rule for all TCP traffic from 10.0.0.0 to 60.1.5.0:4040" -Protocol TCP -SourceAddress "10.0.0.0" -DestinationAddress "60.1.5.0" -DestinationPort "4040"
$ruleCollection.AddRule($rule2)

This example creates a new network rule collection with one rule and then adds a second rule to the rule collection using method AddRule on the rule collection object. Each rule name in a given rule collection must have a unique name and is case insensitive.

3: Get a rule from a rule collection

$rule1 = New-AzureRmFirewallNetworkRule -Name "all-udp-traffic" -Description "Rule for all UDP traffic" -Protocol UDP -SourceAddress "*" -DestinationAddress "*" -DestinationPort "*"
$ruleCollection = New-AzureRmFirewallNetworkRuleCollection -Name "MyNetworkRuleCollection" -Priority 100 -Rule $rule1 -ActionType "Allow"
$getRule=$ruleCollection.GetRuleByName("ALL-UDP-traffic")

This example creates a new network rule collection with one rule and then gets the rule by name, calling method GetRuleByName on the rule collection object. The rule name for method GetRuleByName is case-insensitive.

4: Remove a rule from a rule collection

$rule1 = New-AzureRmFirewallNetworkRule -Name "all-udp-traffic" -Description "Rule for all UDP traffic" -Protocol UDP -SourceAddress "*" -DestinationAddress "*" -DestinationPort "*"
$rule2 = New-AzureRmFirewallNetworkRule -Name "partial-tcp-rule" -Description "Rule for all TCP traffic from 10.0.0.0 to 60.1.5.0:4040" -Protocol TCP -SourceAddress "10.0.0.0" -DestinationAddress "60.1.5.0" -DestinationPort "4040"
$ruleCollection = New-AzureRmFirewallNetworkRuleCollection -Name "MyNetworkRuleCollection" -Priority 100 -Rule $rule1, $rule2 -ActionType "Allow"
$ruleCollection.RemoveRuleByName("ALL-udp-traffic")

This example creates a new network rule collection with two rules and then removes the first rule from the rule collection by calling method RemoveRuleByName on the rule collection object. The rule name for method RemoveRuleByName is case-insensitive.

Parameters

-ActionType

Specifies the action to be taken for traffic matching conditions of this rule. Accepted actions are "Allow" or "Deny".

Type:	String
Accepted values:	Allow, Deny
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:	IAzureContextContainer
Aliases:	AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Name

Specifies the name of this network rule collection. The name must be unique across all network rule collection.

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Priority

Specifies the priority of this rule collection. Priority is a number between 100 and 65000. The smaller the number, the higher the priority.

Type:	UInt32
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Rule

Specifies the list of rules to be grouped under this collection.

Type:	List<T>[PSAzureFirewallNetworkRule]
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

None

This cmdlet does not accept any input.

Outputs

Microsoft.Azure.Commands.Network.Models.PSFirewallNetworkRuleCollection

Share via

New-AzureRmFirewallNetworkRuleCollection

Syntax

Description

Examples

1: Create a network collection with two rules

2: Add a rule to a rule collection

3: Get a rule from a rule collection

4: Remove a rule from a rule collection

Parameters

-ActionType

-Confirm

-DefaultProfile

-Name

-Priority

-Rule

-WhatIf

Inputs

Outputs

Additional resources

Share via

New-AzureRmFirewallNetworkRuleCollection

Syntax

Description

Examples

1: Create a network collection with two rules

2: Add a rule to a rule collection

3: Get a rule from a rule collection

4: Remove a rule from a rule collection

Parameters

-ActionType

-Confirm

-DefaultProfile

-Name

-Priority

-Rule

-WhatIf

Inputs

Outputs

Related Links

Additional resources