다음을 통해 공유


Microsoft.Network firewallPolicies/ruleCollectionGroups 2024-01-01

Bicep resource definition

The firewallPolicies/ruleCollectionGroups resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/firewallPolicies/ruleCollectionGroups resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/firewallPolicies/ruleCollectionGroups@2024-01-01' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    priority: int
    ruleCollections: [
      {
        name: 'string'
        priority: int
        ruleCollectionType: 'string'
        // For remaining properties, see FirewallPolicyRuleCollection objects
      }
    ]
  }
}

FirewallPolicyRuleCollection objects

Set the ruleCollectionType property to specify the type of object.

For FirewallPolicyFilterRuleCollection, use:

{
  action: {
    type: 'string'
  }
  ruleCollectionType: 'FirewallPolicyFilterRuleCollection'
  rules: [
    {
      description: 'string'
      name: 'string'
      ruleType: 'string'
      // For remaining properties, see FirewallPolicyRule objects
    }
  ]
}

For FirewallPolicyNatRuleCollection, use:

{
  action: {
    type: 'string'
  }
  ruleCollectionType: 'FirewallPolicyNatRuleCollection'
  rules: [
    {
      description: 'string'
      name: 'string'
      ruleType: 'string'
      // For remaining properties, see FirewallPolicyRule objects
    }
  ]
}

FirewallPolicyRule objects

Set the ruleType property to specify the type of object.

For ApplicationRule, use:

{
  destinationAddresses: [
    'string'
  ]
  fqdnTags: [
    'string'
  ]
  httpHeadersToInsert: [
    {
      headerName: 'string'
      headerValue: 'string'
    }
  ]
  protocols: [
    {
      port: int
      protocolType: 'string'
    }
  ]
  ruleType: 'ApplicationRule'
  sourceAddresses: [
    'string'
  ]
  sourceIpGroups: [
    'string'
  ]
  targetFqdns: [
    'string'
  ]
  targetUrls: [
    'string'
  ]
  terminateTLS: bool
  webCategories: [
    'string'
  ]
}

For NatRule, use:

{
  destinationAddresses: [
    'string'
  ]
  destinationPorts: [
    'string'
  ]
  ipProtocols: [
    'string'
  ]
  ruleType: 'NatRule'
  sourceAddresses: [
    'string'
  ]
  sourceIpGroups: [
    'string'
  ]
  translatedAddress: 'string'
  translatedFqdn: 'string'
  translatedPort: 'string'
}

For NetworkRule, use:

{
  destinationAddresses: [
    'string'
  ]
  destinationFqdns: [
    'string'
  ]
  destinationIpGroups: [
    'string'
  ]
  destinationPorts: [
    'string'
  ]
  ipProtocols: [
    'string'
  ]
  ruleType: 'NetworkRule'
  sourceAddresses: [
    'string'
  ]
  sourceIpGroups: [
    'string'
  ]
}

Property values

ApplicationRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
fqdnTags List of FQDN Tags for this rule. string[]
httpHeadersToInsert List of HTTP/S headers to insert. FirewallPolicyHttpHeaderToInsert[]
protocols Array of Application Protocols. FirewallPolicyRuleApplicationProtocol[]
ruleType Rule Type. 'ApplicationRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
targetFqdns List of FQDNs for this rule. string[]
targetUrls List of Urls for this rule condition. string[]
terminateTLS Terminate TLS connections for this rule. bool
webCategories List of destination azure web categories. string[]

FirewallPolicyFilterRuleCollection

Name Description Value
action The action type of a Filter rule collection. FirewallPolicyFilterRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyFilterRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyFilterRuleCollectionAction

Name Description Value
type The type of action. 'Allow'
'Deny'

FirewallPolicyHttpHeaderToInsert

Name Description Value
headerName Contains the name of the header string
headerValue Contains the value of the header string

FirewallPolicyNatRuleCollection

Name Description Value
action The action type of a Nat rule collection. FirewallPolicyNatRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyNatRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyNatRuleCollectionAction

Name Description Value
type The type of action. 'DNAT'

FirewallPolicyRule

Name Description Value
description Description of the rule. string
name Name of the rule. string
ruleType Set to 'ApplicationRule' for type ApplicationRule. Set to 'NatRule' for type NatRule. Set to 'NetworkRule' for type NetworkRule. 'ApplicationRule'
'NatRule'
'NetworkRule' (required)

FirewallPolicyRuleApplicationProtocol

Name Description Value
port Port number for the protocol, cannot be greater than 64000. int

Constraints:
Min value = 0
Max value = 64000
protocolType Protocol type. 'Http'
'Https'

FirewallPolicyRuleCollection

Name Description Value
name The name of the rule collection. string
priority Priority of the Firewall Policy Rule Collection resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollectionType Set to 'FirewallPolicyFilterRuleCollection' for type FirewallPolicyFilterRuleCollection. Set to 'FirewallPolicyNatRuleCollection' for type FirewallPolicyNatRuleCollection. 'FirewallPolicyFilterRuleCollection'
'FirewallPolicyNatRuleCollection' (required)

FirewallPolicyRuleCollectionGroupProperties

Name Description Value
priority Priority of the Firewall Policy Rule Collection Group resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollections Group of Firewall Policy rule collections. FirewallPolicyRuleCollection[]

Microsoft.Network/firewallPolicies/ruleCollectionGroups

Name Description Value
name The resource name string (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: firewallPolicies
properties The properties of the firewall policy rule collection group. FirewallPolicyRuleCollectionGroupProperties

NatRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NatRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
translatedAddress The translated address for this NAT rule. string
translatedFqdn The translated FQDN for this NAT rule. string
translatedPort The translated port for this NAT rule. string

NetworkRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationFqdns List of destination FQDNs. string[]
destinationIpGroups List of destination IpGroups for this rule. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NetworkRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]

Quickstart samples

The following quickstart samples deploy this resource type.

Bicep File Description
Create a Firewall and FirewallPolicy with Rules and Ipgroups This template deploys an Azure Firewall with Firewall Policy (including multiple application and network rules) referencing IP Groups in application and network rules.
Secured virtual hubs This template creates a secured virtual hub using Azure Firewall to secure your cloud network traffic destined to the Internet.
SharePoint Subscription / 2019 / 2016 fully configured Create a DC, a SQL Server 2022, and from 1 to 5 server(s) hosting a SharePoint Subscription / 2019 / 2016 farm with an extensive configuration, including trusted authentication, user profiles with personal sites, an OAuth trust (using a certificate), a dedicated IIS site for hosting high-trust add-ins, etc... The latest version of key softwares (including Fiddler, vscode, np++, 7zip, ULS Viewer) is installed. SharePoint machines have additional fine-tuning to make them immediately usable (remote administration tools, custom policies for Edge and Chrome, shortcuts, etc...).
Testing environment for Azure Firewall Premium This template creates an Azure Firewall Premium and Firewall Policy with premium features such as Intrusion Inspection Detection (IDPS), TLS inspection and Web Category filtering
Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering.

ARM template resource definition

The firewallPolicies/ruleCollectionGroups resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/firewallPolicies/ruleCollectionGroups resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/firewallPolicies/ruleCollectionGroups",
  "apiVersion": "2024-01-01",
  "name": "string",
  "properties": {
    "priority": "int",
    "ruleCollections": [ {
      "name": "string",
      "priority": "int",
      "ruleCollectionType": "string"
      // For remaining properties, see FirewallPolicyRuleCollection objects
    } ]
  }
}

FirewallPolicyRuleCollection objects

Set the ruleCollectionType property to specify the type of object.

For FirewallPolicyFilterRuleCollection, use:

{
  "action": {
    "type": "string"
  },
  "ruleCollectionType": "FirewallPolicyFilterRuleCollection",
  "rules": [ {
    "description": "string",
    "name": "string",
    "ruleType": "string"
    // For remaining properties, see FirewallPolicyRule objects
  } ]
}

For FirewallPolicyNatRuleCollection, use:

{
  "action": {
    "type": "string"
  },
  "ruleCollectionType": "FirewallPolicyNatRuleCollection",
  "rules": [ {
    "description": "string",
    "name": "string",
    "ruleType": "string"
    // For remaining properties, see FirewallPolicyRule objects
  } ]
}

FirewallPolicyRule objects

Set the ruleType property to specify the type of object.

For ApplicationRule, use:

{
  "destinationAddresses": [ "string" ],
  "fqdnTags": [ "string" ],
  "httpHeadersToInsert": [
    {
      "headerName": "string",
      "headerValue": "string"
    }
  ],
  "protocols": [
    {
      "port": "int",
      "protocolType": "string"
    }
  ],
  "ruleType": "ApplicationRule",
  "sourceAddresses": [ "string" ],
  "sourceIpGroups": [ "string" ],
  "targetFqdns": [ "string" ],
  "targetUrls": [ "string" ],
  "terminateTLS": "bool",
  "webCategories": [ "string" ]
}

For NatRule, use:

{
  "destinationAddresses": [ "string" ],
  "destinationPorts": [ "string" ],
  "ipProtocols": [ "string" ],
  "ruleType": "NatRule",
  "sourceAddresses": [ "string" ],
  "sourceIpGroups": [ "string" ],
  "translatedAddress": "string",
  "translatedFqdn": "string",
  "translatedPort": "string"
}

For NetworkRule, use:

{
  "destinationAddresses": [ "string" ],
  "destinationFqdns": [ "string" ],
  "destinationIpGroups": [ "string" ],
  "destinationPorts": [ "string" ],
  "ipProtocols": [ "string" ],
  "ruleType": "NetworkRule",
  "sourceAddresses": [ "string" ],
  "sourceIpGroups": [ "string" ]
}

Property values

ApplicationRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
fqdnTags List of FQDN Tags for this rule. string[]
httpHeadersToInsert List of HTTP/S headers to insert. FirewallPolicyHttpHeaderToInsert[]
protocols Array of Application Protocols. FirewallPolicyRuleApplicationProtocol[]
ruleType Rule Type. 'ApplicationRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
targetFqdns List of FQDNs for this rule. string[]
targetUrls List of Urls for this rule condition. string[]
terminateTLS Terminate TLS connections for this rule. bool
webCategories List of destination azure web categories. string[]

FirewallPolicyFilterRuleCollection

Name Description Value
action The action type of a Filter rule collection. FirewallPolicyFilterRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyFilterRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyFilterRuleCollectionAction

Name Description Value
type The type of action. 'Allow'
'Deny'

FirewallPolicyHttpHeaderToInsert

Name Description Value
headerName Contains the name of the header string
headerValue Contains the value of the header string

FirewallPolicyNatRuleCollection

Name Description Value
action The action type of a Nat rule collection. FirewallPolicyNatRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyNatRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyNatRuleCollectionAction

Name Description Value
type The type of action. 'DNAT'

FirewallPolicyRule

Name Description Value
description Description of the rule. string
name Name of the rule. string
ruleType Set to 'ApplicationRule' for type ApplicationRule. Set to 'NatRule' for type NatRule. Set to 'NetworkRule' for type NetworkRule. 'ApplicationRule'
'NatRule'
'NetworkRule' (required)

FirewallPolicyRuleApplicationProtocol

Name Description Value
port Port number for the protocol, cannot be greater than 64000. int

Constraints:
Min value = 0
Max value = 64000
protocolType Protocol type. 'Http'
'Https'

FirewallPolicyRuleCollection

Name Description Value
name The name of the rule collection. string
priority Priority of the Firewall Policy Rule Collection resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollectionType Set to 'FirewallPolicyFilterRuleCollection' for type FirewallPolicyFilterRuleCollection. Set to 'FirewallPolicyNatRuleCollection' for type FirewallPolicyNatRuleCollection. 'FirewallPolicyFilterRuleCollection'
'FirewallPolicyNatRuleCollection' (required)

FirewallPolicyRuleCollectionGroupProperties

Name Description Value
priority Priority of the Firewall Policy Rule Collection Group resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollections Group of Firewall Policy rule collections. FirewallPolicyRuleCollection[]

Microsoft.Network/firewallPolicies/ruleCollectionGroups

Name Description Value
apiVersion The api version '2024-01-01'
name The resource name string (required)
properties The properties of the firewall policy rule collection group. FirewallPolicyRuleCollectionGroupProperties
type The resource type 'Microsoft.Network/firewallPolicies/ruleCollectionGroups'

NatRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NatRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
translatedAddress The translated address for this NAT rule. string
translatedFqdn The translated FQDN for this NAT rule. string
translatedPort The translated port for this NAT rule. string

NetworkRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationFqdns List of destination FQDNs. string[]
destinationIpGroups List of destination IpGroups for this rule. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NetworkRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create a Firewall and FirewallPolicy with Rules and Ipgroups

Deploy to Azure
This template deploys an Azure Firewall with Firewall Policy (including multiple application and network rules) referencing IP Groups in application and network rules.
Secured virtual hubs

Deploy to Azure
This template creates a secured virtual hub using Azure Firewall to secure your cloud network traffic destined to the Internet.
SharePoint Subscription / 2019 / 2016 fully configured

Deploy to Azure
Create a DC, a SQL Server 2022, and from 1 to 5 server(s) hosting a SharePoint Subscription / 2019 / 2016 farm with an extensive configuration, including trusted authentication, user profiles with personal sites, an OAuth trust (using a certificate), a dedicated IIS site for hosting high-trust add-ins, etc... The latest version of key softwares (including Fiddler, vscode, np++, 7zip, ULS Viewer) is installed. SharePoint machines have additional fine-tuning to make them immediately usable (remote administration tools, custom policies for Edge and Chrome, shortcuts, etc...).
Testing environment for Azure Firewall Premium

Deploy to Azure
This template creates an Azure Firewall Premium and Firewall Policy with premium features such as Intrusion Inspection Detection (IDPS), TLS inspection and Web Category filtering
Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology

Deploy to Azure
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering.

Terraform (AzAPI provider) resource definition

The firewallPolicies/ruleCollectionGroups resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/firewallPolicies/ruleCollectionGroups resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/firewallPolicies/ruleCollectionGroups@2024-01-01"
  name = "string"
  body = jsonencode({
    properties = {
      priority = int
      ruleCollections = [
        {
          name = "string"
          priority = int
          ruleCollectionType = "string"
          // For remaining properties, see FirewallPolicyRuleCollection objects
        }
      ]
    }
  })
}

FirewallPolicyRuleCollection objects

Set the ruleCollectionType property to specify the type of object.

For FirewallPolicyFilterRuleCollection, use:

{
  action = {
    type = "string"
  }
  ruleCollectionType = "FirewallPolicyFilterRuleCollection"
  rules = [
    {
      description = "string"
      name = "string"
      ruleType = "string"
      // For remaining properties, see FirewallPolicyRule objects
    }
  ]
}

For FirewallPolicyNatRuleCollection, use:

{
  action = {
    type = "string"
  }
  ruleCollectionType = "FirewallPolicyNatRuleCollection"
  rules = [
    {
      description = "string"
      name = "string"
      ruleType = "string"
      // For remaining properties, see FirewallPolicyRule objects
    }
  ]
}

FirewallPolicyRule objects

Set the ruleType property to specify the type of object.

For ApplicationRule, use:

{
  destinationAddresses = [
    "string"
  ]
  fqdnTags = [
    "string"
  ]
  httpHeadersToInsert = [
    {
      headerName = "string"
      headerValue = "string"
    }
  ]
  protocols = [
    {
      port = int
      protocolType = "string"
    }
  ]
  ruleType = "ApplicationRule"
  sourceAddresses = [
    "string"
  ]
  sourceIpGroups = [
    "string"
  ]
  targetFqdns = [
    "string"
  ]
  targetUrls = [
    "string"
  ]
  terminateTLS = bool
  webCategories = [
    "string"
  ]
}

For NatRule, use:

{
  destinationAddresses = [
    "string"
  ]
  destinationPorts = [
    "string"
  ]
  ipProtocols = [
    "string"
  ]
  ruleType = "NatRule"
  sourceAddresses = [
    "string"
  ]
  sourceIpGroups = [
    "string"
  ]
  translatedAddress = "string"
  translatedFqdn = "string"
  translatedPort = "string"
}

For NetworkRule, use:

{
  destinationAddresses = [
    "string"
  ]
  destinationFqdns = [
    "string"
  ]
  destinationIpGroups = [
    "string"
  ]
  destinationPorts = [
    "string"
  ]
  ipProtocols = [
    "string"
  ]
  ruleType = "NetworkRule"
  sourceAddresses = [
    "string"
  ]
  sourceIpGroups = [
    "string"
  ]
}

Property values

ApplicationRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
fqdnTags List of FQDN Tags for this rule. string[]
httpHeadersToInsert List of HTTP/S headers to insert. FirewallPolicyHttpHeaderToInsert[]
protocols Array of Application Protocols. FirewallPolicyRuleApplicationProtocol[]
ruleType Rule Type. 'ApplicationRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
targetFqdns List of FQDNs for this rule. string[]
targetUrls List of Urls for this rule condition. string[]
terminateTLS Terminate TLS connections for this rule. bool
webCategories List of destination azure web categories. string[]

FirewallPolicyFilterRuleCollection

Name Description Value
action The action type of a Filter rule collection. FirewallPolicyFilterRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyFilterRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyFilterRuleCollectionAction

Name Description Value
type The type of action. 'Allow'
'Deny'

FirewallPolicyHttpHeaderToInsert

Name Description Value
headerName Contains the name of the header string
headerValue Contains the value of the header string

FirewallPolicyNatRuleCollection

Name Description Value
action The action type of a Nat rule collection. FirewallPolicyNatRuleCollectionAction
ruleCollectionType The type of the rule collection. 'FirewallPolicyNatRuleCollection' (required)
rules List of rules included in a rule collection. FirewallPolicyRule[]

FirewallPolicyNatRuleCollectionAction

Name Description Value
type The type of action. 'DNAT'

FirewallPolicyRule

Name Description Value
description Description of the rule. string
name Name of the rule. string
ruleType Set to 'ApplicationRule' for type ApplicationRule. Set to 'NatRule' for type NatRule. Set to 'NetworkRule' for type NetworkRule. 'ApplicationRule'
'NatRule'
'NetworkRule' (required)

FirewallPolicyRuleApplicationProtocol

Name Description Value
port Port number for the protocol, cannot be greater than 64000. int

Constraints:
Min value = 0
Max value = 64000
protocolType Protocol type. 'Http'
'Https'

FirewallPolicyRuleCollection

Name Description Value
name The name of the rule collection. string
priority Priority of the Firewall Policy Rule Collection resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollectionType Set to 'FirewallPolicyFilterRuleCollection' for type FirewallPolicyFilterRuleCollection. Set to 'FirewallPolicyNatRuleCollection' for type FirewallPolicyNatRuleCollection. 'FirewallPolicyFilterRuleCollection'
'FirewallPolicyNatRuleCollection' (required)

FirewallPolicyRuleCollectionGroupProperties

Name Description Value
priority Priority of the Firewall Policy Rule Collection Group resource. int

Constraints:
Min value = 100
Max value = 65000
ruleCollections Group of Firewall Policy rule collections. FirewallPolicyRuleCollection[]

Microsoft.Network/firewallPolicies/ruleCollectionGroups

Name Description Value
name The resource name string (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: firewallPolicies
properties The properties of the firewall policy rule collection group. FirewallPolicyRuleCollectionGroupProperties
type The resource type "Microsoft.Network/firewallPolicies/ruleCollectionGroups@2024-01-01"

NatRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NatRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]
translatedAddress The translated address for this NAT rule. string
translatedFqdn The translated FQDN for this NAT rule. string
translatedPort The translated port for this NAT rule. string

NetworkRule

Name Description Value
destinationAddresses List of destination IP addresses or Service Tags. string[]
destinationFqdns List of destination FQDNs. string[]
destinationIpGroups List of destination IpGroups for this rule. string[]
destinationPorts List of destination ports. string[]
ipProtocols Array of FirewallPolicyRuleNetworkProtocols. String array containing any of:
'Any'
'ICMP'
'TCP'
'UDP'
ruleType Rule Type. 'NetworkRule' (required)
sourceAddresses List of source IP addresses for this rule. string[]
sourceIpGroups List of source IpGroups for this rule. string[]