Azure Native v2.37.0, Apr 15 24

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.37.0 published on Monday, Apr 15, 2024 by Pulumi

pulumi/pulumi-azure-native

azure-native.network.getFirewallPolicy

Explore with Pulumi AI

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.37.0 published on Monday, Apr 15, 2024 by Pulumi

pulumi/pulumi-azure-native

Using getFirewallPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getFirewallPolicy(args: GetFirewallPolicyArgs, opts?: InvokeOptions): Promise<GetFirewallPolicyResult>
function getFirewallPolicyOutput(args: GetFirewallPolicyOutputArgs, opts?: InvokeOptions): Output<GetFirewallPolicyResult>

def get_firewall_policy(expand: Optional[str] = None,
                        firewall_policy_name: Optional[str] = None,
                        resource_group_name: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetFirewallPolicyResult
def get_firewall_policy_output(expand: Optional[pulumi.Input[str]] = None,
                        firewall_policy_name: Optional[pulumi.Input[str]] = None,
                        resource_group_name: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetFirewallPolicyResult]

func LookupFirewallPolicy(ctx *Context, args *LookupFirewallPolicyArgs, opts ...InvokeOption) (*LookupFirewallPolicyResult, error)
func LookupFirewallPolicyOutput(ctx *Context, args *LookupFirewallPolicyOutputArgs, opts ...InvokeOption) LookupFirewallPolicyResultOutput

> Note: This function is named LookupFirewallPolicy in the Go SDK.

public static class GetFirewallPolicy 
{
    public static Task<GetFirewallPolicyResult> InvokeAsync(GetFirewallPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetFirewallPolicyResult> Invoke(GetFirewallPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetFirewallPolicyResult> getFirewallPolicy(GetFirewallPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: azure-native:network:getFirewallPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

FirewallPolicyName string: The name of the Firewall Policy.
ResourceGroupName string: The name of the resource group.
Expand string: Expands referenced resources.

FirewallPolicyName string: The name of the Firewall Policy.
ResourceGroupName string: The name of the resource group.
Expand string: Expands referenced resources.

firewallPolicyName String: The name of the Firewall Policy.
resourceGroupName String: The name of the resource group.
expand String: Expands referenced resources.

firewallPolicyName string: The name of the Firewall Policy.
resourceGroupName string: The name of the resource group.
expand string: Expands referenced resources.

firewall_policy_name str: The name of the Firewall Policy.
resource_group_name str: The name of the resource group.
expand str: Expands referenced resources.

firewallPolicyName String: The name of the Firewall Policy.
resourceGroupName String: The name of the resource group.
expand String: Expands referenced resources.

getFirewallPolicy Result

The following output properties are available:

ChildPolicies List<Pulumi.AzureNative.Network.Outputs.SubResourceResponse>: List of references to Child Firewall Policies.
Etag string: A unique read-only string that changes whenever the resource is updated.
Firewalls List<Pulumi.AzureNative.Network.Outputs.SubResourceResponse>: List of references to Azure Firewalls that this Firewall Policy is associated with.
Name string: Resource name.
ProvisioningState string: The provisioning state of the firewall policy resource.
RuleCollectionGroups List<Pulumi.AzureNative.Network.Outputs.SubResourceResponse>: List of references to FirewallPolicyRuleCollectionGroups.
Type string: Resource type.
BasePolicy Pulumi.AzureNative.Network.Outputs.SubResourceResponse: The parent firewall policy from which rules are inherited.
DnsSettings Pulumi.AzureNative.Network.Outputs.DnsSettingsResponse: DNS Proxy Settings definition.
ExplicitProxy Pulumi.AzureNative.Network.Outputs.ExplicitProxyResponse: Explicit Proxy Settings definition.
Id string: Resource ID.
Identity Pulumi.AzureNative.Network.Outputs.ManagedServiceIdentityResponse: The identity of the firewall policy.
Insights Pulumi.AzureNative.Network.Outputs.FirewallPolicyInsightsResponse: Insights on Firewall Policy.
IntrusionDetection Pulumi.AzureNative.Network.Outputs.FirewallPolicyIntrusionDetectionResponse: The configuration for Intrusion detection.
Location string: Resource location.
Sku Pulumi.AzureNative.Network.Outputs.FirewallPolicySkuResponse: The Firewall Policy SKU.
Snat Pulumi.AzureNative.Network.Outputs.FirewallPolicySNATResponse: The private IP addresses/IP ranges to which traffic will not be SNAT.
Sql Pulumi.AzureNative.Network.Outputs.FirewallPolicySQLResponse: SQL Settings definition.
Tags Dictionary<string, string>: Resource tags.
ThreatIntelMode string: The operation mode for Threat Intelligence.
ThreatIntelWhitelist Pulumi.AzureNative.Network.Outputs.FirewallPolicyThreatIntelWhitelistResponse: ThreatIntel Whitelist for Firewall Policy.
TransportSecurity Pulumi.AzureNative.Network.Outputs.FirewallPolicyTransportSecurityResponse: TLS Configuration definition.

ChildPolicies []SubResourceResponse: List of references to Child Firewall Policies.
Etag string: A unique read-only string that changes whenever the resource is updated.
Firewalls []SubResourceResponse: List of references to Azure Firewalls that this Firewall Policy is associated with.
Name string: Resource name.
ProvisioningState string: The provisioning state of the firewall policy resource.
RuleCollectionGroups []SubResourceResponse: List of references to FirewallPolicyRuleCollectionGroups.
Type string: Resource type.
BasePolicy SubResourceResponse: The parent firewall policy from which rules are inherited.
DnsSettings DnsSettingsResponse: DNS Proxy Settings definition.
ExplicitProxy ExplicitProxyResponse: Explicit Proxy Settings definition.
Id string: Resource ID.
Identity ManagedServiceIdentityResponse: The identity of the firewall policy.
Insights FirewallPolicyInsightsResponse: Insights on Firewall Policy.
IntrusionDetection FirewallPolicyIntrusionDetectionResponse: The configuration for Intrusion detection.
Location string: Resource location.
Sku FirewallPolicySkuResponse: The Firewall Policy SKU.
Snat FirewallPolicySNATResponse: The private IP addresses/IP ranges to which traffic will not be SNAT.
Sql FirewallPolicySQLResponse: SQL Settings definition.
Tags map[string]string: Resource tags.
ThreatIntelMode string: The operation mode for Threat Intelligence.
ThreatIntelWhitelist FirewallPolicyThreatIntelWhitelistResponse: ThreatIntel Whitelist for Firewall Policy.
TransportSecurity FirewallPolicyTransportSecurityResponse: TLS Configuration definition.

childPolicies List<SubResourceResponse>: List of references to Child Firewall Policies.
etag String: A unique read-only string that changes whenever the resource is updated.
firewalls List<SubResourceResponse>: List of references to Azure Firewalls that this Firewall Policy is associated with.
name String: Resource name.
provisioningState String: The provisioning state of the firewall policy resource.
ruleCollectionGroups List<SubResourceResponse>: List of references to FirewallPolicyRuleCollectionGroups.
type String: Resource type.
basePolicy SubResourceResponse: The parent firewall policy from which rules are inherited.
dnsSettings DnsSettingsResponse: DNS Proxy Settings definition.
explicitProxy ExplicitProxyResponse: Explicit Proxy Settings definition.
id String: Resource ID.
identity ManagedServiceIdentityResponse: The identity of the firewall policy.
insights FirewallPolicyInsightsResponse: Insights on Firewall Policy.
intrusionDetection FirewallPolicyIntrusionDetectionResponse: The configuration for Intrusion detection.
location String: Resource location.
sku FirewallPolicySkuResponse: The Firewall Policy SKU.
snat FirewallPolicySNATResponse: The private IP addresses/IP ranges to which traffic will not be SNAT.
sql FirewallPolicySQLResponse: SQL Settings definition.
tags Map<String,String>: Resource tags.
threatIntelMode String: The operation mode for Threat Intelligence.
threatIntelWhitelist FirewallPolicyThreatIntelWhitelistResponse: ThreatIntel Whitelist for Firewall Policy.
transportSecurity FirewallPolicyTransportSecurityResponse: TLS Configuration definition.

childPolicies SubResourceResponse[]: List of references to Child Firewall Policies.
etag string: A unique read-only string that changes whenever the resource is updated.
firewalls SubResourceResponse[]: List of references to Azure Firewalls that this Firewall Policy is associated with.
name string: Resource name.
provisioningState string: The provisioning state of the firewall policy resource.
ruleCollectionGroups SubResourceResponse[]: List of references to FirewallPolicyRuleCollectionGroups.
type string: Resource type.
basePolicy SubResourceResponse: The parent firewall policy from which rules are inherited.
dnsSettings DnsSettingsResponse: DNS Proxy Settings definition.
explicitProxy ExplicitProxyResponse: Explicit Proxy Settings definition.
id string: Resource ID.
identity ManagedServiceIdentityResponse: The identity of the firewall policy.
insights FirewallPolicyInsightsResponse: Insights on Firewall Policy.
intrusionDetection FirewallPolicyIntrusionDetectionResponse: The configuration for Intrusion detection.
location string: Resource location.
sku FirewallPolicySkuResponse: The Firewall Policy SKU.
snat FirewallPolicySNATResponse: The private IP addresses/IP ranges to which traffic will not be SNAT.
sql FirewallPolicySQLResponse: SQL Settings definition.
tags {[key: string]: string}: Resource tags.
threatIntelMode string: The operation mode for Threat Intelligence.
threatIntelWhitelist FirewallPolicyThreatIntelWhitelistResponse: ThreatIntel Whitelist for Firewall Policy.
transportSecurity FirewallPolicyTransportSecurityResponse: TLS Configuration definition.

child_policies Sequence[SubResourceResponse]: List of references to Child Firewall Policies.
etag str: A unique read-only string that changes whenever the resource is updated.
firewalls Sequence[SubResourceResponse]: List of references to Azure Firewalls that this Firewall Policy is associated with.
name str: Resource name.
provisioning_state str: The provisioning state of the firewall policy resource.
rule_collection_groups Sequence[SubResourceResponse]: List of references to FirewallPolicyRuleCollectionGroups.
type str: Resource type.
base_policy SubResourceResponse: The parent firewall policy from which rules are inherited.
dns_settings DnsSettingsResponse: DNS Proxy Settings definition.
explicit_proxy ExplicitProxyResponse: Explicit Proxy Settings definition.
id str: Resource ID.
identity ManagedServiceIdentityResponse: The identity of the firewall policy.
insights FirewallPolicyInsightsResponse: Insights on Firewall Policy.
intrusion_detection FirewallPolicyIntrusionDetectionResponse: The configuration for Intrusion detection.
location str: Resource location.
sku FirewallPolicySkuResponse: The Firewall Policy SKU.
snat FirewallPolicySNATResponse: The private IP addresses/IP ranges to which traffic will not be SNAT.
sql FirewallPolicySQLResponse: SQL Settings definition.
tags Mapping[str, str]: Resource tags.
threat_intel_mode str: The operation mode for Threat Intelligence.
threat_intel_whitelist FirewallPolicyThreatIntelWhitelistResponse: ThreatIntel Whitelist for Firewall Policy.
transport_security FirewallPolicyTransportSecurityResponse: TLS Configuration definition.

childPolicies List<Property Map>: List of references to Child Firewall Policies.
etag String: A unique read-only string that changes whenever the resource is updated.
firewalls List<Property Map>: List of references to Azure Firewalls that this Firewall Policy is associated with.
name String: Resource name.
provisioningState String: The provisioning state of the firewall policy resource.
ruleCollectionGroups List<Property Map>: List of references to FirewallPolicyRuleCollectionGroups.
type String: Resource type.
basePolicy Property Map: The parent firewall policy from which rules are inherited.
dnsSettings Property Map: DNS Proxy Settings definition.
explicitProxy Property Map: Explicit Proxy Settings definition.
id String: Resource ID.
identity Property Map: The identity of the firewall policy.
insights Property Map: Insights on Firewall Policy.
intrusionDetection Property Map: The configuration for Intrusion detection.
location String: Resource location.
sku Property Map: The Firewall Policy SKU.
snat Property Map: The private IP addresses/IP ranges to which traffic will not be SNAT.
sql Property Map: SQL Settings definition.
tags Map<String>: Resource tags.
threatIntelMode String: The operation mode for Threat Intelligence.
threatIntelWhitelist Property Map: ThreatIntel Whitelist for Firewall Policy.
transportSecurity Property Map: TLS Configuration definition.

Supporting Types

DnsSettingsResponse

EnableProxy bool: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
RequireProxyForNetworkRules bool: FQDNs in Network Rules are supported when set to true.
Servers List<string>: List of Custom DNS Servers.

EnableProxy bool: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
RequireProxyForNetworkRules bool: FQDNs in Network Rules are supported when set to true.
Servers []string: List of Custom DNS Servers.

enableProxy Boolean: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
requireProxyForNetworkRules Boolean: FQDNs in Network Rules are supported when set to true.
servers List<String>: List of Custom DNS Servers.

enableProxy boolean: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
requireProxyForNetworkRules boolean: FQDNs in Network Rules are supported when set to true.
servers string[]: List of Custom DNS Servers.

enable_proxy bool: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
require_proxy_for_network_rules bool: FQDNs in Network Rules are supported when set to true.
servers Sequence[str]: List of Custom DNS Servers.

enableProxy Boolean: Enable DNS Proxy on Firewalls attached to the Firewall Policy.
requireProxyForNetworkRules Boolean: FQDNs in Network Rules are supported when set to true.
servers List<String>: List of Custom DNS Servers.

ExplicitProxyResponse

EnableExplicitProxy bool: When set to true, explicit proxy mode is enabled.
EnablePacFile bool: When set to true, pac file port and url needs to be provided.
HttpPort int: Port number for explicit proxy http protocol, cannot be greater than 64000.
HttpsPort int: Port number for explicit proxy https protocol, cannot be greater than 64000.
PacFile string: SAS URL for PAC file.
PacFilePort int: Port number for firewall to serve PAC file.

EnableExplicitProxy bool: When set to true, explicit proxy mode is enabled.
EnablePacFile bool: When set to true, pac file port and url needs to be provided.
HttpPort int: Port number for explicit proxy http protocol, cannot be greater than 64000.
HttpsPort int: Port number for explicit proxy https protocol, cannot be greater than 64000.
PacFile string: SAS URL for PAC file.
PacFilePort int: Port number for firewall to serve PAC file.

enableExplicitProxy Boolean: When set to true, explicit proxy mode is enabled.
enablePacFile Boolean: When set to true, pac file port and url needs to be provided.
httpPort Integer: Port number for explicit proxy http protocol, cannot be greater than 64000.
httpsPort Integer: Port number for explicit proxy https protocol, cannot be greater than 64000.
pacFile String: SAS URL for PAC file.
pacFilePort Integer: Port number for firewall to serve PAC file.

enableExplicitProxy boolean: When set to true, explicit proxy mode is enabled.
enablePacFile boolean: When set to true, pac file port and url needs to be provided.
httpPort number: Port number for explicit proxy http protocol, cannot be greater than 64000.
httpsPort number: Port number for explicit proxy https protocol, cannot be greater than 64000.
pacFile string: SAS URL for PAC file.
pacFilePort number: Port number for firewall to serve PAC file.

enable_explicit_proxy bool: When set to true, explicit proxy mode is enabled.
enable_pac_file bool: When set to true, pac file port and url needs to be provided.
http_port int: Port number for explicit proxy http protocol, cannot be greater than 64000.
https_port int: Port number for explicit proxy https protocol, cannot be greater than 64000.
pac_file str: SAS URL for PAC file.
pac_file_port int: Port number for firewall to serve PAC file.

enableExplicitProxy Boolean: When set to true, explicit proxy mode is enabled.
enablePacFile Boolean: When set to true, pac file port and url needs to be provided.
httpPort Number: Port number for explicit proxy http protocol, cannot be greater than 64000.
httpsPort Number: Port number for explicit proxy https protocol, cannot be greater than 64000.
pacFile String: SAS URL for PAC file.
pacFilePort Number: Port number for firewall to serve PAC file.

FirewallPolicyCertificateAuthorityResponse

KeyVaultSecretId string: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
Name string: Name of the CA certificate.

KeyVaultSecretId string: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
Name string: Name of the CA certificate.

keyVaultSecretId String: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
name String: Name of the CA certificate.

keyVaultSecretId string: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
name string: Name of the CA certificate.

key_vault_secret_id str: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
name str: Name of the CA certificate.

keyVaultSecretId String: Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
name String: Name of the CA certificate.

FirewallPolicyInsightsResponse

IsEnabled bool: A flag to indicate if the insights are enabled on the policy.
LogAnalyticsResources Pulumi.AzureNative.Network.Inputs.FirewallPolicyLogAnalyticsResourcesResponse: Workspaces needed to configure the Firewall Policy Insights.
RetentionDays int: Number of days the insights should be enabled on the policy.

IsEnabled bool: A flag to indicate if the insights are enabled on the policy.
LogAnalyticsResources FirewallPolicyLogAnalyticsResourcesResponse: Workspaces needed to configure the Firewall Policy Insights.
RetentionDays int: Number of days the insights should be enabled on the policy.

isEnabled Boolean: A flag to indicate if the insights are enabled on the policy.
logAnalyticsResources FirewallPolicyLogAnalyticsResourcesResponse: Workspaces needed to configure the Firewall Policy Insights.
retentionDays Integer: Number of days the insights should be enabled on the policy.

isEnabled boolean: A flag to indicate if the insights are enabled on the policy.
logAnalyticsResources FirewallPolicyLogAnalyticsResourcesResponse: Workspaces needed to configure the Firewall Policy Insights.
retentionDays number: Number of days the insights should be enabled on the policy.

is_enabled bool: A flag to indicate if the insights are enabled on the policy.
log_analytics_resources FirewallPolicyLogAnalyticsResourcesResponse: Workspaces needed to configure the Firewall Policy Insights.
retention_days int: Number of days the insights should be enabled on the policy.

isEnabled Boolean: A flag to indicate if the insights are enabled on the policy.
logAnalyticsResources Property Map: Workspaces needed to configure the Firewall Policy Insights.
retentionDays Number: Number of days the insights should be enabled on the policy.

FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse

Description string: Description of the bypass traffic rule.
DestinationAddresses List<string>: List of destination IP addresses or ranges for this rule.
DestinationIpGroups List<string>: List of destination IpGroups for this rule.
DestinationPorts List<string>: List of destination ports or ranges.
Name string: Name of the bypass traffic rule.
Protocol string: The rule bypass protocol.
SourceAddresses List<string>: List of source IP addresses or ranges for this rule.
SourceIpGroups List<string>: List of source IpGroups for this rule.

Description string: Description of the bypass traffic rule.
DestinationAddresses []string: List of destination IP addresses or ranges for this rule.
DestinationIpGroups []string: List of destination IpGroups for this rule.
DestinationPorts []string: List of destination ports or ranges.
Name string: Name of the bypass traffic rule.
Protocol string: The rule bypass protocol.
SourceAddresses []string: List of source IP addresses or ranges for this rule.
SourceIpGroups []string: List of source IpGroups for this rule.

description String: Description of the bypass traffic rule.
destinationAddresses List<String>: List of destination IP addresses or ranges for this rule.
destinationIpGroups List<String>: List of destination IpGroups for this rule.
destinationPorts List<String>: List of destination ports or ranges.
name String: Name of the bypass traffic rule.
protocol String: The rule bypass protocol.
sourceAddresses List<String>: List of source IP addresses or ranges for this rule.
sourceIpGroups List<String>: List of source IpGroups for this rule.

description string: Description of the bypass traffic rule.
destinationAddresses string[]: List of destination IP addresses or ranges for this rule.
destinationIpGroups string[]: List of destination IpGroups for this rule.
destinationPorts string[]: List of destination ports or ranges.
name string: Name of the bypass traffic rule.
protocol string: The rule bypass protocol.
sourceAddresses string[]: List of source IP addresses or ranges for this rule.
sourceIpGroups string[]: List of source IpGroups for this rule.

description str: Description of the bypass traffic rule.
destination_addresses Sequence[str]: List of destination IP addresses or ranges for this rule.
destination_ip_groups Sequence[str]: List of destination IpGroups for this rule.
destination_ports Sequence[str]: List of destination ports or ranges.
name str: Name of the bypass traffic rule.
protocol str: The rule bypass protocol.
source_addresses Sequence[str]: List of source IP addresses or ranges for this rule.
source_ip_groups Sequence[str]: List of source IpGroups for this rule.

description String: Description of the bypass traffic rule.
destinationAddresses List<String>: List of destination IP addresses or ranges for this rule.
destinationIpGroups List<String>: List of destination IpGroups for this rule.
destinationPorts List<String>: List of destination ports or ranges.
name String: Name of the bypass traffic rule.
protocol String: The rule bypass protocol.
sourceAddresses List<String>: List of source IP addresses or ranges for this rule.
sourceIpGroups List<String>: List of source IpGroups for this rule.

FirewallPolicyIntrusionDetectionConfigurationResponse

BypassTrafficSettings List<Pulumi.AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse>: List of rules for traffic to bypass.
PrivateRanges List<string>: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
SignatureOverrides List<Pulumi.AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionSignatureSpecificationResponse>: List of specific signatures states.

BypassTrafficSettings []FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse: List of rules for traffic to bypass.
PrivateRanges []string: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
SignatureOverrides []FirewallPolicyIntrusionDetectionSignatureSpecificationResponse: List of specific signatures states.

bypassTrafficSettings List<FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse>: List of rules for traffic to bypass.
privateRanges List<String>: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
signatureOverrides List<FirewallPolicyIntrusionDetectionSignatureSpecificationResponse>: List of specific signatures states.

bypassTrafficSettings FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse[]: List of rules for traffic to bypass.
privateRanges string[]: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
signatureOverrides FirewallPolicyIntrusionDetectionSignatureSpecificationResponse[]: List of specific signatures states.

bypass_traffic_settings Sequence[FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse]: List of rules for traffic to bypass.
private_ranges Sequence[str]: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
signature_overrides Sequence[FirewallPolicyIntrusionDetectionSignatureSpecificationResponse]: List of specific signatures states.

bypassTrafficSettings List<Property Map>: List of rules for traffic to bypass.
privateRanges List<String>: IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
signatureOverrides List<Property Map>: List of specific signatures states.

FirewallPolicyIntrusionDetectionResponse

Configuration Pulumi.AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionConfigurationResponse: Intrusion detection configuration properties.
Mode string: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
Profile string: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

Configuration FirewallPolicyIntrusionDetectionConfigurationResponse: Intrusion detection configuration properties.
Mode string: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
Profile string: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

configuration FirewallPolicyIntrusionDetectionConfigurationResponse: Intrusion detection configuration properties.
mode String: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
profile String: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

configuration FirewallPolicyIntrusionDetectionConfigurationResponse: Intrusion detection configuration properties.
mode string: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
profile string: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

configuration FirewallPolicyIntrusionDetectionConfigurationResponse: Intrusion detection configuration properties.
mode str: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
profile str: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

configuration Property Map: Intrusion detection configuration properties.
mode String: Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
profile String: IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.

FirewallPolicyIntrusionDetectionSignatureSpecificationResponse

Id string: Signature id.
Mode string: The signature state.

Id string: Signature id.
Mode string: The signature state.

id String: Signature id.
mode String: The signature state.

id string: Signature id.
mode string: The signature state.

id str: Signature id.
mode str: The signature state.

id String: Signature id.
mode String: The signature state.

FirewallPolicyLogAnalyticsResourcesResponse

DefaultWorkspaceId Pulumi.AzureNative.Network.Inputs.SubResourceResponse: The default workspace Id for Firewall Policy Insights.
Workspaces List<Pulumi.AzureNative.Network.Inputs.FirewallPolicyLogAnalyticsWorkspaceResponse>: List of workspaces for Firewall Policy Insights.

DefaultWorkspaceId SubResourceResponse: The default workspace Id for Firewall Policy Insights.
Workspaces []FirewallPolicyLogAnalyticsWorkspaceResponse: List of workspaces for Firewall Policy Insights.

defaultWorkspaceId SubResourceResponse: The default workspace Id for Firewall Policy Insights.
workspaces List<FirewallPolicyLogAnalyticsWorkspaceResponse>: List of workspaces for Firewall Policy Insights.

defaultWorkspaceId SubResourceResponse: The default workspace Id for Firewall Policy Insights.
workspaces FirewallPolicyLogAnalyticsWorkspaceResponse[]: List of workspaces for Firewall Policy Insights.

default_workspace_id SubResourceResponse: The default workspace Id for Firewall Policy Insights.
workspaces Sequence[FirewallPolicyLogAnalyticsWorkspaceResponse]: List of workspaces for Firewall Policy Insights.

defaultWorkspaceId Property Map: The default workspace Id for Firewall Policy Insights.
workspaces List<Property Map>: List of workspaces for Firewall Policy Insights.

FirewallPolicyLogAnalyticsWorkspaceResponse

Region string: Region to configure the Workspace.
WorkspaceId Pulumi.AzureNative.Network.Inputs.SubResourceResponse: The workspace Id for Firewall Policy Insights.

Region string: Region to configure the Workspace.
WorkspaceId SubResourceResponse: The workspace Id for Firewall Policy Insights.

region String: Region to configure the Workspace.
workspaceId SubResourceResponse: The workspace Id for Firewall Policy Insights.

region string: Region to configure the Workspace.
workspaceId SubResourceResponse: The workspace Id for Firewall Policy Insights.

region str: Region to configure the Workspace.
workspace_id SubResourceResponse: The workspace Id for Firewall Policy Insights.

region String: Region to configure the Workspace.
workspaceId Property Map: The workspace Id for Firewall Policy Insights.

FirewallPolicySNATResponse

AutoLearnPrivateRanges string: The operation mode for automatically learning private ranges to not be SNAT
PrivateRanges List<string>: List of private IP addresses/IP address ranges to not be SNAT.

AutoLearnPrivateRanges string: The operation mode for automatically learning private ranges to not be SNAT
PrivateRanges []string: List of private IP addresses/IP address ranges to not be SNAT.

autoLearnPrivateRanges String: The operation mode for automatically learning private ranges to not be SNAT
privateRanges List<String>: List of private IP addresses/IP address ranges to not be SNAT.

autoLearnPrivateRanges string: The operation mode for automatically learning private ranges to not be SNAT
privateRanges string[]: List of private IP addresses/IP address ranges to not be SNAT.

auto_learn_private_ranges str: The operation mode for automatically learning private ranges to not be SNAT
private_ranges Sequence[str]: List of private IP addresses/IP address ranges to not be SNAT.

autoLearnPrivateRanges String: The operation mode for automatically learning private ranges to not be SNAT
privateRanges List<String>: List of private IP addresses/IP address ranges to not be SNAT.

FirewallPolicySQLResponse

AllowSqlRedirect bool: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

AllowSqlRedirect bool: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

allowSqlRedirect Boolean: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

allowSqlRedirect boolean: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

allow_sql_redirect bool: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

allowSqlRedirect Boolean: A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.

FirewallPolicySkuResponse

Tier string: Tier of Firewall Policy.

Tier string: Tier of Firewall Policy.

tier String: Tier of Firewall Policy.

tier string: Tier of Firewall Policy.

tier str: Tier of Firewall Policy.

tier String: Tier of Firewall Policy.

FirewallPolicyThreatIntelWhitelistResponse

Fqdns List<string>: List of FQDNs for the ThreatIntel Whitelist.
IpAddresses List<string>: List of IP addresses for the ThreatIntel Whitelist.

Fqdns []string: List of FQDNs for the ThreatIntel Whitelist.
IpAddresses []string: List of IP addresses for the ThreatIntel Whitelist.

fqdns List<String>: List of FQDNs for the ThreatIntel Whitelist.
ipAddresses List<String>: List of IP addresses for the ThreatIntel Whitelist.

fqdns string[]: List of FQDNs for the ThreatIntel Whitelist.
ipAddresses string[]: List of IP addresses for the ThreatIntel Whitelist.

fqdns Sequence[str]: List of FQDNs for the ThreatIntel Whitelist.
ip_addresses Sequence[str]: List of IP addresses for the ThreatIntel Whitelist.

fqdns List<String>: List of FQDNs for the ThreatIntel Whitelist.
ipAddresses List<String>: List of IP addresses for the ThreatIntel Whitelist.

FirewallPolicyTransportSecurityResponse

CertificateAuthority Pulumi.AzureNative.Network.Inputs.FirewallPolicyCertificateAuthorityResponse: The CA used for intermediate CA generation.

CertificateAuthority FirewallPolicyCertificateAuthorityResponse: The CA used for intermediate CA generation.

certificateAuthority FirewallPolicyCertificateAuthorityResponse: The CA used for intermediate CA generation.

certificateAuthority FirewallPolicyCertificateAuthorityResponse: The CA used for intermediate CA generation.

certificate_authority FirewallPolicyCertificateAuthorityResponse: The CA used for intermediate CA generation.

certificateAuthority Property Map: The CA used for intermediate CA generation.

ManagedServiceIdentityResponse

PrincipalId string: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
TenantId string: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
Type string: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
UserAssignedIdentities Dictionary<string, Pulumi.AzureNative.Network.Inputs.ManagedServiceIdentityResponseUserAssignedIdentities>: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

PrincipalId string: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
TenantId string: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
Type string: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
UserAssignedIdentities map[string]ManagedServiceIdentityResponseUserAssignedIdentities: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

principalId String: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId String: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type String: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentities Map<String,ManagedServiceIdentityResponseUserAssignedIdentities>: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

principalId string: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId string: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type string: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentities {[key: string]: ManagedServiceIdentityResponseUserAssignedIdentities}: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

principal_id str: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenant_id str: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type str: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
user_assigned_identities Mapping[str, ManagedServiceIdentityResponseUserAssignedIdentities]: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

principalId String: The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId String: The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type String: The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentities Map<Property Map>: The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ManagedServiceIdentityResponseUserAssignedIdentities

ClientId string: The client id of user assigned identity.
PrincipalId string: The principal id of user assigned identity.

ClientId string: The client id of user assigned identity.
PrincipalId string: The principal id of user assigned identity.

clientId String: The client id of user assigned identity.
principalId String: The principal id of user assigned identity.

clientId string: The client id of user assigned identity.
principalId string: The principal id of user assigned identity.

client_id str: The client id of user assigned identity.
principal_id str: The principal id of user assigned identity.

clientId String: The client id of user assigned identity.
principalId String: The principal id of user assigned identity.

SubResourceResponse

Id string: Resource ID.

Id string: Resource ID.

id String: Resource ID.

id string: Resource ID.

id str: Resource ID.

id String: Resource ID.

Package Details

Repository: Azure Native pulumi/pulumi-azure-native
License: Apache-2.0

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.37.0 published on Monday, Apr 15, 2024 by Pulumi

pulumi/pulumi-azure-native

azure-native.network.getFirewallPolicy

On this page

On this page

Using getFirewallPolicy

getFirewallPolicy Result

Supporting Types

DnsSettingsResponse

ExplicitProxyResponse

FirewallPolicyCertificateAuthorityResponse

FirewallPolicyInsightsResponse

FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse

FirewallPolicyIntrusionDetectionConfigurationResponse

FirewallPolicyIntrusionDetectionResponse

FirewallPolicyIntrusionDetectionSignatureSpecificationResponse

FirewallPolicyLogAnalyticsResourcesResponse

FirewallPolicyLogAnalyticsWorkspaceResponse

FirewallPolicySNATResponse

FirewallPolicySQLResponse

FirewallPolicySkuResponse

FirewallPolicyThreatIntelWhitelistResponse

FirewallPolicyTransportSecurityResponse

ManagedServiceIdentityResponse

ManagedServiceIdentityResponseUserAssignedIdentities

SubResourceResponse

Package Details

On this page

On this page