az network firewall policy rule-collection-group collection rule

Manage and configure the rule of a filter collection in the rule collection group of Azure firewall policy.

Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.

Commands

az network firewall policy rule-collection-group collection rule add

Add a rule into an Azure firewall policy rule collection.

az network firewall policy rule-collection-group collection rule remove

Remove a rule from an Azure firewall policy rule collection.

az network firewall policy rule-collection-group collection rule add

Add a rule into an Azure firewall policy rule collection.

Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.

az network firewall policy rule-collection-group collection rule add --collection-name
                                                                     --name
                                                                     --policy-name
                                                                     --resource-group
                                                                     --rule-collection-group-name
                                                                     --rule-type {ApplicationRule, NatRule, NetworkRule}
                                                                     [--description]
                                                                     [--destination-addresses]
                                                                     [--destination-ip-groups]
                                                                     [--destination-ports]
                                                                     [--fqdn-tags]
                                                                     [--ip-protocols {Any, ICMP, TCP, UDP}]
                                                                     [--protocols]
                                                                     [--source-addresses]
                                                                     [--source-ip-groups]
                                                                     [--target-fqdns]
                                                                     [--translated-address]
                                                                     [--translated-port]

Required Parameters

--collection-name

The name of the rule collection in Firewall Policy Rule Collection Group.

--name -n

The name of rule.

--policy-name

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--rule-collection-group-name

The name of the Firewall Policy Rule Collection Group.

--rule-type

The type of rule.

accepted values: ApplicationRule, NatRule, NetworkRule

Optional Parameters

--description

The description of rule.

--destination-addresses

Space-separated list of destination IP addresses.

--destination-ip-groups

Space-separated list of name or resource id of destination IpGroups.

--destination-ports

Space-separated list of destination ports. This argument is supported for Nat and Network Rule.

--fqdn-tags

Space-separated list of FQDN tags for this rule.

--ip-protocols

Space-separated list of IP protocols. This argument is supported for Nat and Network Rule.

accepted values: Any, ICMP, TCP, UDP
--protocols

Space-separated list of protocols and port numbers to use, in PROTOCOL=PORT format. Valid protocols are Http, Https.

--source-addresses

Space-separated list of source IP addresses.

--source-ip-groups

Space-separated list of name or resource id of source IpGroups.

--target-fqdns

Space-separated list of FQDNs for this rule.

--translated-address

Translated address for this NAT rule collection.

--translated-port

Translated port for this NAT rule collection.

az network firewall policy rule-collection-group collection rule remove

Remove a rule from an Azure firewall policy rule collection.

Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.

az network firewall policy rule-collection-group collection rule remove --collection-name
                                                                        --name
                                                                        --policy-name
                                                                        --resource-group
                                                                        --rule-collection-group-name

Required Parameters

--collection-name

The name of the rule collection in Firewall Policy Rule Collection Group.

--name -n

The name of rule.

--policy-name

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--rule-collection-group-name

The name of the Firewall Policy Rule Collection Group.