az network firewall policy

Manage and configure Azure firewall policy.

Commands

az network firewall policy create

Create an Azure firewall policy.

az network firewall policy delete

Delete an Azure firewall policy.

az network firewall policy list

List all Azure firewall policies.

az network firewall policy rule-collection-group

Manage and configure Azure firewall policy rule collection group.

az network firewall policy rule-collection-group collection

Manage and configure Azure firewall policy rule collections in the rule collection group.

az network firewall policy rule-collection-group collection add-filter-collection

Add a filter collection into an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group collection add-nat-collection

Add a NAT collection into an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group collection list

List all rule collections of an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group collection remove

Remove a rule collection from an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group collection rule

Manage and configure the rule of a filter collection in the rule collection group of Azure firewall policy.

az network firewall policy rule-collection-group collection rule add

Add a rule into an Azure firewall policy rule collection.

az network firewall policy rule-collection-group collection rule remove

Remove a rule from an Azure firewall policy rule collection.

az network firewall policy rule-collection-group create

Create an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group delete

Delete an Azure Firewall policy rule collection group.

az network firewall policy rule-collection-group list

List all Azure firewall policy rule collection groups.

az network firewall policy rule-collection-group show

Show an Azure firewall policy rule collection group.

az network firewall policy rule-collection-group update

Update an Azure firewall policy rule collection group.

az network firewall policy show

Show an Azure firewall policy.

az network firewall policy update

Update an Azure firewall policy.

az network firewall policy create

Create an Azure firewall policy.

az network firewall policy create --name
                                  --resource-group
                                  [--base-policy]
                                  [--dns-servers]
                                  [--enable-dns-proxy {false, true}]
                                  [--fqdns]
                                  [--ip-addresses]
                                  [--location]
                                  [--require-dns-proxy-for-network-rules {false, true}]
                                  [--tags]
                                  [--threat-intel-mode {Alert, Deny, Off}]

Required Parameters

--name -n

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--base-policy

The name or ID of parent firewall policy from which rules are inherited.

--dns-servers

Space-separated list of DNS server IP addresses.

--enable-dns-proxy

Enable DNS Proxy.

accepted values: false, true
--fqdns

Space-separated list of FQDNs.

--ip-addresses

Space-separated list of IPv4 addresses.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--require-dns-proxy-for-network-rules

Requires DNS Proxy functionality for FQDNs within Network Rules.

accepted values: false, true
--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

--threat-intel-mode

The operation mode for Threat Intelligence.

accepted values: Alert, Deny, Off

az network firewall policy delete

Delete an Azure firewall policy.

az network firewall policy delete --name
                                  --resource-group

Required Parameters

--name -n

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az network firewall policy list

List all Azure firewall policies.

az network firewall policy list [--resource-group]

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az network firewall policy show

Show an Azure firewall policy.

az network firewall policy show --name
                                --resource-group
                                [--expand]

Required Parameters

--name -n

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--expand

Expands referenced resources.

az network firewall policy update

Update an Azure firewall policy.

az network firewall policy update --name
                                  --resource-group
                                  [--add]
                                  [--dns-servers]
                                  [--enable-dns-proxy {false, true}]
                                  [--force-string]
                                  [--fqdns]
                                  [--ip-addresses]
                                  [--remove]
                                  [--require-dns-proxy-for-network-rules {false, true}]
                                  [--set]
                                  [--tags]
                                  [--threat-intel-mode {Alert, Deny, Off}]

Required Parameters

--name -n

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--dns-servers

Space-separated list of DNS server IP addresses.

--enable-dns-proxy

Enable DNS Proxy.

accepted values: false, true
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

--fqdns

Space-separated list of FQDNs.

--ip-addresses

Space-separated list of IPv4 addresses.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--require-dns-proxy-for-network-rules

Requires DNS Proxy functionality for FQDNs within Network Rules.

accepted values: false, true
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

--threat-intel-mode

The operation mode for Threat Intelligence.

accepted values: Alert, Deny, Off