Package com.pulumi.azurenative.network

Class FirewallPolicy

  • public class FirewallPolicy
extends com.pulumi.resources.CustomResource
    FirewallPolicy Resource. Azure REST API version: 2023-02-01. Prior API version in Azure Native 1.x: 2020-11-01. Other available API versions: 2020-04-01, 2021-08-01, 2023-04-01, 2023-05-01, 2023-06-01, 2023-09-01. ## Example Usage ### Create FirewallPolicy ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.azurenative.network.FirewallPolicy; import com.pulumi.azurenative.network.FirewallPolicyArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var firewallPolicy = new FirewallPolicy("firewallPolicy", FirewallPolicyArgs.builder() .dnsSettings(Map.ofEntries( Map.entry("enableProxy", true), Map.entry("requireProxyForNetworkRules", false), Map.entry("servers", "30.3.4.5") )) .explicitProxy(Map.ofEntries( Map.entry("enableExplicitProxy", true), Map.entry("enablePacFile", true), Map.entry("httpPort", 8087), Map.entry("httpsPort", 8087), Map.entry("pacFile", "https://tinawstorage.file.core.windows.net/?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwdlacuptfx&se=2021-06-04T07:01:12Z&st=2021-06-03T23:01:12Z&sip=68.65.171.11&spr=https&sig=Plsa0RRVpGbY0IETZZOT6znOHcSro71LLTTbzquYPgs%3D"), Map.entry("pacFilePort", 8087) )) .firewallPolicyName("firewallPolicy") .insights(Map.ofEntries( Map.entry("isEnabled", true), Map.entry("logAnalyticsResources", Map.ofEntries( Map.entry("defaultWorkspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace")), Map.entry("workspaces", Map.ofEntries( Map.entry("region", "westus"), Map.entry("workspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1")) ), Map.ofEntries( Map.entry("region", "eastus"), Map.entry("workspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2")) )) )), Map.entry("retentionDays", 100) )) .intrusionDetection(Map.ofEntries( Map.entry("configuration", Map.ofEntries( Map.entry("bypassTrafficSettings", Map.ofEntries( Map.entry("description", "Rule 1"), Map.entry("destinationAddresses", "5.6.7.8"), Map.entry("destinationPorts", "*"), Map.entry("name", "bypassRule1"), Map.entry("protocol", "TCP"), Map.entry("sourceAddresses", "1.2.3.4") )), Map.entry("signatureOverrides", Map.ofEntries( Map.entry("id", "2525004"), Map.entry("mode", "Deny") )) )), Map.entry("mode", "Alert") )) .location("West US") .resourceGroupName("rg1") .sku(Map.of("tier", "Premium")) .snat(Map.of("privateRanges", "IANAPrivateRanges")) .sql(Map.of("allowSqlRedirect", true)) .tags(Map.of("key1", "value1")) .threatIntelMode("Alert") .threatIntelWhitelist(Map.ofEntries( Map.entry("fqdns", "*.microsoft.com"), Map.entry("ipAddresses", "20.3.4.5") )) .transportSecurity(Map.of("certificateAuthority", Map.ofEntries( Map.entry("keyVaultSecretId", "https://kv/secret"), Map.entry("name", "clientcert") ))) .build()); } } ``` ## Import An existing resource can be imported using its type token, name, and identifier, e.g. ```sh $ pulumi import azure-native:network:FirewallPolicy firewallPolicy /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName} ```

    • Constructor Detail

      • FirewallPolicy

        public FirewallPolicy​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • FirewallPolicy

        public FirewallPolicy​(java.lang.String name,
                      FirewallPolicyArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • FirewallPolicy

        public FirewallPolicy​(java.lang.String name,
                      FirewallPolicyArgs args,
                      @Nullable
                      com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • basePolicy

        public com.pulumi.core.Output<java.util.Optional<SubResourceResponse>> basePolicy()
        Returns:
        The parent firewall policy from which rules are inherited.

      • childPolicies

        public com.pulumi.core.Output<java.util.List<SubResourceResponse>> childPolicies()
        Returns:
        List of references to Child Firewall Policies.

      • dnsSettings

        public com.pulumi.core.Output<java.util.Optional<DnsSettingsResponse>> dnsSettings()
        Returns:
        DNS Proxy Settings definition.

      • etag

        public com.pulumi.core.Output<java.lang.String> etag()
        Returns:
        A unique read-only string that changes whenever the resource is updated.

      • explicitProxy

        public com.pulumi.core.Output<java.util.Optional<ExplicitProxyResponse>> explicitProxy()
        Returns:
        Explicit Proxy Settings definition.

      • firewalls

        public com.pulumi.core.Output<java.util.List<SubResourceResponse>> firewalls()
        Returns:
        List of references to Azure Firewalls that this Firewall Policy is associated with.

      • identity

        public com.pulumi.core.Output<java.util.Optional<ManagedServiceIdentityResponse>> identity()
        Returns:
        The identity of the firewall policy.

      • location

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> location()
        Returns:
        Resource location.

      • name

        public com.pulumi.core.Output<java.lang.String> name()
        Returns:
        Resource name.

      • provisioningState

        public com.pulumi.core.Output<java.lang.String> provisioningState()
        Returns:
        The provisioning state of the firewall policy resource.

      • ruleCollectionGroups

        public com.pulumi.core.Output<java.util.List<SubResourceResponse>> ruleCollectionGroups()
        Returns:
        List of references to FirewallPolicyRuleCollectionGroups.

      • snat

        public com.pulumi.core.Output<java.util.Optional<FirewallPolicySNATResponse>> snat()
        Returns:
        The private IP addresses/IP ranges to which traffic will not be SNAT.

      • tags

        public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> tags()
        Returns:
        Resource tags.

      • threatIntelMode

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> threatIntelMode()
        Returns:
        The operation mode for Threat Intelligence.

      • type

        public com.pulumi.core.Output<java.lang.String> type()
        Returns:
        Resource type.

      • get

        public static FirewallPolicy get​(java.lang.String name,
                                 com.pulumi.core.Output<java.lang.String> id,
                                 @Nullable
                                 com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        options - Optional settings to control the behavior of the CustomResource.