forked from Azure/bicep
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathres-firewall-classic-rules.bicep
109 lines (109 loc) · 3.17 KB
/
res-firewall-classic-rules.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
// Azure Firewall using classic rules
resource /*${1:firewall}*/firewall 'Microsoft.Network/azureFirewalls@2020-11-01' = {
name: /*${2:'name'}*/'name'
location: /*${3:location}*/'location'
properties: {
applicationRuleCollections: [
{
name: /*${4:'name'}*/'name'
properties: {
priority: /*${5:'priority'}*/'priority'
action: {
type: /*'${6|Allow,Deny|}'*/'Allow'
}
rules: [
{
name: /*${7:'name'}*/'name'
description: /*${8:'description'}*/'description'
sourceAddresses: [
/*${9:'sourceAddress'}*/'sourceAddress'
]
protocols: [
{
protocolType: /*'${10|Http,Https,Mssql|}'*/'Http'
port: /*${11|80,443,1433|}*/80
}
]
targetFqdns: [
/*${12:'www.microsoft.com'}*/'www.microsoft.com'
]
}
]
}
}
]
natRuleCollections: [
{
name: /*${13:'name'}*/'name'
properties: {
priority: /*${14:'priority'}*/'priority'
action: {
type: /*'${15|Dnat, Snat|}'*/'Dnat'
}
rules: [
{
name: /*${16:'name'}*/'name'
description: /*${17:'description'}*/'description'
sourceAddresses: [
/*${18:'sourceAddress'}*/'sourceAddress'
]
destinationAddresses: [
/*${19:'destinationAddress'}*/'destinationAddress'
]
destinationPorts: [
/*${20:'port'}*/'port'
]
protocols: [
/*'${21|TCP,UDP,Any,ICMP|}'*/'TCP'
]
translatedAddress: /*${22:'translatedAddress'}*/'translatedAddress'
translatedPort: /*${23:'translatedPort'}*/'translatedPort'
}
]
}
}
]
networkRuleCollections: [
{
name: /*${24:'name'}*/'name'
properties: {
priority: /*${25:'priority'}*/'priority'
action: {
type: /*'${26|Deny,Allow|}'*/'Deny'
}
rules: [
{
name: /*${27:'name'}*/'name'
description: /*${28:'description'}*/'description'
sourceAddresses: [
/*${29:'sourceAddress'}*/'sourceAddress'
]
destinationAddresses: [
/*${30:'destinationAddress'}*/'destinationAddress'
]
destinationPorts: [
/*${31:'destinationPort'}*/'destinationPort'
]
protocols: [
/*'${32|TCP,UDP,Any,ICMP|}'*/'TCP'
]
}
]
}
}
]
ipConfigurations: [
{
name: /*${33:'name'}*/'name'
properties: {
subnet: {
id: /*${34:'id'}*/'id'
}
publicIPAddress: {
id: /*${35:'id'}*/'id'
}
}
}
]
}
}