These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
azure-native-v2.network.getFirewallPolicy
Explore with Pulumi AI
These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
Gets the specified Firewall Policy. Azure REST API version: 2023-02-01.
Other available API versions: 2020-04-01, 2021-08-01, 2023-04-01, 2023-05-01, 2023-06-01, 2023-09-01, 2023-11-01, 2024-01-01, 2024-03-01, 2024-05-01.
Using getFirewallPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getFirewallPolicy(args: GetFirewallPolicyArgs, opts?: InvokeOptions): Promise<GetFirewallPolicyResult>
function getFirewallPolicyOutput(args: GetFirewallPolicyOutputArgs, opts?: InvokeOptions): Output<GetFirewallPolicyResult>def get_firewall_policy(expand: Optional[str] = None,
                        firewall_policy_name: Optional[str] = None,
                        resource_group_name: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetFirewallPolicyResult
def get_firewall_policy_output(expand: Optional[pulumi.Input[str]] = None,
                        firewall_policy_name: Optional[pulumi.Input[str]] = None,
                        resource_group_name: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetFirewallPolicyResult]func LookupFirewallPolicy(ctx *Context, args *LookupFirewallPolicyArgs, opts ...InvokeOption) (*LookupFirewallPolicyResult, error)
func LookupFirewallPolicyOutput(ctx *Context, args *LookupFirewallPolicyOutputArgs, opts ...InvokeOption) LookupFirewallPolicyResultOutput> Note: This function is named LookupFirewallPolicy in the Go SDK.
public static class GetFirewallPolicy 
{
    public static Task<GetFirewallPolicyResult> InvokeAsync(GetFirewallPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetFirewallPolicyResult> Invoke(GetFirewallPolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetFirewallPolicyResult> getFirewallPolicy(GetFirewallPolicyArgs args, InvokeOptions options)
public static Output<GetFirewallPolicyResult> getFirewallPolicy(GetFirewallPolicyArgs args, InvokeOptions options)
fn::invoke:
  function: azure-native:network:getFirewallPolicy
  arguments:
    # arguments dictionaryThe following arguments are supported:
- FirewallPolicy stringName 
- The name of the Firewall Policy.
- ResourceGroup stringName 
- The name of the resource group.
- Expand string
- Expands referenced resources.
- FirewallPolicy stringName 
- The name of the Firewall Policy.
- ResourceGroup stringName 
- The name of the resource group.
- Expand string
- Expands referenced resources.
- firewallPolicy StringName 
- The name of the Firewall Policy.
- resourceGroup StringName 
- The name of the resource group.
- expand String
- Expands referenced resources.
- firewallPolicy stringName 
- The name of the Firewall Policy.
- resourceGroup stringName 
- The name of the resource group.
- expand string
- Expands referenced resources.
- firewall_policy_ strname 
- The name of the Firewall Policy.
- resource_group_ strname 
- The name of the resource group.
- expand str
- Expands referenced resources.
- firewallPolicy StringName 
- The name of the Firewall Policy.
- resourceGroup StringName 
- The name of the resource group.
- expand String
- Expands referenced resources.
getFirewallPolicy Result
The following output properties are available:
- ChildPolicies List<Pulumi.Azure Native. Network. Outputs. Sub Resource Response> 
- List of references to Child Firewall Policies.
- Etag string
- A unique read-only string that changes whenever the resource is updated.
- Firewalls
List<Pulumi.Azure Native. Network. Outputs. Sub Resource Response> 
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- Name string
- Resource name.
- ProvisioningState string
- The provisioning state of the firewall policy resource.
- RuleCollection List<Pulumi.Groups Azure Native. Network. Outputs. Sub Resource Response> 
- List of references to FirewallPolicyRuleCollectionGroups.
- Type string
- Resource type.
- BasePolicy Pulumi.Azure Native. Network. Outputs. Sub Resource Response 
- The parent firewall policy from which rules are inherited.
- DnsSettings Pulumi.Azure Native. Network. Outputs. Dns Settings Response 
- DNS Proxy Settings definition.
- ExplicitProxy Pulumi.Azure Native. Network. Outputs. Explicit Proxy Response 
- Explicit Proxy Settings definition.
- Id string
- Resource ID.
- Identity
Pulumi.Azure Native. Network. Outputs. Managed Service Identity Response 
- The identity of the firewall policy.
- Insights
Pulumi.Azure Native. Network. Outputs. Firewall Policy Insights Response 
- Insights on Firewall Policy.
- IntrusionDetection Pulumi.Azure Native. Network. Outputs. Firewall Policy Intrusion Detection Response 
- The configuration for Intrusion detection.
- Location string
- Resource location.
- Sku
Pulumi.Azure Native. Network. Outputs. Firewall Policy Sku Response 
- The Firewall Policy SKU.
- Snat
Pulumi.Azure Native. Network. Outputs. Firewall Policy SNATResponse 
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- Sql
Pulumi.Azure Native. Network. Outputs. Firewall Policy SQLResponse 
- SQL Settings definition.
- Dictionary<string, string>
- Resource tags.
- ThreatIntel stringMode 
- The operation mode for Threat Intelligence.
- ThreatIntel Pulumi.Whitelist Azure Native. Network. Outputs. Firewall Policy Threat Intel Whitelist Response 
- ThreatIntel Whitelist for Firewall Policy.
- TransportSecurity Pulumi.Azure Native. Network. Outputs. Firewall Policy Transport Security Response 
- TLS Configuration definition.
- ChildPolicies []SubResource Response 
- List of references to Child Firewall Policies.
- Etag string
- A unique read-only string that changes whenever the resource is updated.
- Firewalls
[]SubResource Response 
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- Name string
- Resource name.
- ProvisioningState string
- The provisioning state of the firewall policy resource.
- RuleCollection []SubGroups Resource Response 
- List of references to FirewallPolicyRuleCollectionGroups.
- Type string
- Resource type.
- BasePolicy SubResource Response 
- The parent firewall policy from which rules are inherited.
- DnsSettings DnsSettings Response 
- DNS Proxy Settings definition.
- ExplicitProxy ExplicitProxy Response 
- Explicit Proxy Settings definition.
- Id string
- Resource ID.
- Identity
ManagedService Identity Response 
- The identity of the firewall policy.
- Insights
FirewallPolicy Insights Response 
- Insights on Firewall Policy.
- IntrusionDetection FirewallPolicy Intrusion Detection Response 
- The configuration for Intrusion detection.
- Location string
- Resource location.
- Sku
FirewallPolicy Sku Response 
- The Firewall Policy SKU.
- Snat
FirewallPolicy SNATResponse 
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- Sql
FirewallPolicy SQLResponse 
- SQL Settings definition.
- map[string]string
- Resource tags.
- ThreatIntel stringMode 
- The operation mode for Threat Intelligence.
- ThreatIntel FirewallWhitelist Policy Threat Intel Whitelist Response 
- ThreatIntel Whitelist for Firewall Policy.
- TransportSecurity FirewallPolicy Transport Security Response 
- TLS Configuration definition.
- childPolicies List<SubResource Response> 
- List of references to Child Firewall Policies.
- etag String
- A unique read-only string that changes whenever the resource is updated.
- firewalls
List<SubResource Response> 
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- name String
- Resource name.
- provisioningState String
- The provisioning state of the firewall policy resource.
- ruleCollection List<SubGroups Resource Response> 
- List of references to FirewallPolicyRuleCollectionGroups.
- type String
- Resource type.
- basePolicy SubResource Response 
- The parent firewall policy from which rules are inherited.
- dnsSettings DnsSettings Response 
- DNS Proxy Settings definition.
- explicitProxy ExplicitProxy Response 
- Explicit Proxy Settings definition.
- id String
- Resource ID.
- identity
ManagedService Identity Response 
- The identity of the firewall policy.
- insights
FirewallPolicy Insights Response 
- Insights on Firewall Policy.
- intrusionDetection FirewallPolicy Intrusion Detection Response 
- The configuration for Intrusion detection.
- location String
- Resource location.
- sku
FirewallPolicy Sku Response 
- The Firewall Policy SKU.
- snat
FirewallPolicy SNATResponse 
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- sql
FirewallPolicy SQLResponse 
- SQL Settings definition.
- Map<String,String>
- Resource tags.
- threatIntel StringMode 
- The operation mode for Threat Intelligence.
- threatIntel FirewallWhitelist Policy Threat Intel Whitelist Response 
- ThreatIntel Whitelist for Firewall Policy.
- transportSecurity FirewallPolicy Transport Security Response 
- TLS Configuration definition.
- childPolicies SubResource Response[] 
- List of references to Child Firewall Policies.
- etag string
- A unique read-only string that changes whenever the resource is updated.
- firewalls
SubResource Response[] 
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- name string
- Resource name.
- provisioningState string
- The provisioning state of the firewall policy resource.
- ruleCollection SubGroups Resource Response[] 
- List of references to FirewallPolicyRuleCollectionGroups.
- type string
- Resource type.
- basePolicy SubResource Response 
- The parent firewall policy from which rules are inherited.
- dnsSettings DnsSettings Response 
- DNS Proxy Settings definition.
- explicitProxy ExplicitProxy Response 
- Explicit Proxy Settings definition.
- id string
- Resource ID.
- identity
ManagedService Identity Response 
- The identity of the firewall policy.
- insights
FirewallPolicy Insights Response 
- Insights on Firewall Policy.
- intrusionDetection FirewallPolicy Intrusion Detection Response 
- The configuration for Intrusion detection.
- location string
- Resource location.
- sku
FirewallPolicy Sku Response 
- The Firewall Policy SKU.
- snat
FirewallPolicy SNATResponse 
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- sql
FirewallPolicy SQLResponse 
- SQL Settings definition.
- {[key: string]: string}
- Resource tags.
- threatIntel stringMode 
- The operation mode for Threat Intelligence.
- threatIntel FirewallWhitelist Policy Threat Intel Whitelist Response 
- ThreatIntel Whitelist for Firewall Policy.
- transportSecurity FirewallPolicy Transport Security Response 
- TLS Configuration definition.
- child_policies Sequence[SubResource Response] 
- List of references to Child Firewall Policies.
- etag str
- A unique read-only string that changes whenever the resource is updated.
- firewalls
Sequence[SubResource Response] 
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- name str
- Resource name.
- provisioning_state str
- The provisioning state of the firewall policy resource.
- rule_collection_ Sequence[Subgroups Resource Response] 
- List of references to FirewallPolicyRuleCollectionGroups.
- type str
- Resource type.
- base_policy SubResource Response 
- The parent firewall policy from which rules are inherited.
- dns_settings DnsSettings Response 
- DNS Proxy Settings definition.
- explicit_proxy ExplicitProxy Response 
- Explicit Proxy Settings definition.
- id str
- Resource ID.
- identity
ManagedService Identity Response 
- The identity of the firewall policy.
- insights
FirewallPolicy Insights Response 
- Insights on Firewall Policy.
- intrusion_detection FirewallPolicy Intrusion Detection Response 
- The configuration for Intrusion detection.
- location str
- Resource location.
- sku
FirewallPolicy Sku Response 
- The Firewall Policy SKU.
- snat
FirewallPolicy SNATResponse 
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- sql
FirewallPolicy SQLResponse 
- SQL Settings definition.
- Mapping[str, str]
- Resource tags.
- threat_intel_ strmode 
- The operation mode for Threat Intelligence.
- threat_intel_ Firewallwhitelist Policy Threat Intel Whitelist Response 
- ThreatIntel Whitelist for Firewall Policy.
- transport_security FirewallPolicy Transport Security Response 
- TLS Configuration definition.
- childPolicies List<Property Map>
- List of references to Child Firewall Policies.
- etag String
- A unique read-only string that changes whenever the resource is updated.
- firewalls List<Property Map>
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- name String
- Resource name.
- provisioningState String
- The provisioning state of the firewall policy resource.
- ruleCollection List<Property Map>Groups 
- List of references to FirewallPolicyRuleCollectionGroups.
- type String
- Resource type.
- basePolicy Property Map
- The parent firewall policy from which rules are inherited.
- dnsSettings Property Map
- DNS Proxy Settings definition.
- explicitProxy Property Map
- Explicit Proxy Settings definition.
- id String
- Resource ID.
- identity Property Map
- The identity of the firewall policy.
- insights Property Map
- Insights on Firewall Policy.
- intrusionDetection Property Map
- The configuration for Intrusion detection.
- location String
- Resource location.
- sku Property Map
- The Firewall Policy SKU.
- snat Property Map
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- sql Property Map
- SQL Settings definition.
- Map<String>
- Resource tags.
- threatIntel StringMode 
- The operation mode for Threat Intelligence.
- threatIntel Property MapWhitelist 
- ThreatIntel Whitelist for Firewall Policy.
- transportSecurity Property Map
- TLS Configuration definition.
Supporting Types
DnsSettingsResponse  
- EnableProxy bool
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- RequireProxy boolFor Network Rules 
- FQDNs in Network Rules are supported when set to true.
- Servers List<string>
- List of Custom DNS Servers.
- EnableProxy bool
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- RequireProxy boolFor Network Rules 
- FQDNs in Network Rules are supported when set to true.
- Servers []string
- List of Custom DNS Servers.
- enableProxy Boolean
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- requireProxy BooleanFor Network Rules 
- FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
- enableProxy boolean
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- requireProxy booleanFor Network Rules 
- FQDNs in Network Rules are supported when set to true.
- servers string[]
- List of Custom DNS Servers.
- enable_proxy bool
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require_proxy_ boolfor_ network_ rules 
- FQDNs in Network Rules are supported when set to true.
- servers Sequence[str]
- List of Custom DNS Servers.
- enableProxy Boolean
- Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- requireProxy BooleanFor Network Rules 
- FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
ExplicitProxyResponse  
- EnableExplicit boolProxy 
- When set to true, explicit proxy mode is enabled.
- EnablePac boolFile 
- When set to true, pac file port and url needs to be provided.
- HttpPort int
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- HttpsPort int
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- PacFile string
- SAS URL for PAC file.
- PacFile intPort 
- Port number for firewall to serve PAC file.
- EnableExplicit boolProxy 
- When set to true, explicit proxy mode is enabled.
- EnablePac boolFile 
- When set to true, pac file port and url needs to be provided.
- HttpPort int
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- HttpsPort int
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- PacFile string
- SAS URL for PAC file.
- PacFile intPort 
- Port number for firewall to serve PAC file.
- enableExplicit BooleanProxy 
- When set to true, explicit proxy mode is enabled.
- enablePac BooleanFile 
- When set to true, pac file port and url needs to be provided.
- httpPort Integer
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- httpsPort Integer
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- pacFile String
- SAS URL for PAC file.
- pacFile IntegerPort 
- Port number for firewall to serve PAC file.
- enableExplicit booleanProxy 
- When set to true, explicit proxy mode is enabled.
- enablePac booleanFile 
- When set to true, pac file port and url needs to be provided.
- httpPort number
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- httpsPort number
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- pacFile string
- SAS URL for PAC file.
- pacFile numberPort 
- Port number for firewall to serve PAC file.
- enable_explicit_ boolproxy 
- When set to true, explicit proxy mode is enabled.
- enable_pac_ boolfile 
- When set to true, pac file port and url needs to be provided.
- http_port int
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- https_port int
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- pac_file str
- SAS URL for PAC file.
- pac_file_ intport 
- Port number for firewall to serve PAC file.
- enableExplicit BooleanProxy 
- When set to true, explicit proxy mode is enabled.
- enablePac BooleanFile 
- When set to true, pac file port and url needs to be provided.
- httpPort Number
- Port number for explicit proxy http protocol, cannot be greater than 64000.
- httpsPort Number
- Port number for explicit proxy https protocol, cannot be greater than 64000.
- pacFile String
- SAS URL for PAC file.
- pacFile NumberPort 
- Port number for firewall to serve PAC file.
FirewallPolicyCertificateAuthorityResponse    
- KeyVault stringSecret Id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- KeyVault stringSecret Id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- keyVault StringSecret Id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
- keyVault stringSecret Id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name string
- Name of the CA certificate.
- key_vault_ strsecret_ id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name str
- Name of the CA certificate.
- keyVault StringSecret Id 
- Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
FirewallPolicyInsightsResponse   
- IsEnabled bool
- A flag to indicate if the insights are enabled on the policy.
- LogAnalytics Pulumi.Resources Azure Native. Network. Inputs. Firewall Policy Log Analytics Resources Response 
- Workspaces needed to configure the Firewall Policy Insights.
- RetentionDays int
- Number of days the insights should be enabled on the policy.
- IsEnabled bool
- A flag to indicate if the insights are enabled on the policy.
- LogAnalytics FirewallResources Policy Log Analytics Resources Response 
- Workspaces needed to configure the Firewall Policy Insights.
- RetentionDays int
- Number of days the insights should be enabled on the policy.
- isEnabled Boolean
- A flag to indicate if the insights are enabled on the policy.
- logAnalytics FirewallResources Policy Log Analytics Resources Response 
- Workspaces needed to configure the Firewall Policy Insights.
- retentionDays Integer
- Number of days the insights should be enabled on the policy.
- isEnabled boolean
- A flag to indicate if the insights are enabled on the policy.
- logAnalytics FirewallResources Policy Log Analytics Resources Response 
- Workspaces needed to configure the Firewall Policy Insights.
- retentionDays number
- Number of days the insights should be enabled on the policy.
- is_enabled bool
- A flag to indicate if the insights are enabled on the policy.
- log_analytics_ Firewallresources Policy Log Analytics Resources Response 
- Workspaces needed to configure the Firewall Policy Insights.
- retention_days int
- Number of days the insights should be enabled on the policy.
- isEnabled Boolean
- A flag to indicate if the insights are enabled on the policy.
- logAnalytics Property MapResources 
- Workspaces needed to configure the Firewall Policy Insights.
- retentionDays Number
- Number of days the insights should be enabled on the policy.
FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse       
- Description string
- Description of the bypass traffic rule.
- DestinationAddresses List<string>
- List of destination IP addresses or ranges for this rule.
- DestinationIp List<string>Groups 
- List of destination IpGroups for this rule.
- DestinationPorts List<string>
- List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol string
- The rule bypass protocol.
- SourceAddresses List<string>
- List of source IP addresses or ranges for this rule.
- SourceIp List<string>Groups 
- List of source IpGroups for this rule.
- Description string
- Description of the bypass traffic rule.
- DestinationAddresses []string
- List of destination IP addresses or ranges for this rule.
- DestinationIp []stringGroups 
- List of destination IpGroups for this rule.
- DestinationPorts []string
- List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol string
- The rule bypass protocol.
- SourceAddresses []string
- List of source IP addresses or ranges for this rule.
- SourceIp []stringGroups 
- List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destinationAddresses List<String>
- List of destination IP addresses or ranges for this rule.
- destinationIp List<String>Groups 
- List of destination IpGroups for this rule.
- destinationPorts List<String>
- List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol String
- The rule bypass protocol.
- sourceAddresses List<String>
- List of source IP addresses or ranges for this rule.
- sourceIp List<String>Groups 
- List of source IpGroups for this rule.
- description string
- Description of the bypass traffic rule.
- destinationAddresses string[]
- List of destination IP addresses or ranges for this rule.
- destinationIp string[]Groups 
- List of destination IpGroups for this rule.
- destinationPorts string[]
- List of destination ports or ranges.
- name string
- Name of the bypass traffic rule.
- protocol string
- The rule bypass protocol.
- sourceAddresses string[]
- List of source IP addresses or ranges for this rule.
- sourceIp string[]Groups 
- List of source IpGroups for this rule.
- description str
- Description of the bypass traffic rule.
- destination_addresses Sequence[str]
- List of destination IP addresses or ranges for this rule.
- destination_ip_ Sequence[str]groups 
- List of destination IpGroups for this rule.
- destination_ports Sequence[str]
- List of destination ports or ranges.
- name str
- Name of the bypass traffic rule.
- protocol str
- The rule bypass protocol.
- source_addresses Sequence[str]
- List of source IP addresses or ranges for this rule.
- source_ip_ Sequence[str]groups 
- List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destinationAddresses List<String>
- List of destination IP addresses or ranges for this rule.
- destinationIp List<String>Groups 
- List of destination IpGroups for this rule.
- destinationPorts List<String>
- List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol String
- The rule bypass protocol.
- sourceAddresses List<String>
- List of source IP addresses or ranges for this rule.
- sourceIp List<String>Groups 
- List of source IpGroups for this rule.
FirewallPolicyIntrusionDetectionConfigurationResponse     
- BypassTraffic List<Pulumi.Settings Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Bypass Traffic Specifications Response> 
- List of rules for traffic to bypass.
- PrivateRanges List<string>
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- SignatureOverrides List<Pulumi.Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Signature Specification Response> 
- List of specific signatures states.
- BypassTraffic []FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response 
- List of rules for traffic to bypass.
- PrivateRanges []string
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- SignatureOverrides []FirewallPolicy Intrusion Detection Signature Specification Response 
- List of specific signatures states.
- bypassTraffic List<FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response> 
- List of rules for traffic to bypass.
- privateRanges List<String>
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- signatureOverrides List<FirewallPolicy Intrusion Detection Signature Specification Response> 
- List of specific signatures states.
- bypassTraffic FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response[] 
- List of rules for traffic to bypass.
- privateRanges string[]
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- signatureOverrides FirewallPolicy Intrusion Detection Signature Specification Response[] 
- List of specific signatures states.
- bypass_traffic_ Sequence[Firewallsettings Policy Intrusion Detection Bypass Traffic Specifications Response] 
- List of rules for traffic to bypass.
- private_ranges Sequence[str]
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- signature_overrides Sequence[FirewallPolicy Intrusion Detection Signature Specification Response] 
- List of specific signatures states.
- bypassTraffic List<Property Map>Settings 
- List of rules for traffic to bypass.
- privateRanges List<String>
- IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property
- signatureOverrides List<Property Map>
- List of specific signatures states.
FirewallPolicyIntrusionDetectionResponse    
- Configuration
Pulumi.Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Configuration Response 
- Intrusion detection configuration properties.
- Mode string
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- Profile string
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
- Configuration
FirewallPolicy Intrusion Detection Configuration Response 
- Intrusion detection configuration properties.
- Mode string
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- Profile string
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
- configuration
FirewallPolicy Intrusion Detection Configuration Response 
- Intrusion detection configuration properties.
- mode String
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- profile String
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
- configuration
FirewallPolicy Intrusion Detection Configuration Response 
- Intrusion detection configuration properties.
- mode string
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- profile string
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
- configuration
FirewallPolicy Intrusion Detection Configuration Response 
- Intrusion detection configuration properties.
- mode str
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- profile str
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
- configuration Property Map
- Intrusion detection configuration properties.
- mode String
- Intrusion detection general state. When attached to a parent policy, the firewall's effective IDPS mode is the stricter mode of the two.
- profile String
- IDPS profile name. When attached to a parent policy, the firewall's effective profile is the profile name of the parent policy.
FirewallPolicyIntrusionDetectionSignatureSpecificationResponse      
FirewallPolicyLogAnalyticsResourcesResponse     
- DefaultWorkspace Pulumi.Id Azure Native. Network. Inputs. Sub Resource Response 
- The default workspace Id for Firewall Policy Insights.
- Workspaces
List<Pulumi.Azure Native. Network. Inputs. Firewall Policy Log Analytics Workspace Response> 
- List of workspaces for Firewall Policy Insights.
- DefaultWorkspace SubId Resource Response 
- The default workspace Id for Firewall Policy Insights.
- Workspaces
[]FirewallPolicy Log Analytics Workspace Response 
- List of workspaces for Firewall Policy Insights.
- defaultWorkspace SubId Resource Response 
- The default workspace Id for Firewall Policy Insights.
- workspaces
List<FirewallPolicy Log Analytics Workspace Response> 
- List of workspaces for Firewall Policy Insights.
- defaultWorkspace SubId Resource Response 
- The default workspace Id for Firewall Policy Insights.
- workspaces
FirewallPolicy Log Analytics Workspace Response[] 
- List of workspaces for Firewall Policy Insights.
- default_workspace_ Subid Resource Response 
- The default workspace Id for Firewall Policy Insights.
- workspaces
Sequence[FirewallPolicy Log Analytics Workspace Response] 
- List of workspaces for Firewall Policy Insights.
- defaultWorkspace Property MapId 
- The default workspace Id for Firewall Policy Insights.
- workspaces List<Property Map>
- List of workspaces for Firewall Policy Insights.
FirewallPolicyLogAnalyticsWorkspaceResponse     
- Region string
- Region to configure the Workspace.
- WorkspaceId Pulumi.Azure Native. Network. Inputs. Sub Resource Response 
- The workspace Id for Firewall Policy Insights.
- Region string
- Region to configure the Workspace.
- WorkspaceId SubResource Response 
- The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspaceId SubResource Response 
- The workspace Id for Firewall Policy Insights.
- region string
- Region to configure the Workspace.
- workspaceId SubResource Response 
- The workspace Id for Firewall Policy Insights.
- region str
- Region to configure the Workspace.
- workspace_id SubResource Response 
- The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspaceId Property Map
- The workspace Id for Firewall Policy Insights.
FirewallPolicySNATResponse  
- AutoLearn stringPrivate Ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- PrivateRanges List<string>
- List of private IP addresses/IP address ranges to not be SNAT.
- AutoLearn stringPrivate Ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- PrivateRanges []string
- List of private IP addresses/IP address ranges to not be SNAT.
- autoLearn StringPrivate Ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- privateRanges List<String>
- List of private IP addresses/IP address ranges to not be SNAT.
- autoLearn stringPrivate Ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- privateRanges string[]
- List of private IP addresses/IP address ranges to not be SNAT.
- auto_learn_ strprivate_ ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- private_ranges Sequence[str]
- List of private IP addresses/IP address ranges to not be SNAT.
- autoLearn StringPrivate Ranges 
- The operation mode for automatically learning private ranges to not be SNAT
- privateRanges List<String>
- List of private IP addresses/IP address ranges to not be SNAT.
FirewallPolicySQLResponse  
- AllowSql boolRedirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
- AllowSql boolRedirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
- allowSql BooleanRedirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
- allowSql booleanRedirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
- allow_sql_ boolredirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
- allowSql BooleanRedirect 
- A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999.
FirewallPolicySkuResponse   
- Tier string
- Tier of Firewall Policy.
- Tier string
- Tier of Firewall Policy.
- tier String
- Tier of Firewall Policy.
- tier string
- Tier of Firewall Policy.
- tier str
- Tier of Firewall Policy.
- tier String
- Tier of Firewall Policy.
FirewallPolicyThreatIntelWhitelistResponse     
- Fqdns List<string>
- List of FQDNs for the ThreatIntel Whitelist.
- IpAddresses List<string>
- List of IP addresses for the ThreatIntel Whitelist.
- Fqdns []string
- List of FQDNs for the ThreatIntel Whitelist.
- IpAddresses []string
- List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ipAddresses List<String>
- List of IP addresses for the ThreatIntel Whitelist.
- fqdns string[]
- List of FQDNs for the ThreatIntel Whitelist.
- ipAddresses string[]
- List of IP addresses for the ThreatIntel Whitelist.
- fqdns Sequence[str]
- List of FQDNs for the ThreatIntel Whitelist.
- ip_addresses Sequence[str]
- List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ipAddresses List<String>
- List of IP addresses for the ThreatIntel Whitelist.
FirewallPolicyTransportSecurityResponse    
- 
Pulumi.Azure Native. Network. Inputs. Firewall Policy Certificate Authority Response 
- The CA used for intermediate CA generation.
- 
FirewallPolicy Certificate Authority Response 
- The CA used for intermediate CA generation.
- 
FirewallPolicy Certificate Authority Response 
- The CA used for intermediate CA generation.
- 
FirewallPolicy Certificate Authority Response 
- The CA used for intermediate CA generation.
- 
FirewallPolicy Certificate Authority Response 
- The CA used for intermediate CA generation.
- Property Map
- The CA used for intermediate CA generation.
ManagedServiceIdentityResponse   
- PrincipalId string
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- TenantId string
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- Type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- UserAssigned Dictionary<string, Pulumi.Identities Azure Native. Network. Inputs. Managed Service Identity Response User Assigned Identities> 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- PrincipalId string
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- TenantId string
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- Type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- UserAssigned map[string]ManagedIdentities Service Identity Response User Assigned Identities 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principalId String
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenantId String
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type String
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- userAssigned Map<String,ManagedIdentities Service Identity Response User Assigned Identities> 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principalId string
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenantId string
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- userAssigned {[key: string]: ManagedIdentities Service Identity Response User Assigned Identities} 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal_id str
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenant_id str
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type str
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user_assigned_ Mapping[str, Managedidentities Service Identity Response User Assigned Identities] 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principalId String
- The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenantId String
- The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type String
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- userAssigned Map<Property Map>Identities 
- The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
ManagedServiceIdentityResponseUserAssignedIdentities      
- ClientId string
- The client id of user assigned identity.
- PrincipalId string
- The principal id of user assigned identity.
- ClientId string
- The client id of user assigned identity.
- PrincipalId string
- The principal id of user assigned identity.
- clientId String
- The client id of user assigned identity.
- principalId String
- The principal id of user assigned identity.
- clientId string
- The client id of user assigned identity.
- principalId string
- The principal id of user assigned identity.
- client_id str
- The client id of user assigned identity.
- principal_id str
- The principal id of user assigned identity.
- clientId String
- The client id of user assigned identity.
- principalId String
- The principal id of user assigned identity.
SubResourceResponse  
- Id string
- Resource ID.
- Id string
- Resource ID.
- id String
- Resource ID.
- id string
- Resource ID.
- id str
- Resource ID.
- id String
- Resource ID.
Package Details
- Repository
- azure-native-v2 pulumi/pulumi-azure-native
- License
- Apache-2.0
These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi