az network firewall policy rule-collection-group collection rule
Note
This reference is part of the azure-firewall extension for the Azure CLI (version 2.15.0 or higher). The extension will automatically install the first time you run an az network firewall policy rule-collection-group collection rule command. Learn more about extensions.
Manage and configure the rule of a filter collection in the rule collection group of Azure firewall policy.
Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.
Commands
| az network firewall policy rule-collection-group collection rule add |
Add a rule into an Azure firewall policy rule collection. |
| az network firewall policy rule-collection-group collection rule remove |
Remove a rule from an Azure firewall policy rule collection. |
| az network firewall policy rule-collection-group collection rule update |
Update a rule of an Azure firewall policy rule collection. |
az network firewall policy rule-collection-group collection rule add
Add a rule into an Azure firewall policy rule collection.
Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.
az network firewall policy rule-collection-group collection rule add --collection-name
--name
--policy-name
--rcg-name
--resource-group
--rule-type {ApplicationRule, NatRule, NetworkRule}
[--description]
[--dest-addr]
[--dest-ipg]
[--destination-fqdns]
[--destination-ports]
[--enable-tls-insp {false, true}]
[--fqdn-tags]
[--ip-protocols {Any, ICMP, TCP, UDP}]
[--protocols]
[--source-addresses]
[--source-ip-groups]
[--target-fqdns]
[--target-urls]
[--translated-address]
[--translated-fqdn]
[--translated-port]
[--web-categories]Required Parameters
The name of the rule collection in Firewall Policy Rule Collection Group.
The name of rule.
The name of the Firewall Policy.
The name of the Firewall Policy Rule Collection Group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The type of rule.
Optional Parameters
The description of rule.
Space-separated list of destination IP addresses.
Space-separated list of name or resource id of destination IpGroups.
Space-separated list of destination FQDNs.
Space-separated list of destination ports. This argument is supported for Nat and Network Rule.
Enable flag to terminate TLS connection for this rule.
Space-separated list of FQDN tags for this rule.
Space-separated list of IP protocols. This argument is supported for Nat and Network Rule.
Space-separated list of protocols and port numbers to use, in PROTOCOL=PORT format. Valid protocols are Http, Https.
Space-separated list of source IP addresses.
Space-separated list of name or resource id of source IpGroups.
Space-separated list of FQDNs for this rule.
Space-separated list of target urls for this rule.
Translated address for this NAT rule collection.
Translated FQDN for this NAT rule collection.
Translated port for this NAT rule collection.
Space-separated list of web categories for this rule.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall policy rule-collection-group collection rule remove
Remove a rule from an Azure firewall policy rule collection.
Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.
az network firewall policy rule-collection-group collection rule remove --collection-name
--name
--policy-name
--rcg-name
--resource-groupRequired Parameters
The name of the rule collection in Firewall Policy Rule Collection Group.
The name of rule.
The name of the Firewall Policy.
The name of the Firewall Policy Rule Collection Group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall policy rule-collection-group collection rule update
Update a rule of an Azure firewall policy rule collection.
Filter collection supports having a list of network rules or application rules. NatRule collection supports including a list of nat rules.
az network firewall policy rule-collection-group collection rule update --collection-name
--name
--policy-name
--rcg-name
--resource-group
[--add]
[--description]
[--dest-addr]
[--dest-ipg]
[--destination-fqdns]
[--destination-ports]
[--enable-tls-insp {false, true}]
[--force-string]
[--fqdn-tags]
[--ip-protocols {Any, ICMP, TCP, UDP}]
[--protocols]
[--remove]
[--set]
[--source-addresses]
[--source-ip-groups]
[--target-fqdns]
[--target-urls]
[--translated-address]
[--translated-fqdn]
[--translated-port]
[--web-categories]Examples
Update a rule of an Azure firewall policy rule collection.
az network firewall policy rule-collection-group collection rule update -g {rg} --policy-name {policy} --rule-collection-group-name {rcg} --collection-name {cn} -n {rule_name} --target-fqdns XXXRequired Parameters
The name of the rule collection in Firewall Policy Rule Collection Group.
The name of rule.
The name of the Firewall Policy.
The name of the Firewall Policy Rule Collection Group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
The description of rule.
Space-separated list of destination IP addresses.
Space-separated list of name or resource id of destination IpGroups.
Space-separated list of destination FQDNs.
Space-separated list of destination ports. This argument is supported for Nat and Network Rule.
Enable flag to terminate TLS connection for this rule.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Space-separated list of FQDN tags for this rule.
Space-separated list of IP protocols. This argument is supported for Nat and Network Rule.
Space-separated list of protocols and port numbers to use, in PROTOCOL=PORT format. Valid protocols are Http, Https.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
Space-separated list of source IP addresses.
Space-separated list of name or resource id of source IpGroups.
Space-separated list of FQDNs for this rule.
Space-separated list of target urls for this rule.
Translated address for this NAT rule collection.
Translated FQDN for this NAT rule collection.
Translated port for this NAT rule collection.
Space-separated list of web categories for this rule.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ