Microsoft.Network firewallPolicies 2019-11-01

Template format

To create a Microsoft.Network/firewallPolicies resource, add the following JSON to the resources section of your template.

  "name": "string",
  "type": "Microsoft.Network/firewallPolicies",
  "apiVersion": "2019-11-01",
  "location": "string",
  "tags": {},
  "properties": {
    "basePolicy": {
      "id": "string"
    "threatIntelMode": "string"
  "resources": []

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/firewallPolicies object

Name Type Required Value
name string Yes The name of the Firewall Policy.
type enum Yes Microsoft.Network/firewallPolicies
apiVersion enum Yes 2019-11-01
location string Yes Resource location.
tags object No Resource tags.
properties object Yes Properties of the firewall policy. - FirewallPolicyPropertiesFormat object
resources array No ruleGroups

FirewallPolicyPropertiesFormat object

Name Type Required Value
basePolicy object No The parent firewall policy from which rules are inherited. - SubResource object
threatIntelMode enum No The operation mode for Threat Intelligence. - Alert, Deny, Off

SubResource object

Name Type Required Value
id string No Resource ID.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create a Firewall with FirewallPolicy and IpGroups

Deploy to Azure
This template creates an Azure Firewall with FirewalllPolicy referencing Network Rules with IpGroups. Also, includes a Linux Jumpbox vm setup
Create a sandbox setup with Firewall Policy

Deploy to Azure
This template creates a virtual network with 3 subnets (server subnet, jumpbox subet and AzureFirewall subnet), a jumpbox VM with public IP, A server VM, UDR route to point to Azure Firewall for the Server Subnet and an Azure Firewall with 1 or more Public IP addresses. Also creates a Firewall policy with 1 sample application rule, 1 sample network rule and default private ranges
Secured virtual hubs

Deploy to Azure
This template creates a secured virtual hub using Azure Firewall to secure your cloud network traffic destined to the Internet.