Microsoft.Network firewallPolicies 2020-04-01

Template format

To create a Microsoft.Network/firewallPolicies resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/firewallPolicies",
  "apiVersion": "2020-04-01",
  "location": "string",
  "tags": {},
  "properties": {
    "basePolicy": {
      "id": "string"
    },
    "threatIntelMode": "string",
    "threatIntelWhitelist": {
      "ipAddresses": [
        "string"
      ],
      "fqdns": [
        "string"
      ]
    }
  },
  "resources": []
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/firewallPolicies object

Name Type Required Value
name string Yes The name of the Firewall Policy.
type enum Yes Microsoft.Network/firewallPolicies
apiVersion enum Yes 2020-04-01
location string Yes Resource location.
tags object No Resource tags.
properties object Yes Properties of the firewall policy. - FirewallPolicyPropertiesFormat object
resources array No ruleGroups

FirewallPolicyPropertiesFormat object

Name Type Required Value
basePolicy object No The parent firewall policy from which rules are inherited. - SubResource object
threatIntelMode enum No The operation mode for Threat Intelligence. - Alert, Deny, Off
threatIntelWhitelist object No ThreatIntel Whitelist for Firewall Policy. - FirewallPolicyThreatIntelWhitelist object

SubResource object

Name Type Required Value
id string No Resource ID.

FirewallPolicyThreatIntelWhitelist object

Name Type Required Value
ipAddresses array No List of IP addresses for the ThreatIntel Whitelist. - string
fqdns array No List of FQDNs for the ThreatIntel Whitelist. - string

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create a Firewall with FirewallPolicy and IpGroups

Deploy to Azure
This template creates an Azure Firewall with FirewalllPolicy referencing Network Rules with IpGroups. Also, includes a Linux Jumpbox vm setup
Create a sandbox setup with Firewall Policy

Deploy to Azure
This template creates a virtual network with 3 subnets (server subnet, jumpbox subet and AzureFirewall subnet), a jumpbox VM with public IP, A server VM, UDR route to point to Azure Firewall for the Server Subnet and an Azure Firewall with 1 or more Public IP addresses. Also creates a Firewall policy with 1 sample application rule, 1 sample network rule and default private ranges
Secured virtual hubs

Deploy to Azure
This template creates a secured virtual hub using Azure Firewall to secure your cloud network traffic destined to the Internet.