diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfileGet.json b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfileGet.json new file mode 100644 index 000000000000..5e8c20ff9091 --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfileGet.json @@ -0,0 +1,124 @@ +{ + "parameters": { + "api-version": "2025-05-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy" + }, + "responses": { + "200": { + "body": { + "name": "firewallPolicy", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy", + "type": "Microsoft.Network/firewallPolicies", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "tags": { + "key1": "value1" + }, + "properties": { + "size": "0.5MB", + "provisioningState": "Succeeded", + "threatIntelMode": "Alert", + "threatIntelWhitelist": { + "ipAddresses": [ + "20.3.4.5" + ], + "fqdns": [ + "*.microsoft.com" + ] + }, + "ruleCollectionGroups": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1" + } + ], + "insights": { + "isEnabled": true, + "retentionDays": 100, + "logAnalyticsResources": { + "workspaces": [ + { + "region": "westus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1" + } + }, + { + "region": "eastus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2" + } + } + ], + "defaultWorkspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace" + } + } + }, + "firewalls": [], + "snat": { + "privateRanges": [ + "IANAPrivateRanges" + ] + }, + "sql": { + "allowSqlRedirect": true + }, + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + }, + "explicitProxy": { + "enableExplicitProxy": true, + "httpPort": 8087, + "httpsPort": 8087, + "enablePacFile": true, + "pacFilePort": 8087, + "pacFile": "https://tinawstorage.file.core.windows.net/?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwdlacuptfx&se=2021-06-04T07:01:12Z&st=2021-06-03T23:01:12Z&sip=68.65.171.11&spr=https&sig=Plsa0RRVpGbY0IETZZOT6znOHcSro71LLTTbzquYPgs%3D" + }, + "sku": { + "tier": "Premium" + }, + "intrusionDetection": { + "mode": "Alert", + "profile": "Core", + "configuration": { + "signatureOverrides": [ + { + "id": "2525004", + "mode": "Deny" + } + ], + "bypassTrafficSettings": [ + { + "name": "bypassRule1", + "description": "Rule 1", + "protocol": "TCP", + "sourceAddresses": [ + "1.2.3.4" + ], + "destinationAddresses": [ + "5.6.7.8" + ], + "destinationPorts": [ + "*" + ] + } + ] + } + }, + "transportSecurity": { + "certificateAuthority": { + "name": "clientcert", + "keyVaultSecretId": "https://kv/secret" + } + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfilePut.json b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfilePut.json new file mode 100644 index 000000000000..15562dc4e83b --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyIDPSProfilePut.json @@ -0,0 +1,344 @@ +{ + "parameters": { + "api-version": "2025-05-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": { + "tags": { + "key1": "value1" + }, + "location": "West US", + "properties": { + "threatIntelMode": "Alert", + "threatIntelWhitelist": { + "ipAddresses": [ + "20.3.4.5" + ], + "fqdns": [ + "*.microsoft.com" + ] + }, + "insights": { + "isEnabled": true, + "retentionDays": 100, + "logAnalyticsResources": { + "workspaces": [ + { + "region": "westus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1" + } + }, + { + "region": "eastus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2" + } + } + ], + "defaultWorkspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace" + } + } + }, + "snat": { + "privateRanges": [ + "IANAPrivateRanges" + ] + }, + "sql": { + "allowSqlRedirect": true + }, + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + }, + "explicitProxy": { + "enableExplicitProxy": true, + "httpPort": 8087, + "httpsPort": 8087, + "enablePacFile": true, + "pacFilePort": 8087, + "pacFile": "https://tinawstorage.file.core.windows.net/?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwdlacuptfx&se=2021-06-04T07:01:12Z&st=2021-06-03T23:01:12Z&sip=68.65.171.11&spr=https&sig=Plsa0RRVpGbY0IETZZOT6znOHcSro71LLTTbzquYPgs%3D" + }, + "sku": { + "tier": "Premium" + }, + "intrusionDetection": { + "mode": "Alert", + "profile": "Core", + "configuration": { + "signatureOverrides": [ + { + "id": "2525004", + "mode": "Deny" + } + ], + "bypassTrafficSettings": [ + { + "name": "bypassRule1", + "description": "Rule 1", + "protocol": "TCP", + "sourceAddresses": [ + "1.2.3.4" + ], + "destinationAddresses": [ + "5.6.7.8" + ], + "destinationPorts": [ + "*" + ] + } + ] + } + }, + "transportSecurity": { + "certificateAuthority": { + "name": "clientcert", + "keyVaultSecretId": "https://kv/secret" + } + } + } + } + }, + "responses": { + "200": { + "body": { + "name": "firewallPolicy", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy", + "type": "Microsoft.Network/firewallPolicies", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "tags": { + "key1": "value1" + }, + "properties": { + "size": "0.5MB", + "provisioningState": "Succeeded", + "threatIntelMode": "Alert", + "threatIntelWhitelist": { + "ipAddresses": [ + "20.3.4.5" + ], + "fqdns": [ + "*.microsoft.com" + ] + }, + "ruleCollectionGroups": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1" + }, + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup2" + } + ], + "insights": { + "isEnabled": true, + "retentionDays": 100, + "logAnalyticsResources": { + "workspaces": [ + { + "region": "westus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1" + } + }, + { + "region": "eastus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2" + } + } + ], + "defaultWorkspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace" + } + } + }, + "firewalls": [], + "snat": { + "privateRanges": [ + "IANAPrivateRanges" + ] + }, + "sql": { + "allowSqlRedirect": true + }, + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + }, + "explicitProxy": { + "enableExplicitProxy": true, + "httpPort": 8087, + "httpsPort": 8087, + "enablePacFile": true, + "pacFilePort": 8087, + "pacFile": "https://tinawstorage.file.core.windows.net/?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwdlacuptfx&se=2021-06-04T07:01:12Z&st=2021-06-03T23:01:12Z&sip=68.65.171.11&spr=https&sig=Plsa0RRVpGbY0IETZZOT6znOHcSro71LLTTbzquYPgs%3D" + }, + "sku": { + "tier": "Premium" + }, + "intrusionDetection": { + "mode": "Alert", + "profile": "Core", + "configuration": { + "signatureOverrides": [ + { + "id": "2525004", + "mode": "Deny" + } + ], + "bypassTrafficSettings": [ + { + "name": "bypassRule1", + "description": "Rule 1", + "protocol": "TCP", + "sourceAddresses": [ + "1.2.3.4" + ], + "destinationAddresses": [ + "5.6.7.8" + ], + "destinationPorts": [ + "*" + ] + } + ] + } + }, + "transportSecurity": { + "certificateAuthority": { + "name": "clientcert", + "keyVaultSecretId": "https://kv/secret" + } + } + } + } + }, + "201": { + "body": { + "name": "firewallPolicy", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy", + "type": "Microsoft.Network/firewallPolicies", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "tags": { + "key1": "value1" + }, + "properties": { + "size": "0.5MB", + "provisioningState": "Succeeded", + "threatIntelMode": "Alert", + "threatIntelWhitelist": { + "ipAddresses": [ + "20.3.4.5" + ], + "fqdns": [ + "*.microsoft.com" + ] + }, + "ruleCollectionGroups": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup1" + }, + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleCollectionGroups/ruleCollectionGroup2" + } + ], + "insights": { + "isEnabled": true, + "retentionDays": 100, + "logAnalyticsResources": { + "workspaces": [ + { + "region": "westus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1" + } + }, + { + "region": "eastus", + "workspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2" + } + } + ], + "defaultWorkspaceId": { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace" + } + } + }, + "firewalls": [], + "snat": { + "privateRanges": [ + "IANAPrivateRanges" + ] + }, + "sql": { + "allowSqlRedirect": true + }, + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + }, + "explicitProxy": { + "enableExplicitProxy": true, + "httpPort": 8087, + "httpsPort": 8087, + "enablePacFile": true, + "pacFilePort": 8087, + "pacFile": "https://tinawstorage.file.core.windows.net/?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwdlacuptfx&se=2021-06-04T07:01:12Z&st=2021-06-03T23:01:12Z&sip=68.65.171.11&spr=https&sig=Plsa0RRVpGbY0IETZZOT6znOHcSro71LLTTbzquYPgs%3D" + }, + "sku": { + "tier": "Premium" + }, + "intrusionDetection": { + "mode": "Alert", + "profile": "Core", + "configuration": { + "signatureOverrides": [ + { + "id": "2525004", + "mode": "Deny" + } + ], + "bypassTrafficSettings": [ + { + "name": "bypassRule1", + "description": "Rule 1", + "protocol": "TCP", + "sourceAddresses": [ + "1.2.3.4" + ], + "destinationAddresses": [ + "5.6.7.8" + ], + "destinationPorts": [ + "*" + ] + } + ] + } + }, + "transportSecurity": { + "certificateAuthority": { + "name": "clientcert", + "keyVaultSecretId": "https://kv/secret" + } + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyPut.json b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyPut.json index d585b4ea662d..15562dc4e83b 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyPut.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/examples/FirewallPolicyPut.json @@ -70,7 +70,7 @@ }, "intrusionDetection": { "mode": "Alert", - "profile": "Balanced", + "profile": "Core", "configuration": { "signatureOverrides": [ { @@ -188,7 +188,7 @@ }, "intrusionDetection": { "mode": "Alert", - "profile": "Balanced", + "profile": "Core", "configuration": { "signatureOverrides": [ { @@ -305,7 +305,7 @@ }, "intrusionDetection": { "mode": "Alert", - "profile": "Balanced", + "profile": "Core", "configuration": { "signatureOverrides": [ { diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/firewallPolicy.json index f5a220930dc2..3d77c5098227 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2025-05-01/firewallPolicy.json @@ -2239,11 +2239,11 @@ }, "FirewallPolicyIntrusionDetectionProfileOptions": { "type": "string", - "description": "Possible Intrusion Detection profile values.", + "description": "Specifies the Intrusion Detection signature profile to apply.\n\nValues:\n- Off: IDPS profiles disabled; uses the same signature set that existed before profiles.\n- Emerging: Signatures of the newest, most recent threats.\n- Core: Complete, modern, standard set of signatures.\n- Extended: Core signatures plus older legacy signatures for maximum coverage.", "enum": [ - "Basic", - "Standard", - "Advanced", + "Off", + "Emerging", + "Core", "Extended" ], "x-ms-enum": {