diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/azureFirewall.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/azureFirewall.json index 80d650cd7181..10346d879436 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/azureFirewall.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/azureFirewall.json @@ -126,6 +126,9 @@ }, "Get Azure Firewall With Zones": { "$ref": "./examples/AzureFirewallGetWithZones.json" + }, + "Get Azure Firewall With Additional Properties": { + "$ref": "./examples/AzureFirewallGetWithAdditionalProperties.json" } } }, @@ -189,6 +192,9 @@ }, "Create Azure Firewall in virtual Hub": { "$ref": "./examples/AzureFirewallPutInHub.json" + }, + "Create Azure Firewall With Additional Properties": { + "$ref": "./examples/AzureFirewallPutWithAdditionalProperties.json" } }, "x-ms-long-running-operation": true, @@ -450,6 +456,10 @@ "sku": { "description": "The Azure Firewall Resource SKU.", "$ref": "#/definitions/AzureFirewallSku" + }, + "additionalProperties": { + "$ref": "#/definitions/AzureFirewallAdditionalProperties", + "description": "The additional properties used to further config this azure firewall " } }, "description": "Properties of the Azure Firewall." @@ -510,6 +520,13 @@ "modelAsString": true } }, + "AzureFirewallAdditionalProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional properties of azure firewall" + }, "AzureFirewallApplicationRuleCollectionPropertiesFormat": { "properties": { "priority": { @@ -874,9 +891,9 @@ "destinationIpGroups": { "type": "array", "description": "List of destination IpGroups for this rule.", - "items": { + "items": { "type": "string" - } + } } }, "description": "Properties of the network rule." diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGet.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGet.json index 5004bf23be56..62df8a96d76f 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGet.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGet.json @@ -167,7 +167,8 @@ ] } } - ] + ], + "additionalProperties": {} } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithAdditionalProperties.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithAdditionalProperties.json new file mode 100644 index 000000000000..ce99ff9b08f9 --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithAdditionalProperties.json @@ -0,0 +1,179 @@ +{ + "parameters": { + "api-version": "2019-09-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "azureFirewallName": "azurefirewall" + }, + "responses": { + "200": { + "body": { + "name": "azurefirewall", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azurefirewall", + "type": "Microsoft.Network/azureFirewalls", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "zones": [], + "tags": { + "key1": "value1" + }, + "properties": { + "provisioningState": "Succeeded", + "sku": { + "name": "AZFW_VNet", + "tier": "Standard" + }, + "threatIntelMode": "Alert", + "ipConfigurations": [ + { + "name": "azureFirewallIpConfiguration", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azurefirewallgw/ipConfigurations/azureFirewallIpConfiguration", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "properties": { + "provisioningState": "Succeeded", + "privateIPAddress": "10.0.0.0", + "subnet": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/AzureFirewallSubnet" + }, + "publicIPAddress": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName" + } + } + } + ], + "applicationRuleCollections": [ + { + "name": "apprulecoll", + "properties": { + "priority": 110, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "rule1", + "description": "Deny inbound rule", + "protocols": [ + { + "protocolType": "Https", + "port": 443 + } + ], + "targetFqdns": [ + "www.test.com" + ], + "sourceAddresses": [ + "216.58.216.164", + "10.0.0.0/24" + ] + } + ] + } + } + ], + "natRuleCollections": [ + { + "name": "natrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Dnat" + }, + "rules": [ + { + "name": "DNAT-HTTPS-traffic", + "description": "D-NAT all outbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "443" + ], + "protocols": [ + "TCP" + ], + "translatedAddress": "1.2.3.5", + "translatedPort": "8443" + }, + { + "name": "DNAT-HTTP-traffic-With-FQDN", + "description": "D-NAT all inbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "80" + ], + "protocols": [ + "TCP" + ], + "translatedFqdn": "internalhttpserver", + "translatedPort": "880" + } + ] + } + } + ], + "networkRuleCollections": [ + { + "name": "netrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "L4-traffic", + "description": "Block traffic based on source IPs and ports", + "sourceAddresses": [ + "192.168.1.1-192.168.1.12", + "10.1.4.12-10.1.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationAddresses": [ + "*" + ], + "protocols": [ + "TCP" + ] + }, + { + "name": "L4-traffic-with-FQDN", + "description": "Block traffic based on source IPs and ports to amazon", + "sourceAddresses": [ + "10.2.4.12-10.2.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationFqdns": [ + "www.amazon.com" + ], + "protocols": [ + "TCP" + ] + } + ] + } + } + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithZones.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithZones.json index 0f5c66eb1dac..27a47d7d27fa 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithZones.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallGetWithZones.json @@ -171,7 +171,8 @@ ] } } - ] + ], + "additionalProperties": {} } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListByResourceGroup.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListByResourceGroup.json index c3e1d550083f..db50d51f4c18 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListByResourceGroup.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListByResourceGroup.json @@ -164,7 +164,11 @@ ] } } - ] + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } } } ] diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListBySubscription.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListBySubscription.json index 0f5287245681..d97ba6774d0a 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListBySubscription.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallListBySubscription.json @@ -163,7 +163,11 @@ ] } } - ] + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } } } ] diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPut.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPut.json index 24a1cd6aa037..df53e54cfdbb 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPut.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPut.json @@ -321,7 +321,8 @@ ] } } - ] + ], + "additionalProperties": {} } } }, @@ -486,7 +487,8 @@ ] } } - ] + ], + "additionalProperties": {} } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutInHub.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutInHub.json index 2a4cfee38526..1ce7938e2cf9 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutInHub.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutInHub.json @@ -57,7 +57,8 @@ } ], "privateIPAddress": "10.0.0.0" - } + }, + "additionalProperties": {} } } }, @@ -92,7 +93,8 @@ } ], "privateIPAddress": "10.0.0.0" - } + }, + "additionalProperties": {} } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithAdditionalProperties.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithAdditionalProperties.json new file mode 100644 index 000000000000..77dd548bbe9e --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithAdditionalProperties.json @@ -0,0 +1,506 @@ +{ + "parameters": { + "api-version": "2019-09-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "azureFirewallName": "azurefirewall", + "parameters": { + "tags": { + "key1": "value1" + }, + "location": "West US", + "zones": [], + "properties": { + "sku": { + "name": "AZFW_VNet", + "tier": "Standard" + }, + "threatIntelMode": "Alert", + "ipConfigurations": [ + { + "name": "azureFirewallIpConfiguration", + "properties": { + "subnet": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/AzureFirewallSubnet" + }, + "publicIPAddress": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName" + } + } + } + ], + "applicationRuleCollections": [ + { + "name": "apprulecoll", + "properties": { + "priority": 110, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "rule1", + "description": "Deny inbound rule", + "protocols": [ + { + "protocolType": "Https", + "port": 443 + } + ], + "targetFqdns": [ + "www.test.com" + ], + "sourceAddresses": [ + "216.58.216.164", + "10.0.0.0/24" + ] + } + ] + } + } + ], + "natRuleCollections": [ + { + "name": "natrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Dnat" + }, + "rules": [ + { + "name": "DNAT-HTTPS-traffic", + "description": "D-NAT all outbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "443" + ], + "protocols": [ + "TCP" + ], + "translatedAddress": "1.2.3.5", + "translatedPort": "8443" + }, + { + "name": "DNAT-HTTP-traffic-With-FQDN", + "description": "D-NAT all inbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "80" + ], + "protocols": [ + "TCP" + ], + "translatedFqdn": "internalhttpserver", + "translatedPort": "880" + } + ] + } + } + ], + "networkRuleCollections": [ + { + "name": "netrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "L4-traffic", + "description": "Block traffic based on source IPs and ports", + "sourceAddresses": [ + "192.168.1.1-192.168.1.12", + "10.1.4.12-10.1.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationAddresses": [ + "*" + ], + "protocols": [ + "TCP" + ] + }, + { + "name": "L4-traffic-with-FQDN", + "description": "Block traffic based on source IPs and ports to amazon", + "sourceAddresses": [ + "10.2.4.12-10.2.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationFqdns": [ + "www.amazon.com" + ], + "protocols": [ + "TCP" + ] + } + ] + } + } + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } + } + } + }, + "responses": { + "200": { + "body": { + "name": "azurefirewall", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azurefirewall", + "type": "Microsoft.Network/azureFirewalls", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "zones": [], + "tags": { + "key1": "value1" + }, + "properties": { + "provisioningState": "Succeeded", + "sku": { + "name": "AZFW_VNet", + "tier": "Standard" + }, + "threatIntelMode": "Alert", + "ipConfigurations": [ + { + "name": "azureFirewallIpConfiguration", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azfirewallgw/ipConfigurations/azureFirewallIpConfiguration", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "properties": { + "provisioningState": "Succeeded", + "privateIPAddress": "10.0.0.0", + "subnet": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/AzureFirewallSubnet" + }, + "publicIPAddress": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName" + } + } + } + ], + "applicationRuleCollections": [ + { + "name": "apprulecoll", + "properties": { + "priority": 110, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "rule1", + "description": "Deny inbound rule", + "protocols": [ + { + "protocolType": "Https", + "port": 443 + } + ], + "targetFqdns": [ + "www.test.com" + ], + "sourceAddresses": [ + "216.58.216.164", + "10.0.0.0/24" + ] + } + ] + } + } + ], + "natRuleCollections": [ + { + "name": "natrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Dnat" + }, + "rules": [ + { + "name": "DNAT-HTTPS-traffic", + "description": "D-NAT all outbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "443" + ], + "protocols": [ + "TCP" + ], + "translatedAddress": "1.2.3.5", + "translatedPort": "8443" + }, + { + "name": "DNAT-HTTP-traffic-With-FQDN", + "description": "D-NAT all inbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "80" + ], + "protocols": [ + "TCP" + ], + "translatedPort": "880", + "translatedFqdn": "internalhttpserver" + } + ] + } + } + ], + "networkRuleCollections": [ + { + "name": "netrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "L4-traffic", + "description": "Block traffic based on source IPs and ports", + "sourceAddresses": [ + "192.168.1.1-192.168.1.12", + "10.1.4.12-10.1.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationAddresses": [ + "*" + ], + "protocols": [ + "TCP" + ] + }, + { + "name": "L4-traffic-with-FQDN", + "description": "Block traffic based on source IPs and ports to amazon", + "sourceAddresses": [ + "10.2.4.12-10.2.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "protocols": [ + "TCP" + ], + "destinationFqdns": [ + "www.amazon.com" + ] + } + ] + } + } + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } + } + } + }, + "201": { + "body": { + "name": "azurefirewall", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azurefirewall", + "type": "Microsoft.Network/azureFirewalls", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "location": "West US", + "zones": [], + "tags": { + "key1": "value1" + }, + "properties": { + "provisioningState": "Succeeded", + "sku": { + "name": "AZFW_VNet", + "tier": "Standard" + }, + "threatIntelMode": "Alert", + "ipConfigurations": [ + { + "name": "azureFirewallIpConfiguration", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/azureFirewalls/azfirewallgw/ipConfigurations/azureFirewallIpConfiguration", + "etag": "w/\\00000000-0000-0000-0000-000000000000\\", + "properties": { + "provisioningState": "Succeeded", + "privateIPAddress": "10.0.0.0", + "subnet": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/AzureFirewallSubnet" + }, + "publicIPAddress": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName" + } + } + } + ], + "applicationRuleCollections": [ + { + "name": "apprulecoll", + "properties": { + "priority": 110, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "rule1", + "description": "Deny inbound rule", + "protocols": [ + { + "protocolType": "Https", + "port": 443 + } + ], + "targetFqdns": [ + "www.test.com" + ], + "sourceAddresses": [ + "216.58.216.164", + "10.0.0.0/24" + ] + } + ] + } + } + ], + "natRuleCollections": [ + { + "name": "natrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Dnat" + }, + "rules": [ + { + "name": "DNAT-HTTPS-traffic", + "description": "D-NAT all outbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "443" + ], + "protocols": [ + "TCP" + ], + "translatedAddress": "1.2.3.5", + "translatedPort": "8443" + }, + { + "name": "DNAT-HTTP-traffic-With-FQDN", + "description": "D-NAT all inbound web traffic for inspection", + "sourceAddresses": [ + "*" + ], + "destinationAddresses": [ + "1.2.3.4" + ], + "destinationPorts": [ + "80" + ], + "protocols": [ + "TCP" + ], + "translatedFqdn": "internalhttpserver", + "translatedPort": "880" + } + ] + } + } + ], + "networkRuleCollections": [ + { + "name": "netrulecoll", + "properties": { + "priority": 112, + "action": { + "type": "Deny" + }, + "rules": [ + { + "name": "L4-traffic", + "description": "Block traffic based on source IPs and ports", + "sourceAddresses": [ + "192.168.1.1-192.168.1.12", + "10.1.4.12-10.1.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationAddresses": [ + "*" + ], + "protocols": [ + "TCP" + ] + }, + { + "name": "L4-traffic-with-FQDN", + "description": "Block traffic based on source IPs and ports to amazon", + "sourceAddresses": [ + "10.2.4.12-10.2.4.255" + ], + "destinationPorts": [ + "443-444", + "8443" + ], + "destinationFqdns": [ + "www.amazon.com" + ], + "protocols": [ + "TCP" + ] + } + ] + } + } + ], + "additionalProperties": { + "key1": "value1", + "key2": "value2" + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithZones.json b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithZones.json index 95e739257009..661caaaf2b82 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithZones.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2019-09-01/examples/AzureFirewallPutWithZones.json @@ -329,7 +329,8 @@ ] } } - ] + ], + "additionalProperties": {} } } }, @@ -498,7 +499,8 @@ ] } } - ] + ], + "additionalProperties": {} } } }