diff --git a/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.json b/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.json index 9e797db56..35fde0ee3 100644 --- a/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.json +++ b/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.json @@ -1 +1 @@ -{"plane": "mgmt-plane", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "commandGroups": [{"name": "network firewall policy", "commands": [{"name": "show", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"type": "string", "var": "$Query.expand", "options": ["expand"], "group": "", "help": {"short": "Expands referenced resources. Default value is None."}}]}], "operations": [{"operationId": "FirewallPolicies_Get", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"params": [{"type": "string", "name": "$expand", "arg": "$Query.expand"}], "consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}, {"name": "delete", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}]}], "operations": [{"longRunning": {"finalStateVia": "location"}, "operationId": "FirewallPolicies_Delete", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "delete", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200]}, {"statusCode": [202]}, {"statusCode": [204]}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "confirmation": ""}, {"name": "create", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"type": "ResourceLocation", "var": "$parameters.location", "options": ["l", "location"], "group": "", "help": {"short": "Location. Values from: `az account list-locations`. You can configure the default location using `az configure --defaults location=`."}}, {"type": "string", "var": "$parameters.properties.basePolicy.id", "options": ["base-policy"], "group": "", "help": {"short": "The name or ID of parent firewall policy from which rules are inherited."}}, {"type": "string", "var": "$parameters.properties.sku.tier", "options": ["sku"], "group": "", "help": {"short": "SKU of Firewall policy."}, "enum": {"items": [{"name": "Basic", "value": "Basic"}, {"name": "Premium", "value": "Premium"}, {"name": "Standard", "value": "Standard"}]}}, {"type": "boolean", "var": "$parameters.properties.sql.allowSqlRedirect", "options": ["sql"], "group": "", "help": {"short": "A flag to indicate if SQL Redirect traffic filtering is enabled."}}, {"type": "string", "var": "$parameters.properties.threatIntelMode", "options": ["threat-intel-mode"], "group": "", "help": {"short": "The operation mode for Threat Intelligence."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}, {"type": "object", "var": "$parameters.tags", "options": ["tags"], "group": "", "help": {"short": "Space-separated tags: key[=value] [key[=value] ...]. Use \"\" to clear existing tags."}, "additionalProps": {"item": {"type": "string"}}}]}, {"name": "DNS", "args": [{"type": "boolean", "var": "$parameters.properties.dnsSettings.enableProxy", "options": ["enable-dns-proxy"], "group": "DNS", "help": {"short": "Enable DNS Proxy."}}, {"type": "array", "var": "$parameters.properties.dnsSettings.servers", "options": ["dns-servers"], "group": "DNS", "help": {"short": "Space-separated list of DNS server IP addresses."}, "item": {"type": "string"}}]}, {"name": "DnsSettings", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.requireProxyForNetworkRules", "options": ["require-proxy-for-network-rules"], "hide": true, "group": "DnsSettings", "help": {"short": "FQDNs in Network Rules are supported when set to true."}}]}, {"name": "Identity Instance", "args": [{"type": "string", "var": "$parameters.identity.type", "options": ["identity-type"], "group": "Identity Instance", "help": {"short": "The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine."}, "enum": {"items": [{"name": "None", "value": "None"}, {"name": "SystemAssigned", "value": "SystemAssigned"}, {"name": "SystemAssigned, UserAssigned", "value": "SystemAssigned, UserAssigned"}, {"name": "UserAssigned", "value": "UserAssigned"}]}}, {"type": "object", "var": "$parameters.identity.userAssignedIdentities", "options": ["user-assigned-identities"], "group": "Identity Instance", "help": {"short": "The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'."}, "additionalProps": {"item": {"blank": {"value": {}}, "type": "object"}}}]}, {"name": "IntrusionDetection", "args": [{"type": "object", "var": "$parameters.properties.intrusionDetection.configuration", "options": ["configuration"], "hide": true, "group": "IntrusionDetection", "help": {"short": "Intrusion detection configuration properties."}, "args": [{"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "options": ["bypass-traffic-settings"], "help": {"short": "List of rules for traffic to bypass."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description", "options": ["description"], "help": {"short": "Description of the bypass traffic rule."}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "options": ["destination-addresses"], "help": {"short": "List of destination IP addresses or ranges for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "options": ["destination-ip-groups"], "help": {"short": "List of destination IpGroups for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "options": ["destination-ports"], "help": {"short": "List of destination ports or ranges."}, "item": {"type": "string"}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name", "options": ["name"], "help": {"short": "Name of the bypass traffic rule."}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "options": ["protocol"], "help": {"short": "The rule bypass protocol."}, "enum": {"items": [{"name": "ANY", "value": "ANY"}, {"name": "ICMP", "value": "ICMP"}, {"name": "TCP", "value": "TCP"}, {"name": "UDP", "value": "UDP"}]}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "options": ["source-addresses"], "help": {"short": "List of source IP addresses or ranges for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "options": ["source-ip-groups"], "help": {"short": "List of source IpGroups for this rule."}, "item": {"type": "string"}}]}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.privateRanges", "options": ["private-ranges"], "help": {"short": "IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property"}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "options": ["signature-overrides"], "help": {"short": "List of specific signatures states."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id", "options": ["id"], "help": {"short": "Signature id."}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "options": ["mode"], "help": {"short": "The signature state."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}}]}]}, {"name": "Intrustion Detection", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.mode", "options": ["idps-mode"], "group": "Intrustion Detection", "help": {"short": "IDPS mode."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}, {"name": "Parameters", "args": [{"type": "ResourceId", "var": "$parameters.id", "options": ["id"], "hide": true, "group": "Parameters", "help": {"short": "Resource ID."}, "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}]}, {"name": "Properties", "args": [{"type": "object", "var": "$parameters.properties.explicitProxy", "options": ["explicit-proxy"], "hide": true, "group": "Properties", "help": {"short": "Explicit Proxy Settings definition."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enableExplicitProxy", "options": ["enable-explicit-proxy"], "help": {"short": "When set to true, explicit proxy mode is enabled."}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enablePacFile", "options": ["enable-pac-file"], "help": {"short": "When set to true, pac file port and url needs to be provided."}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.httpPort", "options": ["http-port"], "help": {"short": "Port number for explicit proxy http protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.httpsPort", "options": ["https-port"], "help": {"short": "Port number for explicit proxy https protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "var": "$parameters.properties.explicitProxy.pacFile", "options": ["pac-file"], "help": {"short": "SAS URL for PAC file."}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.pacFilePort", "options": ["pac-file-port"], "help": {"short": "Port number for firewall to serve PAC file."}, "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "var": "$parameters.properties.insights", "options": ["insights"], "hide": true, "group": "Properties", "help": {"short": "Insights on Firewall Policy."}, "args": [{"type": "boolean", "var": "$parameters.properties.insights.isEnabled", "options": ["is-enabled"], "help": {"short": "A flag to indicate if the insights are enabled on the policy."}}, {"type": "object", "var": "$parameters.properties.insights.logAnalyticsResources", "options": ["log-analytics-resources"], "help": {"short": "Workspaces needed to configure the Firewall Policy Insights."}, "args": [{"type": "object", "var": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "options": ["default-workspace-id"], "help": {"short": "The default workspace Id for Firewall Policy Insights."}, "args": [{"type": "string", "var": "@SubResource_create.id", "options": ["id"], "help": {"short": "Resource ID."}}], "cls": "SubResource_create"}, {"type": "array", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces", "options": ["workspaces"], "help": {"short": "List of workspaces for Firewall Policy Insights."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region", "options": ["region"], "help": {"short": "Region to configure the Workspace."}}, {"type": "@SubResource_create", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId", "options": ["workspace-id"], "help": {"short": "The workspace Id for Firewall Policy Insights."}}]}}]}, {"type": "integer32", "var": "$parameters.properties.insights.retentionDays", "options": ["retention-days"], "help": {"short": "Number of days the insights should be enabled on the policy."}}]}]}, {"name": "Snat", "args": [{"type": "string", "var": "$parameters.properties.snat.autoLearnPrivateRanges", "options": ["learn-ranges", "auto-learn-private-ranges"], "group": "Snat", "help": {"short": "The operation mode for automatically learning private ranges to not be SNAT"}, "enum": {"items": [{"name": "Disabled", "value": "Disabled"}, {"name": "Enabled", "value": "Enabled"}]}}, {"type": "array", "var": "$parameters.properties.snat.privateRanges", "options": ["private-ranges"], "group": "Snat", "help": {"short": "List of private IP addresses/IP address ranges to not be SNAT."}, "item": {"type": "string"}}]}, {"name": "TLS Inspection", "args": [{"type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId", "options": ["key-vault-secret-id"], "group": "TLS Inspection", "help": {"short": "Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault."}}, {"type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.name", "options": ["cert-name"], "group": "TLS Inspection", "help": {"short": "Name of the CA certificate."}}]}, {"name": "Threat Intel Allowlist", "args": [{"type": "array", "var": "$parameters.properties.threatIntelWhitelist.fqdns", "options": ["fqdns"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of FQDNs."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.threatIntelWhitelist.ipAddresses", "options": ["ip-addresses"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of IPv4 addresses."}, "item": {"type": "string"}}]}], "operations": [{"longRunning": {"finalStateVia": "azure-async-operation"}, "operationId": "FirewallPolicies_CreateOrUpdate", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}, "body": {"json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "ResourceId", "name": "id", "arg": "$parameters.id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"type": "string", "name": "type", "arg": "$parameters.identity.type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "arg": "$parameters.identity.userAssignedIdentities", "additionalProps": {"item": {"type": "object"}}}]}, {"type": "ResourceLocation", "name": "location", "arg": "$parameters.location"}, {"type": "object", "name": "properties", "props": [{"type": "object", "name": "basePolicy", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.basePolicy.id"}]}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy", "arg": "$parameters.properties.dnsSettings.enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules", "arg": "$parameters.properties.dnsSettings.requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "arg": "$parameters.properties.dnsSettings.servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "arg": "$parameters.properties.explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy", "arg": "$parameters.properties.explicitProxy.enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile", "arg": "$parameters.properties.explicitProxy.enablePacFile"}, {"type": "integer32", "name": "httpPort", "arg": "$parameters.properties.explicitProxy.httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "arg": "$parameters.properties.explicitProxy.httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile", "arg": "$parameters.properties.explicitProxy.pacFile"}, {"type": "integer32", "name": "pacFilePort", "arg": "$parameters.properties.explicitProxy.pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "name": "insights", "arg": "$parameters.properties.insights", "props": [{"type": "boolean", "name": "isEnabled", "arg": "$parameters.properties.insights.isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "arg": "$parameters.properties.insights.logAnalyticsResources", "props": [{"type": "object", "name": "defaultWorkspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "props": [{"type": "string", "name": "id", "arg": "@SubResource_create.id"}], "cls": "SubResource_create"}, {"type": "array", "name": "workspaces", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region"}, {"type": "@SubResource_create", "name": "workspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays", "arg": "$parameters.properties.insights.retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "arg": "$parameters.properties.intrusionDetection.configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description"}, {"type": "array", "name": "destinationAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name"}, {"type": "string", "name": "protocol", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.intrusionDetection.configuration.privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id"}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "arg": "$parameters.properties.sku.tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "arg": "$parameters.properties.snat.autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.snat.privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect", "arg": "$parameters.properties.sql.allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "arg": "$parameters.properties.threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "arg": "$parameters.properties.threatIntelWhitelist.fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "arg": "$parameters.properties.threatIntelWhitelist.ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId", "arg": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId"}, {"type": "string", "name": "name", "arg": "$parameters.properties.transportSecurity.certificateAuthority.name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "arg": "$parameters.tags", "additionalProps": {"item": {"type": "string"}}}], "clientFlatten": true}}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}, {"name": "update", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"nullable": true, "type": "ResourceLocation", "var": "$parameters.location", "options": ["l", "location"], "hide": true, "group": "", "help": {"short": "Location. Values from: `az account list-locations`. You can configure the default location using `az configure --defaults location=`."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.basePolicy.id", "options": ["base-policy"], "hide": true, "group": "", "help": {"short": "The name or ID of parent firewall policy from which rules are inherited."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.sku.tier", "options": ["sku"], "group": "", "help": {"short": "SKU of Firewall policy."}, "enum": {"items": [{"name": "Basic", "value": "Basic"}, {"name": "Premium", "value": "Premium"}, {"name": "Standard", "value": "Standard"}]}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.sql.allowSqlRedirect", "options": ["sql"], "group": "", "help": {"short": "A flag to indicate if SQL Redirect traffic filtering is enabled."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.threatIntelMode", "options": ["threat-intel-mode"], "group": "", "help": {"short": "The operation mode for Threat Intelligence."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}, {"nullable": true, "type": "object", "var": "$parameters.tags", "options": ["tags"], "group": "", "help": {"short": "Space-separated tags: key[=value] [key[=value] ...]. Use \"\" to clear existing tags."}, "additionalProps": {"item": {"nullable": true, "type": "string"}}}]}, {"name": "DNS", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.enableProxy", "options": ["enable-dns-proxy"], "group": "DNS", "help": {"short": "Enable DNS Proxy."}}, {"nullable": true, "type": "array", "var": "$parameters.properties.dnsSettings.servers", "options": ["dns-servers"], "group": "DNS", "help": {"short": "Space-separated list of DNS server IP addresses."}, "item": {"nullable": true, "type": "string"}}]}, {"name": "DnsSettings", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.requireProxyForNetworkRules", "options": ["require-proxy-for-network-rules"], "hide": true, "group": "DnsSettings", "help": {"short": "FQDNs in Network Rules are supported when set to true."}}]}, {"name": "Identity Instance", "args": [{"nullable": true, "type": "string", "var": "$parameters.identity.type", "options": ["identity-type"], "group": "Identity Instance", "help": {"short": "The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine."}, "enum": {"items": [{"name": "None", "value": "None"}, {"name": "SystemAssigned", "value": "SystemAssigned"}, {"name": "SystemAssigned, UserAssigned", "value": "SystemAssigned, UserAssigned"}, {"name": "UserAssigned", "value": "UserAssigned"}]}}, {"nullable": true, "type": "object", "var": "$parameters.identity.userAssignedIdentities", "options": ["user-assigned-identities"], "group": "Identity Instance", "help": {"short": "The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'."}, "additionalProps": {"item": {"nullable": true, "blank": {"value": {}}, "type": "object"}}}]}, {"name": "IntrusionDetection", "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.intrusionDetection.configuration", "options": ["configuration"], "group": "IntrusionDetection", "help": {"short": "Intrusion detection configuration properties."}, "args": [{"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "options": ["bypass-traffic-settings"], "help": {"short": "List of rules for traffic to bypass."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description", "options": ["description"], "help": {"short": "Description of the bypass traffic rule."}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "options": ["destination-addresses"], "help": {"short": "List of destination IP addresses or ranges for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "options": ["destination-ip-groups"], "help": {"short": "List of destination IpGroups for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "options": ["destination-ports"], "help": {"short": "List of destination ports or ranges."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name", "options": ["name"], "help": {"short": "Name of the bypass traffic rule."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "options": ["protocol"], "help": {"short": "The rule bypass protocol."}, "enum": {"items": [{"name": "ANY", "value": "ANY"}, {"name": "ICMP", "value": "ICMP"}, {"name": "TCP", "value": "TCP"}, {"name": "UDP", "value": "UDP"}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "options": ["source-addresses"], "help": {"short": "List of source IP addresses or ranges for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "options": ["source-ip-groups"], "help": {"short": "List of source IpGroups for this rule."}, "item": {"nullable": true, "type": "string"}}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.privateRanges", "options": ["private-ranges"], "help": {"short": "IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property"}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "options": ["signature-overrides"], "help": {"short": "List of specific signatures states."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id", "options": ["id"], "help": {"short": "Signature id."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "options": ["mode"], "help": {"short": "The signature state."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}}]}]}, {"name": "Intrustion Detection", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.mode", "options": ["idps-mode"], "group": "Intrustion Detection", "help": {"short": "IDPS mode."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}, {"name": "Parameters", "args": [{"nullable": true, "type": "ResourceId", "var": "$parameters.id", "options": ["id"], "hide": true, "group": "Parameters", "help": {"short": "Resource ID."}, "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}]}, {"name": "Properties", "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.explicitProxy", "options": ["explicit-proxy"], "hide": true, "group": "Properties", "help": {"short": "Explicit Proxy Settings definition."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enableExplicitProxy", "options": ["enable-explicit-proxy"], "help": {"short": "When set to true, explicit proxy mode is enabled."}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enablePacFile", "options": ["enable-pac-file"], "help": {"short": "When set to true, pac file port and url needs to be provided."}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.httpPort", "options": ["http-port"], "help": {"short": "Port number for explicit proxy http protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.httpsPort", "options": ["https-port"], "help": {"short": "Port number for explicit proxy https protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"nullable": true, "type": "string", "var": "$parameters.properties.explicitProxy.pacFile", "options": ["pac-file"], "help": {"short": "SAS URL for PAC file."}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.pacFilePort", "options": ["pac-file-port"], "help": {"short": "Port number for firewall to serve PAC file."}, "format": {"maximum": 64000, "minimum": 0}}]}, {"nullable": true, "type": "object", "var": "$parameters.properties.insights", "options": ["insights"], "hide": true, "group": "Properties", "help": {"short": "Insights on Firewall Policy."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.insights.isEnabled", "options": ["is-enabled"], "help": {"short": "A flag to indicate if the insights are enabled on the policy."}}, {"nullable": true, "type": "object", "var": "$parameters.properties.insights.logAnalyticsResources", "options": ["log-analytics-resources"], "help": {"short": "Workspaces needed to configure the Firewall Policy Insights."}, "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "options": ["default-workspace-id"], "help": {"short": "The default workspace Id for Firewall Policy Insights."}, "args": [{"nullable": true, "type": "string", "var": "@SubResource_update.id", "options": ["id"], "help": {"short": "Resource ID."}}], "cls": "SubResource_update"}, {"nullable": true, "type": "array", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces", "options": ["workspaces"], "help": {"short": "List of workspaces for Firewall Policy Insights."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region", "options": ["region"], "help": {"short": "Region to configure the Workspace."}}, {"nullable": true, "type": "@SubResource_update", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId", "options": ["workspace-id"], "help": {"short": "The workspace Id for Firewall Policy Insights."}}]}}]}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.insights.retentionDays", "options": ["retention-days"], "help": {"short": "Number of days the insights should be enabled on the policy."}}]}]}, {"name": "Snat", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.snat.autoLearnPrivateRanges", "options": ["learn-ranges", "auto-learn-private-ranges"], "group": "Snat", "help": {"short": "The operation mode for automatically learning private ranges to not be SNAT"}, "enum": {"items": [{"name": "Disabled", "value": "Disabled"}, {"name": "Enabled", "value": "Enabled"}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.snat.privateRanges", "options": ["private-ranges"], "group": "Snat", "help": {"short": "List of private IP addresses/IP address ranges to not be SNAT."}, "item": {"nullable": true, "type": "string"}}]}, {"name": "TLS Inspection", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId", "options": ["key-vault-secret-id"], "group": "TLS Inspection", "help": {"short": "Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.name", "options": ["cert-name"], "group": "TLS Inspection", "help": {"short": "Name of the CA certificate."}}]}, {"name": "Threat Intel Allowlist", "args": [{"nullable": true, "type": "array", "var": "$parameters.properties.threatIntelWhitelist.fqdns", "options": ["fqdns"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of FQDNs."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.threatIntelWhitelist.ipAddresses", "options": ["ip-addresses"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of IPv4 addresses."}, "item": {"nullable": true, "type": "string"}}]}], "operations": [{"operationId": "FirewallPolicies_Get", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}], "cls": "FirewallPolicy_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}, {"instanceUpdate": {"ref": "$Instance", "json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "ResourceId", "name": "id", "arg": "$parameters.id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"type": "string", "name": "type", "arg": "$parameters.identity.type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "arg": "$parameters.identity.userAssignedIdentities", "additionalProps": {"item": {"type": "object"}}}]}, {"type": "ResourceLocation", "name": "location", "arg": "$parameters.location"}, {"type": "object", "name": "properties", "props": [{"type": "object", "name": "basePolicy", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.basePolicy.id"}]}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy", "arg": "$parameters.properties.dnsSettings.enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules", "arg": "$parameters.properties.dnsSettings.requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "arg": "$parameters.properties.dnsSettings.servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "arg": "$parameters.properties.explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy", "arg": "$parameters.properties.explicitProxy.enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile", "arg": "$parameters.properties.explicitProxy.enablePacFile"}, {"type": "integer32", "name": "httpPort", "arg": "$parameters.properties.explicitProxy.httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "arg": "$parameters.properties.explicitProxy.httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile", "arg": "$parameters.properties.explicitProxy.pacFile"}, {"type": "integer32", "name": "pacFilePort", "arg": "$parameters.properties.explicitProxy.pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "name": "insights", "arg": "$parameters.properties.insights", "props": [{"type": "boolean", "name": "isEnabled", "arg": "$parameters.properties.insights.isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "arg": "$parameters.properties.insights.logAnalyticsResources", "props": [{"type": "object", "name": "defaultWorkspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "props": [{"type": "string", "name": "id", "arg": "@SubResource_update.id"}], "cls": "SubResource_update"}, {"type": "array", "name": "workspaces", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region"}, {"type": "@SubResource_update", "name": "workspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays", "arg": "$parameters.properties.insights.retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "arg": "$parameters.properties.intrusionDetection.configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description"}, {"type": "array", "name": "destinationAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name"}, {"type": "string", "name": "protocol", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.intrusionDetection.configuration.privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id"}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "arg": "$parameters.properties.sku.tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "arg": "$parameters.properties.snat.autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.snat.privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect", "arg": "$parameters.properties.sql.allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "arg": "$parameters.properties.threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "arg": "$parameters.properties.threatIntelWhitelist.fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "arg": "$parameters.properties.threatIntelWhitelist.ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId", "arg": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId"}, {"type": "string", "name": "name", "arg": "$parameters.properties.transportSecurity.certificateAuthority.name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "arg": "$parameters.tags", "additionalProps": {"item": {"type": "string"}}}], "clientFlatten": true}}}}, {"longRunning": {"finalStateVia": "azure-async-operation"}, "operationId": "FirewallPolicies_CreateOrUpdate", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}, "body": {"json": {"ref": "$Instance"}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "@FirewallPolicy_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}]}]} \ No newline at end of file +{"plane": "mgmt-plane", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "commandGroups": [{"name": "network firewall policy", "commands": [{"name": "show", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"type": "string", "var": "$Query.expand", "options": ["expand"], "group": "", "help": {"short": "Expands referenced resources. Default value is None."}}]}], "operations": [{"operationId": "FirewallPolicies_Get", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"params": [{"type": "string", "name": "$expand", "arg": "$Query.expand"}], "consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}, {"name": "delete", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}]}], "operations": [{"longRunning": {"finalStateVia": "location"}, "operationId": "FirewallPolicies_Delete", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "delete", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200]}, {"statusCode": [202]}, {"statusCode": [204]}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "confirmation": ""}, {"name": "create", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"type": "ResourceLocation", "var": "$parameters.location", "options": ["l", "location"], "group": "", "help": {"short": "Location. Values from: `az account list-locations`. You can configure the default location using `az configure --defaults location=`."}}, {"type": "string", "var": "$parameters.properties.basePolicy.id", "options": ["base-policy"], "group": "", "help": {"short": "The name or ID of parent firewall policy from which rules are inherited."}}, {"type": "string", "var": "$parameters.properties.sku.tier", "options": ["sku"], "stage": "Preview", "group": "", "help": {"short": "SKU of Firewall policy."}, "enum": {"items": [{"name": "Basic", "value": "Basic"}, {"name": "Premium", "value": "Premium"}, {"name": "Standard", "value": "Standard"}]}}, {"type": "boolean", "var": "$parameters.properties.sql.allowSqlRedirect", "options": ["sql"], "stage": "Preview", "group": "", "help": {"short": "A flag to indicate if SQL Redirect traffic filtering is enabled."}}, {"type": "string", "var": "$parameters.properties.threatIntelMode", "options": ["threat-intel-mode"], "group": "", "help": {"short": "The operation mode for Threat Intelligence."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}, {"type": "object", "var": "$parameters.tags", "options": ["tags"], "group": "", "help": {"short": "Space-separated tags: key[=value] [key[=value] ...]. Use \"\" to clear existing tags."}, "additionalProps": {"item": {"type": "string"}}}]}, {"name": "DNS", "args": [{"type": "boolean", "var": "$parameters.properties.dnsSettings.enableProxy", "options": ["enable-dns-proxy"], "group": "DNS", "help": {"short": "Enable DNS Proxy."}}, {"type": "array", "var": "$parameters.properties.dnsSettings.servers", "options": ["dns-servers"], "group": "DNS", "help": {"short": "Space-separated list of DNS server IP addresses."}, "item": {"type": "string"}}]}, {"name": "DnsSettings", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.requireProxyForNetworkRules", "options": ["require-proxy-for-network-rules"], "hide": true, "group": "DnsSettings", "help": {"short": "FQDNs in Network Rules are supported when set to true."}}]}, {"name": "Identity Instance", "args": [{"type": "string", "var": "$parameters.identity.type", "options": ["identity-type"], "group": "Identity Instance", "help": {"short": "The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine."}, "enum": {"items": [{"name": "None", "value": "None"}, {"name": "SystemAssigned", "value": "SystemAssigned"}, {"name": "SystemAssigned, UserAssigned", "value": "SystemAssigned, UserAssigned"}, {"name": "UserAssigned", "value": "UserAssigned"}]}}, {"type": "object", "var": "$parameters.identity.userAssignedIdentities", "options": ["user-assigned-identities"], "group": "Identity Instance", "help": {"short": "The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'."}, "additionalProps": {"item": {"blank": {"value": {}}, "type": "object"}}}]}, {"name": "IntrusionDetection", "args": [{"type": "object", "var": "$parameters.properties.intrusionDetection.configuration", "options": ["configuration"], "hide": true, "group": "IntrusionDetection", "help": {"short": "Intrusion detection configuration properties."}, "args": [{"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "options": ["bypass-traffic-settings"], "help": {"short": "List of rules for traffic to bypass."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description", "options": ["description"], "help": {"short": "Description of the bypass traffic rule."}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "options": ["destination-addresses"], "help": {"short": "List of destination IP addresses or ranges for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "options": ["destination-ip-groups"], "help": {"short": "List of destination IpGroups for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "options": ["destination-ports"], "help": {"short": "List of destination ports or ranges."}, "item": {"type": "string"}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name", "options": ["name"], "help": {"short": "Name of the bypass traffic rule."}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "options": ["protocol"], "help": {"short": "The rule bypass protocol."}, "enum": {"items": [{"name": "ANY", "value": "ANY"}, {"name": "ICMP", "value": "ICMP"}, {"name": "TCP", "value": "TCP"}, {"name": "UDP", "value": "UDP"}]}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "options": ["source-addresses"], "help": {"short": "List of source IP addresses or ranges for this rule."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "options": ["source-ip-groups"], "help": {"short": "List of source IpGroups for this rule."}, "item": {"type": "string"}}]}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.privateRanges", "options": ["private-ranges"], "help": {"short": "IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property"}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "options": ["signature-overrides"], "help": {"short": "List of specific signatures states."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id", "options": ["id"], "help": {"short": "Signature id."}}, {"type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "options": ["mode"], "help": {"short": "The signature state."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}}]}]}, {"name": "Intrustion Detection", "args": [{"type": "string", "var": "$parameters.properties.intrusionDetection.mode", "options": ["idps-mode"], "stage": "Preview", "group": "Intrustion Detection", "help": {"short": "IDPS mode."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}, {"name": "Parameters", "args": [{"type": "ResourceId", "var": "$parameters.id", "options": ["id"], "hide": true, "group": "Parameters", "help": {"short": "Resource ID."}, "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}]}, {"name": "Properties", "args": [{"type": "object", "var": "$parameters.properties.explicitProxy", "options": ["explicit-proxy"], "hide": true, "group": "Properties", "help": {"short": "Explicit Proxy Settings definition."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enableExplicitProxy", "options": ["enable-explicit-proxy"], "help": {"short": "When set to true, explicit proxy mode is enabled."}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enablePacFile", "options": ["enable-pac-file"], "help": {"short": "When set to true, pac file port and url needs to be provided."}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.httpPort", "options": ["http-port"], "help": {"short": "Port number for explicit proxy http protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.httpsPort", "options": ["https-port"], "help": {"short": "Port number for explicit proxy https protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "var": "$parameters.properties.explicitProxy.pacFile", "options": ["pac-file"], "help": {"short": "SAS URL for PAC file."}}, {"type": "integer32", "var": "$parameters.properties.explicitProxy.pacFilePort", "options": ["pac-file-port"], "help": {"short": "Port number for firewall to serve PAC file."}, "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "var": "$parameters.properties.insights", "options": ["insights"], "hide": true, "group": "Properties", "help": {"short": "Insights on Firewall Policy."}, "args": [{"type": "boolean", "var": "$parameters.properties.insights.isEnabled", "options": ["is-enabled"], "help": {"short": "A flag to indicate if the insights are enabled on the policy."}}, {"type": "object", "var": "$parameters.properties.insights.logAnalyticsResources", "options": ["log-analytics-resources"], "help": {"short": "Workspaces needed to configure the Firewall Policy Insights."}, "args": [{"type": "object", "var": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "options": ["default-workspace-id"], "help": {"short": "The default workspace Id for Firewall Policy Insights."}, "args": [{"type": "string", "var": "@SubResource_create.id", "options": ["id"], "help": {"short": "Resource ID."}}], "cls": "SubResource_create"}, {"type": "array", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces", "options": ["workspaces"], "help": {"short": "List of workspaces for Firewall Policy Insights."}, "item": {"type": "object", "args": [{"type": "string", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region", "options": ["region"], "help": {"short": "Region to configure the Workspace."}}, {"type": "@SubResource_create", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId", "options": ["workspace-id"], "help": {"short": "The workspace Id for Firewall Policy Insights."}}]}}]}, {"type": "integer32", "var": "$parameters.properties.insights.retentionDays", "options": ["retention-days"], "help": {"short": "Number of days the insights should be enabled on the policy."}}]}]}, {"name": "Snat", "args": [{"type": "string", "var": "$parameters.properties.snat.autoLearnPrivateRanges", "options": ["learn-ranges", "auto-learn-private-ranges"], "group": "Snat", "help": {"short": "The operation mode for automatically learning private ranges to not be SNAT"}, "enum": {"items": [{"name": "Disabled", "value": "Disabled"}, {"name": "Enabled", "value": "Enabled"}]}}, {"type": "array", "var": "$parameters.properties.snat.privateRanges", "options": ["private-ranges"], "group": "Snat", "help": {"short": "List of private IP addresses/IP address ranges to not be SNAT."}, "item": {"type": "string"}}]}, {"name": "TLS Inspection", "args": [{"type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId", "options": ["key-vault-secret-id"], "stage": "Preview", "group": "TLS Inspection", "help": {"short": "Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault."}}, {"type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.name", "options": ["cert-name"], "stage": "Preview", "group": "TLS Inspection", "help": {"short": "Name of the CA certificate."}}]}, {"name": "Threat Intel Allowlist", "args": [{"type": "array", "var": "$parameters.properties.threatIntelWhitelist.fqdns", "options": ["fqdns"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of FQDNs."}, "item": {"type": "string"}}, {"type": "array", "var": "$parameters.properties.threatIntelWhitelist.ipAddresses", "options": ["ip-addresses"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of IPv4 addresses."}, "item": {"type": "string"}}]}], "operations": [{"longRunning": {"finalStateVia": "azure-async-operation"}, "operationId": "FirewallPolicies_CreateOrUpdate", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}, "body": {"json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "ResourceId", "name": "id", "arg": "$parameters.id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"type": "string", "name": "type", "arg": "$parameters.identity.type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "arg": "$parameters.identity.userAssignedIdentities", "additionalProps": {"item": {"type": "object"}}}]}, {"type": "ResourceLocation", "name": "location", "arg": "$parameters.location"}, {"type": "object", "name": "properties", "props": [{"type": "object", "name": "basePolicy", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.basePolicy.id"}]}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy", "arg": "$parameters.properties.dnsSettings.enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules", "arg": "$parameters.properties.dnsSettings.requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "arg": "$parameters.properties.dnsSettings.servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "arg": "$parameters.properties.explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy", "arg": "$parameters.properties.explicitProxy.enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile", "arg": "$parameters.properties.explicitProxy.enablePacFile"}, {"type": "integer32", "name": "httpPort", "arg": "$parameters.properties.explicitProxy.httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "arg": "$parameters.properties.explicitProxy.httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile", "arg": "$parameters.properties.explicitProxy.pacFile"}, {"type": "integer32", "name": "pacFilePort", "arg": "$parameters.properties.explicitProxy.pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "name": "insights", "arg": "$parameters.properties.insights", "props": [{"type": "boolean", "name": "isEnabled", "arg": "$parameters.properties.insights.isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "arg": "$parameters.properties.insights.logAnalyticsResources", "props": [{"type": "object", "name": "defaultWorkspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "props": [{"type": "string", "name": "id", "arg": "@SubResource_create.id"}], "cls": "SubResource_create"}, {"type": "array", "name": "workspaces", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region"}, {"type": "@SubResource_create", "name": "workspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays", "arg": "$parameters.properties.insights.retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "arg": "$parameters.properties.intrusionDetection.configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description"}, {"type": "array", "name": "destinationAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name"}, {"type": "string", "name": "protocol", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.intrusionDetection.configuration.privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id"}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "arg": "$parameters.properties.sku.tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "arg": "$parameters.properties.snat.autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.snat.privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect", "arg": "$parameters.properties.sql.allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "arg": "$parameters.properties.threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "arg": "$parameters.properties.threatIntelWhitelist.fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "arg": "$parameters.properties.threatIntelWhitelist.ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId", "arg": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId"}, {"type": "string", "name": "name", "arg": "$parameters.properties.transportSecurity.certificateAuthority.name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "arg": "$parameters.tags", "additionalProps": {"item": {"type": "string"}}}], "clientFlatten": true}}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}, {"name": "update", "version": "2022-01-01", "resources": [{"id": "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/firewallpolicies/{}", "version": "2022-01-01", "swagger": "mgmt-plane/network/ResourceProviders/Microsoft.Network/Paths/L3N1YnNjcmlwdGlvbnMve3N1YnNjcmlwdGlvbklkfS9yZXNvdXJjZUdyb3Vwcy97cmVzb3VyY2VHcm91cE5hbWV9L3Byb3ZpZGVycy9NaWNyb3NvZnQuTmV0d29yay9maXJld2FsbFBvbGljaWVzL3tmaXJld2FsbFBvbGljeU5hbWV9/V/MjAyMi0wMS0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.firewallPolicyName", "options": ["n", "name"], "required": true, "group": "", "idPart": "name", "help": {"short": "The name of the Firewall Policy."}}, {"type": "ResourceGroupName", "var": "$Path.resourceGroupName", "options": ["g", "resource-group"], "required": true, "idPart": "resource_group"}, {"type": "SubscriptionId", "var": "$Path.subscriptionId", "options": ["subscription"], "required": true, "idPart": "subscription"}, {"nullable": true, "type": "ResourceLocation", "var": "$parameters.location", "options": ["l", "location"], "hide": true, "group": "", "help": {"short": "Location. Values from: `az account list-locations`. You can configure the default location using `az configure --defaults location=`."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.basePolicy.id", "options": ["base-policy"], "hide": true, "group": "", "help": {"short": "The name or ID of parent firewall policy from which rules are inherited."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.sku.tier", "options": ["sku"], "group": "", "help": {"short": "SKU of Firewall policy."}, "enum": {"items": [{"name": "Basic", "value": "Basic"}, {"name": "Premium", "value": "Premium"}, {"name": "Standard", "value": "Standard"}]}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.sql.allowSqlRedirect", "options": ["sql"], "stage": "Preview", "group": "", "help": {"short": "A flag to indicate if SQL Redirect traffic filtering is enabled."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.threatIntelMode", "options": ["threat-intel-mode"], "group": "", "help": {"short": "The operation mode for Threat Intelligence."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}, {"nullable": true, "type": "object", "var": "$parameters.tags", "options": ["tags"], "group": "", "help": {"short": "Space-separated tags: key[=value] [key[=value] ...]. Use \"\" to clear existing tags."}, "additionalProps": {"item": {"nullable": true, "type": "string"}}}]}, {"name": "DNS", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.enableProxy", "options": ["enable-dns-proxy"], "group": "DNS", "help": {"short": "Enable DNS Proxy."}}, {"nullable": true, "type": "array", "var": "$parameters.properties.dnsSettings.servers", "options": ["dns-servers"], "group": "DNS", "help": {"short": "Space-separated list of DNS server IP addresses."}, "item": {"nullable": true, "type": "string"}}]}, {"name": "DnsSettings", "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.dnsSettings.requireProxyForNetworkRules", "options": ["require-proxy-for-network-rules"], "hide": true, "group": "DnsSettings", "help": {"short": "FQDNs in Network Rules are supported when set to true."}}]}, {"name": "Identity Instance", "args": [{"nullable": true, "type": "string", "var": "$parameters.identity.type", "options": ["identity-type"], "group": "Identity Instance", "help": {"short": "The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine."}, "enum": {"items": [{"name": "None", "value": "None"}, {"name": "SystemAssigned", "value": "SystemAssigned"}, {"name": "SystemAssigned, UserAssigned", "value": "SystemAssigned, UserAssigned"}, {"name": "UserAssigned", "value": "UserAssigned"}]}}, {"nullable": true, "type": "object", "var": "$parameters.identity.userAssignedIdentities", "options": ["user-assigned-identities"], "group": "Identity Instance", "help": {"short": "The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'."}, "additionalProps": {"item": {"nullable": true, "blank": {"value": {}}, "type": "object"}}}]}, {"name": "IntrusionDetection", "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.intrusionDetection.configuration", "options": ["configuration"], "group": "IntrusionDetection", "help": {"short": "Intrusion detection configuration properties."}, "args": [{"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "options": ["bypass-traffic-settings"], "help": {"short": "List of rules for traffic to bypass."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description", "options": ["description"], "help": {"short": "Description of the bypass traffic rule."}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "options": ["destination-addresses"], "help": {"short": "List of destination IP addresses or ranges for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "options": ["destination-ip-groups"], "help": {"short": "List of destination IpGroups for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "options": ["destination-ports"], "help": {"short": "List of destination ports or ranges."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name", "options": ["name"], "help": {"short": "Name of the bypass traffic rule."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "options": ["protocol"], "help": {"short": "The rule bypass protocol."}, "enum": {"items": [{"name": "ANY", "value": "ANY"}, {"name": "ICMP", "value": "ICMP"}, {"name": "TCP", "value": "TCP"}, {"name": "UDP", "value": "UDP"}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "options": ["source-addresses"], "help": {"short": "List of source IP addresses or ranges for this rule."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "options": ["source-ip-groups"], "help": {"short": "List of source IpGroups for this rule."}, "item": {"nullable": true, "type": "string"}}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.privateRanges", "options": ["private-ranges"], "help": {"short": "IDPS Private IP address ranges are used to identify traffic direction (i.e. inbound, outbound, etc.). By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. To modify default ranges, specify your Private IP address ranges with this property"}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "options": ["signature-overrides"], "help": {"short": "List of specific signatures states."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id", "options": ["id"], "help": {"short": "Signature id."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "options": ["mode"], "help": {"short": "The signature state."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}}]}]}, {"name": "Intrustion Detection", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.intrusionDetection.mode", "options": ["idps-mode"], "stage": "Preview", "group": "Intrustion Detection", "help": {"short": "IDPS mode."}, "enum": {"items": [{"name": "Alert", "value": "Alert"}, {"name": "Deny", "value": "Deny"}, {"name": "Off", "value": "Off"}]}}]}, {"name": "Parameters", "args": [{"nullable": true, "type": "ResourceId", "var": "$parameters.id", "options": ["id"], "hide": true, "group": "Parameters", "help": {"short": "Resource ID."}, "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}]}, {"name": "Properties", "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.explicitProxy", "options": ["explicit-proxy"], "hide": true, "group": "Properties", "help": {"short": "Explicit Proxy Settings definition."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enableExplicitProxy", "options": ["enable-explicit-proxy"], "help": {"short": "When set to true, explicit proxy mode is enabled."}}, {"nullable": true, "type": "boolean", "var": "$parameters.properties.explicitProxy.enablePacFile", "options": ["enable-pac-file"], "help": {"short": "When set to true, pac file port and url needs to be provided."}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.httpPort", "options": ["http-port"], "help": {"short": "Port number for explicit proxy http protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.httpsPort", "options": ["https-port"], "help": {"short": "Port number for explicit proxy https protocol, cannot be greater than 64000."}, "format": {"maximum": 64000, "minimum": 0}}, {"nullable": true, "type": "string", "var": "$parameters.properties.explicitProxy.pacFile", "options": ["pac-file"], "help": {"short": "SAS URL for PAC file."}}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.explicitProxy.pacFilePort", "options": ["pac-file-port"], "help": {"short": "Port number for firewall to serve PAC file."}, "format": {"maximum": 64000, "minimum": 0}}]}, {"nullable": true, "type": "object", "var": "$parameters.properties.insights", "options": ["insights"], "hide": true, "group": "Properties", "help": {"short": "Insights on Firewall Policy."}, "args": [{"nullable": true, "type": "boolean", "var": "$parameters.properties.insights.isEnabled", "options": ["is-enabled"], "help": {"short": "A flag to indicate if the insights are enabled on the policy."}}, {"nullable": true, "type": "object", "var": "$parameters.properties.insights.logAnalyticsResources", "options": ["log-analytics-resources"], "help": {"short": "Workspaces needed to configure the Firewall Policy Insights."}, "args": [{"nullable": true, "type": "object", "var": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "options": ["default-workspace-id"], "help": {"short": "The default workspace Id for Firewall Policy Insights."}, "args": [{"nullable": true, "type": "string", "var": "@SubResource_update.id", "options": ["id"], "help": {"short": "Resource ID."}}], "cls": "SubResource_update"}, {"nullable": true, "type": "array", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces", "options": ["workspaces"], "help": {"short": "List of workspaces for Firewall Policy Insights."}, "item": {"nullable": true, "type": "object", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region", "options": ["region"], "help": {"short": "Region to configure the Workspace."}}, {"nullable": true, "type": "@SubResource_update", "var": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId", "options": ["workspace-id"], "help": {"short": "The workspace Id for Firewall Policy Insights."}}]}}]}, {"nullable": true, "type": "integer32", "var": "$parameters.properties.insights.retentionDays", "options": ["retention-days"], "help": {"short": "Number of days the insights should be enabled on the policy."}}]}]}, {"name": "Snat", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.snat.autoLearnPrivateRanges", "options": ["learn-ranges", "auto-learn-private-ranges"], "group": "Snat", "help": {"short": "The operation mode for automatically learning private ranges to not be SNAT"}, "enum": {"items": [{"name": "Disabled", "value": "Disabled"}, {"name": "Enabled", "value": "Enabled"}]}}, {"nullable": true, "type": "array", "var": "$parameters.properties.snat.privateRanges", "options": ["private-ranges"], "group": "Snat", "help": {"short": "List of private IP addresses/IP address ranges to not be SNAT."}, "item": {"nullable": true, "type": "string"}}]}, {"name": "TLS Inspection", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId", "options": ["key-vault-secret-id"], "stage": "Preview", "group": "TLS Inspection", "help": {"short": "Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in KeyVault."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.transportSecurity.certificateAuthority.name", "options": ["cert-name"], "stage": "Preview", "group": "TLS Inspection", "help": {"short": "Name of the CA certificate."}}]}, {"name": "Threat Intel Allowlist", "args": [{"nullable": true, "type": "array", "var": "$parameters.properties.threatIntelWhitelist.fqdns", "options": ["fqdns"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of FQDNs."}, "item": {"nullable": true, "type": "string"}}, {"nullable": true, "type": "array", "var": "$parameters.properties.threatIntelWhitelist.ipAddresses", "options": ["ip-addresses"], "group": "Threat Intel Allowlist", "help": {"short": "Space-separated list of IPv4 addresses."}, "item": {"nullable": true, "type": "string"}}]}], "operations": [{"operationId": "FirewallPolicies_Get", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "etag"}, {"type": "ResourceId", "name": "id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"readOnly": true, "type": "string", "name": "principalId"}, {"readOnly": true, "type": "string", "name": "tenantId"}, {"type": "string", "name": "type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "additionalProps": {"item": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "clientId"}, {"readOnly": true, "type": "string", "name": "principalId"}]}}}]}, {"type": "ResourceLocation", "name": "location"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "@SubResource_read", "name": "basePolicy"}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "childPolicies", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile"}, {"type": "integer32", "name": "httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile"}, {"type": "integer32", "name": "pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"readOnly": true, "type": "array<@SubResource_read>", "name": "firewalls", "item": {"type": "@SubResource_read"}}, {"type": "object", "name": "insights", "props": [{"type": "boolean", "name": "isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "props": [{"type": "@SubResource_read", "name": "defaultWorkspaceId"}, {"type": "array", "name": "workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region"}, {"type": "@SubResource_read", "name": "workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description"}, {"type": "array", "name": "destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name"}, {"type": "string", "name": "protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id"}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"readOnly": true, "type": "string", "name": "provisioningState", "enum": {"items": [{"value": "Deleting"}, {"value": "Failed"}, {"value": "Succeeded"}, {"value": "Updating"}]}}, {"readOnly": true, "type": "array", "name": "ruleCollectionGroups", "item": {"type": "object", "props": [{"type": "string", "name": "id"}], "cls": "SubResource_read"}}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId"}, {"type": "string", "name": "name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "additionalProps": {"item": {"type": "string"}}}, {"readOnly": true, "type": "string", "name": "type"}], "cls": "FirewallPolicy_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}, {"instanceUpdate": {"ref": "$Instance", "json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "ResourceId", "name": "id", "arg": "$parameters.id", "format": {"template": "/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/firewallPolicies/{}"}}, {"type": "IdentityObject", "name": "identity", "props": [{"type": "string", "name": "type", "arg": "$parameters.identity.type", "enum": {"items": [{"value": "None"}, {"value": "SystemAssigned"}, {"value": "SystemAssigned, UserAssigned"}, {"value": "UserAssigned"}]}}, {"type": "object", "name": "userAssignedIdentities", "arg": "$parameters.identity.userAssignedIdentities", "additionalProps": {"item": {"type": "object"}}}]}, {"type": "ResourceLocation", "name": "location", "arg": "$parameters.location"}, {"type": "object", "name": "properties", "props": [{"type": "object", "name": "basePolicy", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.basePolicy.id"}]}, {"type": "object", "name": "dnsSettings", "props": [{"type": "boolean", "name": "enableProxy", "arg": "$parameters.properties.dnsSettings.enableProxy"}, {"nullable": true, "type": "boolean", "name": "requireProxyForNetworkRules", "arg": "$parameters.properties.dnsSettings.requireProxyForNetworkRules"}, {"type": "array", "name": "servers", "arg": "$parameters.properties.dnsSettings.servers", "item": {"type": "string"}}]}, {"type": "object", "name": "explicitProxy", "arg": "$parameters.properties.explicitProxy", "props": [{"nullable": true, "type": "boolean", "name": "enableExplicitProxy", "arg": "$parameters.properties.explicitProxy.enableExplicitProxy"}, {"nullable": true, "type": "boolean", "name": "enablePacFile", "arg": "$parameters.properties.explicitProxy.enablePacFile"}, {"type": "integer32", "name": "httpPort", "arg": "$parameters.properties.explicitProxy.httpPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "integer32", "name": "httpsPort", "arg": "$parameters.properties.explicitProxy.httpsPort", "format": {"maximum": 64000, "minimum": 0}}, {"type": "string", "name": "pacFile", "arg": "$parameters.properties.explicitProxy.pacFile"}, {"type": "integer32", "name": "pacFilePort", "arg": "$parameters.properties.explicitProxy.pacFilePort", "format": {"maximum": 64000, "minimum": 0}}]}, {"type": "object", "name": "insights", "arg": "$parameters.properties.insights", "props": [{"type": "boolean", "name": "isEnabled", "arg": "$parameters.properties.insights.isEnabled"}, {"type": "object", "name": "logAnalyticsResources", "arg": "$parameters.properties.insights.logAnalyticsResources", "props": [{"type": "object", "name": "defaultWorkspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.defaultWorkspaceId", "props": [{"type": "string", "name": "id", "arg": "@SubResource_update.id"}], "cls": "SubResource_update"}, {"type": "array", "name": "workspaces", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces", "item": {"type": "object", "props": [{"type": "string", "name": "region", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].region"}, {"type": "@SubResource_update", "name": "workspaceId", "arg": "$parameters.properties.insights.logAnalyticsResources.workspaces[].workspaceId"}]}}]}, {"type": "integer32", "name": "retentionDays", "arg": "$parameters.properties.insights.retentionDays"}]}, {"type": "object", "name": "intrusionDetection", "props": [{"type": "object", "name": "configuration", "arg": "$parameters.properties.intrusionDetection.configuration", "props": [{"type": "array", "name": "bypassTrafficSettings", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings", "item": {"type": "object", "props": [{"type": "string", "name": "description", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].description"}, {"type": "array", "name": "destinationAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationAddresses", "item": {"type": "string"}}, {"type": "array", "name": "destinationIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationIpGroups", "item": {"type": "string"}}, {"type": "array", "name": "destinationPorts", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].destinationPorts", "item": {"type": "string"}}, {"type": "string", "name": "name", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].name"}, {"type": "string", "name": "protocol", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].protocol", "enum": {"items": [{"value": "ANY"}, {"value": "ICMP"}, {"value": "TCP"}, {"value": "UDP"}]}}, {"type": "array", "name": "sourceAddresses", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceAddresses", "item": {"type": "string"}}, {"type": "array", "name": "sourceIpGroups", "arg": "$parameters.properties.intrusionDetection.configuration.bypassTrafficSettings[].sourceIpGroups", "item": {"type": "string"}}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.intrusionDetection.configuration.privateRanges", "item": {"type": "string"}}, {"type": "array", "name": "signatureOverrides", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides", "item": {"type": "object", "props": [{"type": "string", "name": "id", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].id"}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.configuration.signatureOverrides[].mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}}]}, {"type": "string", "name": "mode", "arg": "$parameters.properties.intrusionDetection.mode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}]}, {"type": "object", "name": "sku", "props": [{"type": "string", "name": "tier", "arg": "$parameters.properties.sku.tier", "enum": {"items": [{"value": "Basic"}, {"value": "Premium"}, {"value": "Standard"}]}}]}, {"type": "object", "name": "snat", "props": [{"type": "string", "name": "autoLearnPrivateRanges", "arg": "$parameters.properties.snat.autoLearnPrivateRanges", "enum": {"items": [{"value": "Disabled"}, {"value": "Enabled"}]}}, {"type": "array", "name": "privateRanges", "arg": "$parameters.properties.snat.privateRanges", "item": {"type": "string"}}]}, {"type": "object", "name": "sql", "props": [{"type": "boolean", "name": "allowSqlRedirect", "arg": "$parameters.properties.sql.allowSqlRedirect"}]}, {"type": "string", "name": "threatIntelMode", "arg": "$parameters.properties.threatIntelMode", "enum": {"items": [{"value": "Alert"}, {"value": "Deny"}, {"value": "Off"}]}}, {"type": "object", "name": "threatIntelWhitelist", "props": [{"type": "array", "name": "fqdns", "arg": "$parameters.properties.threatIntelWhitelist.fqdns", "item": {"type": "string"}}, {"type": "array", "name": "ipAddresses", "arg": "$parameters.properties.threatIntelWhitelist.ipAddresses", "item": {"type": "string"}}]}, {"type": "object", "name": "transportSecurity", "props": [{"type": "object", "name": "certificateAuthority", "props": [{"type": "string", "name": "keyVaultSecretId", "arg": "$parameters.properties.transportSecurity.certificateAuthority.keyVaultSecretId"}, {"type": "string", "name": "name", "arg": "$parameters.properties.transportSecurity.certificateAuthority.name"}]}]}], "clientFlatten": true}, {"type": "object", "name": "tags", "arg": "$parameters.tags", "additionalProps": {"item": {"type": "string"}}}], "clientFlatten": true}}}}, {"longRunning": {"finalStateVia": "azure-async-operation"}, "operationId": "FirewallPolicies_CreateOrUpdate", "http": {"path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "firewallPolicyName", "arg": "$Path.firewallPolicyName", "required": true}, {"type": "string", "name": "resourceGroupName", "arg": "$Path.resourceGroupName", "required": true}, {"type": "string", "name": "subscriptionId", "arg": "$Path.subscriptionId", "required": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-01-01"}, "type": "string", "name": "api-version", "required": true}]}, "body": {"json": {"ref": "$Instance"}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "@FirewallPolicy_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@ODataV4Format"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}], "confirmation": ""}]}]} \ No newline at end of file diff --git a/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.xml b/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.xml index 68f509389..31e2b5b71 100644 --- a/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.xml +++ b/Resources/mgmt-plane/L3N1YnNjcmlwdGlvbnMve30vcmVzb3VyY2Vncm91cHMve30vcHJvdmlkZXJzL21pY3Jvc29mdC5uZXR3b3JrL2ZpcmV3YWxscG9saWNpZXMve30=/2022-01-01.xml @@ -286,7 +286,7 @@ - + @@ -294,7 +294,7 @@ - + @@ -411,7 +411,7 @@ - + @@ -495,10 +495,10 @@ - + - + @@ -925,7 +925,7 @@ - + @@ -1042,7 +1042,7 @@ - + @@ -1126,10 +1126,10 @@ - + - +