Share via


az network firewall application-rule

Note

This reference is part of the azure-firewall extension for the Azure CLI (version 2.75.0 or higher). The extension will automatically install the first time you run an az network firewall application-rule command. Learn more about extensions.

Manage and configure Azure Firewall application rules.

Commands

Name Description Type Status
az network firewall application-rule collection

Manage and configure Azure Firewall application rule collections.

Extension GA
az network firewall application-rule collection delete

Delete an Azure Firewall application rule collection.

Extension GA
az network firewall application-rule collection list

List Azure Firewall application rule collections.

Extension GA
az network firewall application-rule collection show

Get the details of an Azure Firewall application rule collection.

Extension GA
az network firewall application-rule create

Create an Azure Firewall application rule.

Extension GA
az network firewall application-rule delete

Delete an Azure Firewall application rule.

Extension GA
az network firewall application-rule list

List Azure Firewall application rules.

Extension GA
az network firewall application-rule show

Get the details of an Azure Firewall application rule.

Extension GA

az network firewall application-rule create

Create an Azure Firewall application rule.

az network firewall application-rule create --collection-name
                                            --firewall-name
                                            --name
                                            --protocols
                                            --resource-group
                                            [--action {Allow, Deny}]
                                            [--description]
                                            [--fqdn-tags]
                                            [--priority]
                                            [--source-addresses]
                                            [--source-ip-groups]
                                            [--target-fqdns]

Required Parameters

--collection-name -c

Name of the collection to create the rule in. Will create the collection if it does not exist.

Property Value
Parameter group: Collection Arguments
--firewall-name -f

Azure Firewall name.

--name -n

The name of the application rule.

--protocols

Space-separated list of protocols and port numbers to use, in PROTOCOL=PORT format. Valid protocols are Http, Https.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--action

The action to apply for the rule collection. Supply only if you want to create the collection.

Property Value
Parameter group: Collection Arguments
Accepted values: Allow, Deny
--description

Rule description.

--fqdn-tags

Space-separated list of FQDN tags.

--priority

Priority of the rule collection from 100 (high) to 65000 (low). Supply only if you want to create the collection.

Property Value
Parameter group: Collection Arguments
--source-addresses

Space-separated list of source IP addresses. Use '*' to match all.

--source-ip-groups

Space-separated list of name or resource id of source IpGroups.

--target-fqdns

Space-separated list of fully qualified domain names (FDQN).

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network firewall application-rule delete

Delete an Azure Firewall application rule.

az network firewall application-rule delete [--collection-name]
                                            [--firewall-name]
                                            [--ids]
                                            [--name]
                                            [--resource-group]
                                            [--subscription]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--collection-name -c

Name of the rule collection.

Property Value
Parameter group: Resource Id Arguments
--firewall-name -f

Azure Firewall name.

Property Value
Parameter group: Resource Id Arguments
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

The name of the application rule.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network firewall application-rule list

List Azure Firewall application rules.

az network firewall application-rule list --collection-name
                                          --firewall-name
                                          --resource-group

Required Parameters

--collection-name -c

Name of the rule collection.

--firewall-name -f

Azure Firewall name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network firewall application-rule show

Get the details of an Azure Firewall application rule.

az network firewall application-rule show [--collection-name]
                                          [--firewall-name]
                                          [--ids]
                                          [--name]
                                          [--resource-group]
                                          [--subscription]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--collection-name -c

Name of the rule collection.

Property Value
Parameter group: Resource Id Arguments
--firewall-name -f

Azure Firewall name.

Property Value
Parameter group: Resource Id Arguments
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

The name of the application rule.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False