Firewall

Resource Icon

Resource Overview

Azure Firewall is a managed network firewall service deployed within a Virtual Network that provides centralized inbound and outbound traffic control and threat protection.
It supports L3–L7 filtering through Network, Application, and NAT rules, and is commonly used as a shared security boundary in hub-and-spoke or single VNet architectures.

Associated Resources

Parent Resources

Subnet

Connected Resources

PublicIP

Resource Configuration

sku_tier : Pricing tier of the Firewall - Basic, Standard, Premium
ip_config_name : Name of the IP Configuration
included_subnet_name : Name of the Subnet where the Firewall is deployed
linked_firewall_subnet_public_ip_name : Name of the Public IP associated with the Firewall Subnet
management_ip_config_name : Name of the Management IP Configuration
target_firewall_management_subnet_name : Name of the Firewall Management Subnet
linked_firewall_management_subnet_public_ip_name : Name of the Public IP associated with the Firewall Management Subnet
sku_name : Firewall SKU name - AZFW_VNet, AZFW_Hub
tag : Tags used to categorize resources

Network Rule Collection (`network_rule_collection`)

network_rule_collection.priority : Priority of the Rule Collection - 100 ~ 65000
network_rule_collection.action : Action applied to matching traffic - Allow, Deny

Network Rules (`network_rules`)

network_rules.source_addresses : List of source IP addresses or ranges
network_rules.destination_ports : List of destination ports
network_rules.destination_addresses : List of destination IP addresses or ranges
network_rules.protocols : List of protocols for the rule - TCP, UDP, ICMP, Any

Application Rule Collection (`application_rule_collection`)

application_rule_collection.priority : Priority of the Rule Collection - 100 ~ 65000
application_rule_collection.action : Action applied to matching traffic - Allow, Deny

Application Rules (`application_rules`)

application_rules.source_addresses : List of source IP addresses or ranges
application_rules.target_fqdns : List of FQDNs for outbound traffic filtering
application_rules.protocol_port : Port used for the protocol connection
application_rules.protocol_type : Protocol type - Http, Https, Mssql

NAT Rule Collection (`nat_rule_collection`)

nat_rule_collection.priority : Priority of the Rule Collection - 100 ~ 65000
nat_rule_collection.action : Action applied to matching traffic - Dnat, Snat

NAT Rules (`nat_rules`)

nat_rules.source_addresses : List of source IP addresses or ranges
nat_rules.destination_ports : List of destination ports
nat_rules.translated_port : Translated port
nat_rules.translated_address : Translated address
nat_rules.protocols : List of protocols for the rule - TCP, UDP, ICMP, Any

Resource Icon​

Resource Overview​

Associated Resources​

Parent Resources​

Connected Resources​

Resource Configuration​

Network Rule Collection (network_rule_collection)​

Network Rules (network_rules)​

Application Rule Collection (application_rule_collection)​

Application Rules (application_rules)​

NAT Rule Collection (nat_rule_collection)​

NAT Rules (nat_rules)​

References​