{ "swagger": "2.0", "info": { "title": "NetworkManagementClient", "description": "The Microsoft Azure Network management API provides a RESTful set of web services that interact with Microsoft Azure Networks service to manage your network resources. The API has entities that capture the relationship between an end user and the Microsoft Azure Networks service.", "version": "2019-07-01" }, "host": "management.azure.com", "schemes": [ "https" ], "consumes": [ "application/json" ], "produces": [ "application/json" ], "security": [ { "azure_auth": [ "user_impersonation" ] } ], "securityDefinitions": { "azure_auth": { "type": "oauth2", "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", "flow": "implicit", "description": "Azure Active Directory OAuth2 Flow.", "scopes": { "user_impersonation": "impersonate your user account" } } }, "paths": { "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/azureFirewalls/{azureFirewallName}": { "delete": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_Delete", "description": "Deletes the specified Azure Firewall.", "parameters": [ { "name": "resourceGroupName", "in": "path", "required": true, "type": "string", "description": "The name of the resource group." }, { "name": "azureFirewallName", "in": "path", "required": true, "type": "string", "description": "The name of the Azure Firewall." }, { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "202": { "description": "Accepted and the operation will complete asynchronously." }, "204": { "description": "Request successful. Resource with the specified name does not exist." }, "200": { "description": "Delete successful." } }, "x-ms-examples": { "Delete Azure Firewall": { "$ref": "./examples/AzureFirewallDelete.json" } }, "x-ms-long-running-operation": true, "x-ms-long-running-operation-options": { "final-state-via": "location" } }, "get": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_Get", "description": "Gets the specified Azure Firewall.", "parameters": [ { "name": "resourceGroupName", "in": "path", "required": true, "type": "string", "description": "The name of the resource group." }, { "name": "azureFirewallName", "in": "path", "required": true, "type": "string", "description": "The name of the Azure Firewall." }, { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "200": { "description": "Request successful. The operation returns an AzureFirewall resource.", "schema": { "$ref": "#/definitions/AzureFirewall" } } }, "x-ms-examples": { "Get Azure Firewall": { "$ref": "./examples/AzureFirewallGet.json" }, "Get Azure Firewall With Zones": { "$ref": "./examples/AzureFirewallGetWithZones.json" } } }, "put": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_CreateOrUpdate", "description": "Creates or updates the specified Azure Firewall.", "parameters": [ { "name": "resourceGroupName", "in": "path", "required": true, "type": "string", "description": "The name of the resource group." }, { "name": "azureFirewallName", "in": "path", "required": true, "type": "string", "description": "The name of the Azure Firewall." }, { "name": "parameters", "in": "body", "required": true, "schema": { "$ref": "#/definitions/AzureFirewall" }, "description": "Parameters supplied to the create or update Azure Firewall operation." }, { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "201": { "description": "Create successful. The operation returns the resulting AzureFirewall resource.", "schema": { "$ref": "#/definitions/AzureFirewall" } }, "200": { "description": "Update successful. The operation returns the resulting AzureFirewall resource.", "schema": { "$ref": "#/definitions/AzureFirewall" } } }, "x-ms-examples": { "Create Azure Firewall": { "$ref": "./examples/AzureFirewallPut.json" }, "Create Azure Firewall With Zones": { "$ref": "./examples/AzureFirewallPutWithZones.json" }, "Create Azure Firewall in virtual Hub": { "$ref": "./examples/AzureFirewallPutInHub.json" } }, "x-ms-long-running-operation": true, "x-ms-long-running-operation-options": { "final-state-via": "azure-async-operation" } }, "patch": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_UpdateTags", "description": "Updates tags for an Azure Firewall resource.", "parameters": [ { "name": "resourceGroupName", "in": "path", "required": true, "type": "string", "description": "The name of the resource group." }, { "name": "azureFirewallName", "in": "path", "required": true, "type": "string", "description": "The name of the Azure Firewall." }, { "name": "parameters", "in": "body", "required": true, "schema": { "$ref": "#/definitions/AzureFirewall" }, "description": "Parameters supplied to the create or update Azure Firewall operation." }, { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "200": { "description": "Update successful. The operation returns the resulting AzureFirewall resource.", "schema": { "$ref": "#/definitions/AzureFirewall" } } }, "x-ms-examples": { "Update Azure Firewall Tags": { "$ref": "./examples/AzureFirewallUpdateTags.json" } } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/azureFirewalls": { "get": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_List", "description": "Lists all Azure Firewalls in a resource group.", "parameters": [ { "name": "resourceGroupName", "in": "path", "required": true, "type": "string", "description": "The name of the resource group." }, { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "200": { "description": "Success. The operation returns a list of AzureFirewall resources.", "schema": { "$ref": "#/definitions/AzureFirewallListResult" } } }, "x-ms-examples": { "List all Azure Firewalls for a given resource group": { "$ref": "./examples/AzureFirewallListByResourceGroup.json" } }, "x-ms-pageable": { "nextLinkName": "nextLink" } } }, "/subscriptions/{subscriptionId}/providers/Microsoft.Network/azureFirewalls": { "get": { "tags": [ "AzureFirewalls" ], "operationId": "AzureFirewalls_ListAll", "description": "Gets all the Azure Firewalls in a subscription.", "parameters": [ { "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "$ref": "./network.json#/parameters/SubscriptionIdParameter" } ], "responses": { "200": { "description": "Success. The operation returns a list of AzureFirewall resources.", "schema": { "$ref": "#/definitions/AzureFirewallListResult" } } }, "x-ms-examples": { "List all Azure Firewalls for a given subscription": { "$ref": "./examples/AzureFirewallListBySubscription.json" } }, "x-ms-pageable": { "nextLinkName": "nextLink" } } } }, "definitions": { "AzureFirewallIPConfigurationPropertiesFormat": { "properties": { "privateIPAddress": { "type": "string", "readOnly": true, "description": "The Firewall Internal Load Balancer IP to be used as the next hop in User Defined Routes." }, "subnet": { "$ref": "./network.json#/definitions/SubResource", "description": "Reference of the subnet resource. This resource must be named 'AzureFirewallSubnet'." }, "publicIPAddress": { "$ref": "./network.json#/definitions/SubResource", "description": "Reference of the PublicIP resource. This field is a mandatory input if subnet is not null." }, "provisioningState": { "$ref": "./network.json#/definitions/ProvisioningState", "description": "The provisioning state of the Azure firewall IP configuration resource." } }, "description": "Properties of IP configuration of an Azure Firewall." }, "AzureFirewallIPConfiguration": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/AzureFirewallIPConfigurationPropertiesFormat", "description": "Properties of the azure firewall IP configuration." }, "name": { "type": "string", "description": "Name of the resource that is unique within a resource group. This name can be used to access the resource." }, "etag": { "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." } }, "allOf": [ { "$ref": "./network.json#/definitions/SubResource" } ], "description": "IP configuration of an Azure Firewall." }, "AzureFirewallPublicIPAddress": { "properties": { "address": { "type": "string", "description": "Public IP Address value." } }, "description": "Public IP Address associated with azure firewall." }, "HubIPAddresses": { "properties": { "publicIPAddresses": { "type": "array", "description": "List of Public IP addresses associated with azure firewall.", "items": { "$ref": "#/definitions/AzureFirewallPublicIPAddress" } }, "privateIPAddress": { "type": "string", "description": "Private IP Address associated with azure firewall." } }, "description": "IP addresses associated with azure firewall." }, "AzureFirewallPropertiesFormat": { "properties": { "applicationRuleCollections": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallApplicationRuleCollection" }, "description": "Collection of application rule collections used by Azure Firewall." }, "natRuleCollections": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNatRuleCollection" }, "description": "Collection of NAT rule collections used by Azure Firewall." }, "networkRuleCollections": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNetworkRuleCollection" }, "description": "Collection of network rule collections used by Azure Firewall." }, "ipConfigurations": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallIPConfiguration" }, "description": "IP configuration of the Azure Firewall resource." }, "provisioningState": { "$ref": "./network.json#/definitions/ProvisioningState", "description": "The provisioning state of the Azure firewall resource." }, "threatIntelMode": { "description": "The operation mode for Threat Intelligence.", "$ref": "#/definitions/AzureFirewallThreatIntelMode" }, "virtualHub": { "$ref": "./network.json#/definitions/SubResource", "description": "The virtualHub to which the firewall belongs." }, "firewallPolicy": { "$ref": "./network.json#/definitions/SubResource", "description": "The firewallPolicy associated with this azure firewall." }, "hubIpAddresses": { "readOnly": true, "description": "IP addresses associated with AzureFirewall.", "$ref": "#/definitions/HubIPAddresses" } }, "description": "Properties of the Azure Firewall." }, "AzureFirewall": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/AzureFirewallPropertiesFormat", "description": "Properties of the azure firewall." }, "zones": { "type": "array", "items": { "type": "string" }, "description": "A list of availability zones denoting where the resource needs to come from." }, "etag": { "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." } }, "allOf": [ { "$ref": "./network.json#/definitions/Resource" } ], "description": "Azure Firewall resource." }, "AzureFirewallListResult": { "properties": { "value": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewall" }, "description": "List of Azure Firewalls in a resource group." }, "nextLink": { "type": "string", "description": "URL to get the next set of results." } }, "description": "Response for ListAzureFirewalls API service call." }, "AzureFirewallThreatIntelMode": { "type": "string", "description": "The operation mode for Threat Intel.", "enum": [ "Alert", "Deny", "Off" ], "x-ms-enum": { "name": "AzureFirewallThreatIntelMode", "modelAsString": true } }, "AzureFirewallApplicationRuleCollectionPropertiesFormat": { "properties": { "priority": { "type": "integer", "format": "int32", "maximum": 65000, "exclusiveMaximum": false, "minimum": 100, "exclusiveMinimum": false, "description": "Priority of the application rule collection resource." }, "action": { "$ref": "#/definitions/AzureFirewallRCAction", "description": "The action type of a rule collection." }, "rules": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallApplicationRule" }, "description": "Collection of rules used by a application rule collection." }, "provisioningState": { "$ref": "./network.json#/definitions/ProvisioningState", "description": "The provisioning state of the application rule collection resource." } }, "description": "Properties of the application rule collection." }, "AzureFirewallApplicationRuleCollection": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/AzureFirewallApplicationRuleCollectionPropertiesFormat", "description": "Properties of the azure firewall application rule collection." }, "name": { "type": "string", "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." }, "etag": { "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." } }, "allOf": [ { "$ref": "./network.json#/definitions/SubResource" } ], "description": "Application rule collection resource." }, "AzureFirewallApplicationRuleProtocol": { "properties": { "protocolType": { "description": "Protocol type.", "$ref": "#/definitions/AzureFirewallApplicationRuleProtocolType" }, "port": { "type": "integer", "format": "int32", "maximum": 64000, "exclusiveMaximum": false, "minimum": 0, "exclusiveMinimum": false, "description": "Port number for the protocol, cannot be greater than 64000. This field is optional." } }, "description": "Properties of the application rule protocol." }, "AzureFirewallApplicationRule": { "properties": { "name": { "type": "string", "description": "Name of the application rule." }, "description": { "type": "string", "description": "Description of the rule." }, "sourceAddresses": { "type": "array", "description": "List of source IP addresses for this rule.", "items": { "type": "string" } }, "protocols": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallApplicationRuleProtocol" }, "description": "Array of ApplicationRuleProtocols." }, "targetFqdns": { "type": "array", "description": "List of FQDNs for this rule.", "items": { "type": "string" } }, "fqdnTags": { "type": "array", "description": "List of FQDN Tags for this rule.", "items": { "type": "string" } } }, "description": "Properties of an application rule." }, "AzureFirewallNatRuleCollectionProperties": { "properties": { "priority": { "type": "integer", "format": "int32", "maximum": 65000, "exclusiveMaximum": false, "minimum": 100, "exclusiveMinimum": false, "description": "Priority of the NAT rule collection resource." }, "action": { "$ref": "#/definitions/AzureFirewallNatRCAction", "description": "The action type of a NAT rule collection." }, "rules": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNatRule" }, "description": "Collection of rules used by a NAT rule collection." }, "provisioningState": { "$ref": "./network.json#/definitions/ProvisioningState", "description": "The provisioning state of the NAT rule collection resource." } }, "description": "Properties of the NAT rule collection." }, "AzureFirewallNatRuleCollection": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/AzureFirewallNatRuleCollectionProperties", "description": "Properties of the azure firewall NAT rule collection." }, "name": { "type": "string", "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." }, "etag": { "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." } }, "allOf": [ { "$ref": "./network.json#/definitions/SubResource" } ], "description": "NAT rule collection resource." }, "AzureFirewallNatRule": { "properties": { "name": { "type": "string", "description": "Name of the NAT rule." }, "description": { "type": "string", "description": "Description of the rule." }, "sourceAddresses": { "type": "array", "description": "List of source IP addresses for this rule.", "items": { "type": "string" } }, "destinationAddresses": { "type": "array", "description": "List of destination IP addresses for this rule. Supports IP ranges, prefixes, and service tags.", "items": { "type": "string" } }, "destinationPorts": { "type": "array", "description": "List of destination ports.", "items": { "type": "string" } }, "protocols": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNetworkRuleProtocol" }, "description": "Array of AzureFirewallNetworkRuleProtocols applicable to this NAT rule." }, "translatedAddress": { "type": "string", "description": "The translated address for this NAT rule." }, "translatedPort": { "type": "string", "description": "The translated port for this NAT rule." } }, "description": "Properties of a NAT rule." }, "AzureFirewallNatRCAction": { "properties": { "type": { "description": "The type of action.", "$ref": "#/definitions/AzureFirewallNatRCActionType" } }, "description": "AzureFirewall NAT Rule Collection Action." }, "AzureFirewallNatRCActionType": { "type": "string", "description": "The action type of a NAT rule collection.", "enum": [ "Snat", "Dnat" ], "x-ms-enum": { "name": "AzureFirewallNatRCActionType", "modelAsString": true } }, "AzureFirewallNetworkRuleCollectionPropertiesFormat": { "properties": { "priority": { "type": "integer", "format": "int32", "maximum": 65000, "exclusiveMaximum": false, "minimum": 100, "exclusiveMinimum": false, "description": "Priority of the network rule collection resource." }, "action": { "$ref": "#/definitions/AzureFirewallRCAction", "description": "The action type of a rule collection." }, "rules": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNetworkRule" }, "description": "Collection of rules used by a network rule collection." }, "provisioningState": { "$ref": "./network.json#/definitions/ProvisioningState", "description": "The provisioning state of the network rule collection resource." } }, "description": "Properties of the network rule collection." }, "AzureFirewallNetworkRuleCollection": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/AzureFirewallNetworkRuleCollectionPropertiesFormat", "description": "Properties of the azure firewall network rule collection." }, "name": { "type": "string", "description": "The name of the resource that is unique within the Azure firewall. This name can be used to access the resource." }, "etag": { "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." } }, "allOf": [ { "$ref": "./network.json#/definitions/SubResource" } ], "description": "Network rule collection resource." }, "AzureFirewallNetworkRule": { "properties": { "name": { "type": "string", "description": "Name of the network rule." }, "description": { "type": "string", "description": "Description of the rule." }, "protocols": { "type": "array", "items": { "$ref": "#/definitions/AzureFirewallNetworkRuleProtocol" }, "description": "Array of AzureFirewallNetworkRuleProtocols." }, "sourceAddresses": { "type": "array", "description": "List of source IP addresses for this rule.", "items": { "type": "string" } }, "destinationAddresses": { "type": "array", "description": "List of destination IP addresses.", "items": { "type": "string" } }, "destinationPorts": { "type": "array", "description": "List of destination ports.", "items": { "type": "string" } } }, "description": "Properties of the network rule." }, "AzureFirewallRCAction": { "properties": { "type": { "description": "The type of action.", "$ref": "#/definitions/AzureFirewallRCActionType" } }, "description": "Properties of the AzureFirewallRCAction." }, "AzureFirewallRCActionType": { "type": "string", "description": "The action type of a rule collection.", "enum": [ "Allow", "Deny" ], "x-ms-enum": { "name": "AzureFirewallRCActionType", "modelAsString": true } }, "AzureFirewallNetworkRuleProtocol": { "type": "string", "description": "The protocol of a Network Rule resource.", "enum": [ "TCP", "UDP", "Any", "ICMP" ], "x-ms-enum": { "name": "AzureFirewallNetworkRuleProtocol", "modelAsString": true } }, "AzureFirewallApplicationRuleProtocolType": { "type": "string", "description": "The protocol type of a Application Rule resource.", "enum": [ "Http", "Https", "Mssql" ], "x-ms-enum": { "name": "AzureFirewallApplicationRuleProtocolType", "modelAsString": true } } } }