Azure Firewall - API updates

Question

Hi,

Situation:
Azure firewall deployed - not using AFM (azure firewall manager)

I'm trying to test creation/deletion/updating via API calls of local azure firewall rules (NAT,Network,APP collections).

I'm getting all firewall data via API GET - no issues there.

When i try to create (ADD) firewall rule (for example to existing "networkRuleCollection") via API (PUT method)
it will execute without issues "200 OK", however it will remove all existing rules on firewall at the same time before it will add one from API call.

Note:

• It does same thing for "networkRuleCollection" object manipulation (if i add another collection (nat/network/app) it overwrites as well.
• I'm familiar with related docs for it but there is no example for UPDATING objects within azure firewall - only CREATES which does not
  add input from API but overwrites.

Example of BODY (PUT) below:

{
"location": "germanywestcentral",
"properties": {
"networkRuleCollections": 
[
      {
        "name": "apprulecol4",
        "properties": {
          "priority": 120,
          "action": {
            "type": "Deny"
          },
"rules":[
{
"name": "new_rule_3",
"description": "API new rule that i want to add to existing (apprulecol4)",
......

Answer 1

@3Lobyte You cannot independently create new rule collections in Azure Firewalls without impacting rest of the properties. You can try this with Firewall Policy as each rule collection group is an independent resource. Please let us know if you have further questions regarding this and we will be glad to assist. Thank you!

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.