New-AzureRmFirewallApplicationRule
Creates a Firewall Application Rule.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
New-AzureRmFirewallApplicationRule
-Name <String>
[-Description <String>]
[-SourceAddress <System.Collections.Generic.List`1[System.String]>]
-TargetFqdn <System.Collections.Generic.List`1[System.String]>
-Protocol <System.Collections.Generic.List`1[System.String]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzureRmFirewallApplicationRule
-Name <String>
[-Description <String>]
[-SourceAddress <System.Collections.Generic.List`1[System.String]>]
-FqdnTag <System.Collections.Generic.List`1[System.String]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The New-AzureRmFirewallApplicationRule cmdlet creates an application rule for Azure Firewall.
Examples
1: Create a rule to allow all HTTPS traffic from 10.0.0.0
New-AzureRmFirewallApplicationRule -Name "https-rule" -Protocol "https:443" -TargetFqdn "*" -SourceAddress "10.0.0.0"This example creates a rule which will allow all HTTPS traffic on port 443 from 10.0.0.0.
2: Create a rule to allow WindowsUpdate for 10.0.0.0/24 subnet
New-AzureRmFirewallApplicationRule -Name "windows-update-rule" -FqdnTag WindowsUpdate -SourceAddress "10.0.0.0/24"This example creates a rule which will allow traffic for Windows Updates for 10.0.0.0/24 domain.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Specifies an optional description of this rule.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FqdnTag
Specifies a list of FQDN Tags for this rule. The available tags can be retrieved using Get-AzureRmFirewallFqdnTag cmdlet.
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies the name of this application rule. The name must be unique inside a rule collection.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Protocol
Specifies the type of traffic to be filtered by this rule. The format is <protocol type>:<port>.
For example, "http:80" or "https:443".
Protocol is mandatory when TargetFqdn is used, but it cannot be used with FqdnTag. The supported protocols are HTTP and HTTPS.
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourceAddress
The source addresses of the rule
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TargetFqdn
Specifies a list of domain names filtered by this rule. The asterik character, '*', is accepted only as the first character of an FQDN in the list. When used, the asterik matches any number of characters. (e.g. '*msn.com' will match msn.com and all its subdomains)
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
This cmdlet does not accept any input.
Outputs
Microsoft.Azure.Commands.Network.Models.PSFirewallApplicationRule