az network firewall network-rule
Note
This reference is part of the azure-firewall extension for the Azure CLI (version 2.61.0 or higher). The extension will automatically install the first time you run an az network firewall network-rule command. Learn more about extensions.
Manage and configure Azure Firewall network rules.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network firewall network-rule collection |
Manage and configure Azure Firewall network rule collections. |
Extension | GA |
| az network firewall network-rule collection delete |
Delete an Azure Firewall network rule collection. |
Extension | GA |
| az network firewall network-rule collection list |
List Azure Firewall network rule collections. |
Extension | GA |
| az network firewall network-rule collection show |
Get the details of an Azure Firewall network rule collection. |
Extension | GA |
| az network firewall network-rule create |
Create an Azure Firewall network rule. |
Extension | GA |
| az network firewall network-rule delete |
Delete an Azure Firewall network rule. If you want to delete the last rule in a collection, please delete the collection instead. |
Extension | GA |
| az network firewall network-rule list |
List Azure Firewall network rules. |
Extension | GA |
| az network firewall network-rule show |
Get the details of an Azure Firewall network rule. |
Extension | GA |
az network firewall network-rule create
Create an Azure Firewall network rule.
az network firewall network-rule create --collection-name
--destination-ports
--firewall-name
--name
--protocols {Any, ICMP, TCP, UDP}
--resource-group
[--action {Allow, Deny}]
[--description]
[--dest-addr]
[--destination-fqdns]
[--destination-ip-groups]
[--priority]
[--source-addresses]
[--source-ip-groups]Required Parameters
Name of the collection to create the rule in. Will create the collection if it does not exist.
Space-separated list of destination ports. Use '*' to match all.
Azure Firewall name.
The name of the network rule.
Space-separated list of protocols.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The action to apply for the rule collection. Supply only if you want to create the collection.
Rule description.
Space-separated list of destination IP addresses. Use '*' to match all.
Space-separated list of destination FQDNs.
Space-separated list of name or resource id of destination IpGroups.
Priority of the rule collection from 100 (high) to 65000 (low). Supply only if you want to create the collection.
Space-separated list of source IP addresses. Use '*' to match all.
Space-separated list of name or resource id of source IpGroups.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall network-rule delete
Delete an Azure Firewall network rule. If you want to delete the last rule in a collection, please delete the collection instead.
az network firewall network-rule delete [--collection-name]
[--firewall-name]
[--ids]
[--name]
[--resource-group]
[--subscription]Optional Parameters
Name of the rule collection.
Azure Firewall name.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the network rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall network-rule list
List Azure Firewall network rules.
az network firewall network-rule list --collection-name
--firewall-name
--resource-groupRequired Parameters
Name of the rule collection.
Azure Firewall name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall network-rule show
Get the details of an Azure Firewall network rule.
az network firewall network-rule show [--collection-name]
[--firewall-name]
[--ids]
[--name]
[--resource-group]
[--subscription]Optional Parameters
Name of the rule collection.
Azure Firewall name.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the network rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
