avm-res-network-firewallpolicy

Azure/avm-res-network-firewallpolicy/azurerm

Terraform Module HCL AZURERM ✓ Verified

Terraform Azure Verified Resource Module for Azure Firewall Policy

Install

module "avm-res-network-firewallpolicy" {

source = "Azure/avm-res-network-firewallpolicy/azurerm"

version = "0.3.4"

}

⭐ Source on GitHub 📦 Registry page

README

terraform-azurerm-avm-network-firewallpolicy This is the module to create an Azure Firewall Policy "Major version Zero (0.y.z) is for initial development. Anything MAY change at any time. The module SHOULD NOT be considered stable till at least it is major version one (1.0.0) or greater. Changes will always be via new versions being published and no changes will be made to existing published versions. For more details please go to " Requirements The following requirements are needed by this module: - terraform (~> 1.5) - azapi (~> 2.4) - azurerm (>= 3.71, modtm (~> 0.3) - random (~> 3.5) Resources The following resources are used by this module: - azurerm_firewall_policy.this (resource) - azurerm_management_lock.this (resource) - azurerm_monitor_diagnostic_setting.this (resource) - azurerm

Inputs (22)

Name	Type	Description	Default
location	string	(Required) The Azure Region where the Firewall Policy should exist. Changing thi	required
name	string	(Required) The name which should be used for this Firewall Policy. Changing this	required
resource_group_name	string	(Required) The name of the Resource Group where the Firewall Policy should exist	required
firewall_policy_dns	object({ proxy_enabled = o	- `proxy_enabled` - (Optional) Whether to enable DNS proxy on Firewalls attached	`null`
firewall_policy_sql_redirect_allowed	bool	(Optional) Whether SQL Redirect traffic filtering is allowed. Enabling this flag	`null`
firewall_policy_auto_learn_private_ranges_enabled	bool	(Optional) Whether enable auto learn private ip range.	`null`
firewall_policy_explicit_proxy	object({ enable_pac_file =	- `enable_pac_file` - (Optional) Whether the pac file port and url need to be pr	`null`
firewall_policy_intrusion_detection	object({ mode =	- `mode` - (Optional) In which mode you want to run intrusion detection: `Off`,	`null`
firewall_policy_sku	string	(Optional) The SKU Tier of the Firewall Policy. Possible values are `Standard`,	`null`
firewall_policy_threat_intelligence_allowlist	object({ fqdns = op	- `fqdns` - (Optional) A list of FQDNs that will be skipped for threat detection	`null`
firewall_policy_tls_certificate	object({ key_vault_secret_	- `key_vault_secret_id` - (Required) The ID of the Key Vault, where the secret o	`null`
lock	object({ kind = string	Controls the Resource Lock configuration for this resource. The following prop	`null`
role_assignments	map(object({ role_definiti	A map of role assignments to create on the <RESOURCE>. The map key is delibera	`{}`
firewall_policy_identity	object({ identity_ids = op	- `identity_ids` - (Optional) Specifies a list of User Assigned Managed Identity	`null`
firewall_policy_insights	object({ default_log_analy	- `default_log_analytics_workspace_id` - (Required) The ID of the default Log An	`null`
firewall_policy_timeouts	object({ create = optional	- `create` - (Defaults to 30 minutes) Used when creating the Firewall Policy. -	`null`
tags	map(string)	(Optional) A mapping of tags to assign to the resource.	`null`
enable_telemetry	bool	This variable controls whether or not telemetry is enabled for the module. For m	`true`
firewall_policy_private_ip_ranges	list(string)	(Optional) A list of private IP ranges to which traffic will not be SNAT.	`null`
firewall_policy_threat_intelligence_mode	string	(Optional) The operation mode for Threat Intelligence. Possible values are `Aler	`null`
diagnostic_settings	map(object({ name	A map of diagnostic settings to create on the Key Vault. The map key is delibe	`{}`
firewall_policy_base_policy_id	string	(Optional) The ID of the base Firewall Policy.	`null`