» azurerm_firewall
Manages an Azure Firewall.
» Example Usage
resource "azurerm_resource_group" "test" {
name = "example-resources"
location = "North Europe"
}
resource "azurerm_virtual_network" "test" {
name = "testvnet"
address_space = ["10.0.0.0/16"]
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
}
resource "azurerm_subnet" "test" {
name = "AzureFirewallSubnet"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_network_name = "${azurerm_virtual_network.test.name}"
address_prefix = "10.0.1.0/24"
}
resource "azurerm_public_ip" "test" {
name = "testpip"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_firewall" "test" {
name = "testfirewall"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
ip_configuration {
name = "configuration"
subnet_id = "${azurerm_subnet.test.id}"
public_ip_address_id = "${azurerm_public_ip.test.id}"
}
}
» Argument Reference
The following arguments are supported:
-
name
- (Required) Specifies the name of the Firewall. Changing this forces a new resource to be created. -
resource_group_name
- (Required) The name of the resource group in which to create the resource. Changing this forces a new resource to be created. -
location
- (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. -
ip_configuration
- (Required) Aip_configuration
block as documented below. -
tags
- (Optional) A mapping of tags to assign to the resource.
A ip_configuration
block supports the following:
-
name
- (Required) Specifies the name of the IP Configuration. -
subnet_id
- (Required) Reference to the subnet associated with the IP Configuration.
NOTE The Subnet used for the Firewall must have the name AzureFirewallSubnet
and the subnet mask must be at least /26
.
-
public_ip_address_id
- (Required) The Resource ID of the Public IP Address associated with the firewall.
NOTE The Public IP must have a Static
allocation and Standard
sku.
» Attributes Reference
The following attributes are exported:
-
id
- The Resource ID of the Azure Firewall. -
ip_configuration
- Aip_configuration
block as defined below.
A ip_configuration
block exports the following:
-
private_ip_address
- The private IP address of the Azure Firewall.
» Import
Azure Firewalls can be imported using the resource id
, e.g.
terraform import azurerm_firewall.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/azureFirewalls/testfirewall