public PSAzureFirewallPolicyRuleCollectionGroupWrapper GetAzureFirewallPolicyRuleGroup(string resourceGroupName, string firewallPolicyName, string name)
{
var settings = new JsonSerializerSettings
{
NullValueHandling = NullValueHandling.Ignore,
MissingMemberHandling = MissingMemberHandling.Ignore
};
var getRuleCollectionGroup = this.AzureFirewallPolicyRuleGroupClient.Get(resourceGroupName, firewallPolicyName, name);
var ruleCollectionGroup = new PSAzureFirewallPolicyRuleCollectionGroup();
ruleCollectionGroup.RuleCollection = new List <PSAzureFirewallPolicyBaseRuleCollection>();
for (int ruleCollectionIndex = 0; ruleCollectionIndex < getRuleCollectionGroup.Rules.Count; ruleCollectionIndex++)
{
var ruleCollection = new PSAzureFirewallPolicyBaseRuleCollection();
if (getRuleCollectionGroup.Rules[ruleCollectionIndex] is MNM.FirewallPolicyFilterRule)
{
MNM.FirewallPolicyFilterRule filterRule = (MNM.FirewallPolicyFilterRule)getRuleCollectionGroup.Rules[ruleCollectionIndex];
PSAzureFirewallPolicyFilterRuleCollection filterRuleCollection = JsonConvert.DeserializeObject <PSAzureFirewallPolicyFilterRuleCollection>(JsonConvert.SerializeObject(getRuleCollectionGroup.Rules[ruleCollectionIndex]));
filterRuleCollection.RuleCollectionType = "FirewallPolicyFilterRule";
filterRuleCollection.Rules = new List <PSAzureFirewallPolicyRule>();
for (int ruleIndex = 0; ruleIndex < filterRule.RuleConditions.Count; ruleIndex++)
{
if (filterRule.RuleConditions[ruleIndex] is MNM.ApplicationRuleCondition)
{
PSAzureFirewallPolicyApplicationRule rule = JsonConvert.DeserializeObject <PSAzureFirewallPolicyApplicationRule>(JsonConvert.SerializeObject(filterRule.RuleConditions[ruleIndex]));
rule.RuleType = "ApplicationRuleCondition";
filterRuleCollection.Rules.Add(rule);
}
else
{
PSAzureFirewallPolicyNetworkRule rule = JsonConvert.DeserializeObject <PSAzureFirewallPolicyNetworkRule>(JsonConvert.SerializeObject(filterRule.RuleConditions[ruleIndex]));
rule.RuleType = "NetworkRuleCondition";
filterRuleCollection.Rules.Add(rule);
}
}
ruleCollectionGroup.RuleCollection.Add(filterRuleCollection);
}
else
{
MNM.FirewallPolicyNatRule natRule = (MNM.FirewallPolicyNatRule)getRuleCollectionGroup.Rules[ruleCollectionIndex];
PSAzureFirewallPolicyNatRuleCollection natRuleCollection = JsonConvert.DeserializeObject <PSAzureFirewallPolicyNatRuleCollection>(JsonConvert.SerializeObject(getRuleCollectionGroup.Rules[ruleCollectionIndex]));
natRuleCollection.RuleCollectionType = "FirewallPolicyNatRule";
natRuleCollection.Rule = JsonConvert.DeserializeObject <PSAzureFirewallPolicyNetworkRule>(JsonConvert.SerializeObject(natRule.RuleCondition));
natRuleCollection.Rule.RuleType = "NetworkRuleCondition";
ruleCollectionGroup.RuleCollection.Add(natRuleCollection);
}
}
var ruleCollectionGroupWrapper = new PSAzureFirewallPolicyRuleCollectionGroupWrapper();
ruleCollectionGroup.Priority = (uint)getRuleCollectionGroup.Priority;
ruleCollectionGroupWrapper.Properties = ruleCollectionGroup;
ruleCollectionGroupWrapper.Name = getRuleCollectionGroup.Name;
ruleCollectionGroupWrapper.Properties.Id = getRuleCollectionGroup.Id;
return(ruleCollectionGroupWrapper);
}
public override void Execute()
{
base.Execute();
var networkRule = new PSAzureFirewallPolicyNetworkRule
{
Name = this.Name,
protocols = this.Protocol?.ToList(),
SourceAddresses = this.SourceAddress?.ToList(),
DestinationAddresses = this.DestinationAddress?.ToList(),
DestinationPorts = this.DestinationPort?.ToList(),
RuleType = "NetworkRuleCondition"
};
WriteObject(networkRule);
}
public override void Execute()
{
base.Execute();
if (DestinationFqdn != null)
{
foreach (string fqdn in DestinationFqdn)
{
ValidateIsFqdn(fqdn);
}
}
// Only one of DestinationAddress/DestinationIpGroup or DestinationFqdns is allowed
// Eventually we may want to have exclusitivity with IpGroup too but for now not doing that
if (((DestinationAddress != null) || (DestinationIpGroup != null)) && (DestinationFqdn != null))
{
throw new ArgumentException("Both DestinationAddress or DestinationIpGroup and DestinationFqdns not allowed");
}
// One of DestinationAddress, DestinationIpGroup or DestinationFqdns must be present
if ((DestinationAddress == null) && (DestinationIpGroup == null) && (DestinationFqdn == null))
{
throw new ArgumentException("Either DestinationAddress, DestinationIpGroup or DestinationFqdns is required");
}
// One of SourceAddress or SourceIpGroup must be present
if ((SourceAddress == null) && (SourceIpGroup == null))
{
throw new ArgumentException("Either SourceAddress or SourceIpGroup is required.");
}
var networkRule = new PSAzureFirewallPolicyNetworkRule
{
Name = this.Name,
protocols = this.Protocol?.ToList(),
SourceAddresses = this.SourceAddress?.ToList(),
SourceIpGroups = this.SourceIpGroup?.ToList(),
DestinationAddresses = this.DestinationAddress?.ToList(),
DestinationIpGroups = this.DestinationIpGroup?.ToList(),
DestinationPorts = this.DestinationPort?.ToList(),
DestinationFqdns = this.DestinationFqdn?.ToList(),
RuleType = "NetworkRule"
};
WriteObject(networkRule);
}
