private PSAzureFirewall CreateAzureFirewall() { var firewall = new PSAzureFirewall(); if (Sku == MNM.AzureFirewallSkuName.AZFWHub) { if (VirtualHubId != null && this.Location != null) { var resourceInfo = new ResourceIdentifier(VirtualHubId); var hub = this.VirtualHubClient.Get(resourceInfo.ResourceGroupName, resourceInfo.ResourceName); if (hub.Location != this.Location) { throw new ArgumentException("VirtualHub and Firewall cannot be in different locations", nameof(VirtualHubId)); } } var sku = new PSAzureFirewallSku(); sku.Name = MNM.AzureFirewallSkuName.AZFWHub; sku.Tier = MNM.AzureFirewallSkuTier.Standard; firewall = new PSAzureFirewall() { Name = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, Sku = sku, VirtualHub = VirtualHubId != null ? new MNM.SubResource(VirtualHubId) : null, FirewallPolicy = FirewallPolicyId != null ? new MNM.SubResource(FirewallPolicyId) : null }; } else { var sku = new PSAzureFirewallSku(); sku.Name = MNM.AzureFirewallSkuName.AZFWVNet; sku.Tier = MNM.AzureFirewallSkuTier.Standard; firewall = new PSAzureFirewall() { Name = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, ApplicationRuleCollections = this.ApplicationRuleCollection?.ToList(), NatRuleCollections = this.NatRuleCollection?.ToList(), NetworkRuleCollections = this.NetworkRuleCollection?.ToList(), ThreatIntelMode = this.ThreatIntelMode ?? MNM.AzureFirewallThreatIntelMode.Alert, ThreatIntelWhitelist = this.ThreatIntelWhitelist, Sku = sku }; if (this.Zone != null) { firewall.Zones = this.Zone?.ToList(); } if (this.virtualNetwork != null) { firewall.Allocate(this.virtualNetwork, this.publicIpAddresses); } } // Map to the sdk object var azureFirewallModel = NetworkResourceManagerProfile.Mapper.Map <MNM.AzureFirewall>(firewall); azureFirewallModel.Tags = TagsConversionHelper.CreateTagDictionary(this.Tag, validate: true); // Execute the Create AzureFirewall call this.AzureFirewallClient.CreateOrUpdate(this.ResourceGroupName, this.Name, azureFirewallModel); return(this.GetAzureFirewall(this.ResourceGroupName, this.Name)); }
private PSAzureFirewall CreateAzureFirewall() { var firewall = new PSAzureFirewall(); if (Sku == MNM.AzureFirewallSkuName.AZFWHub) { if (VirtualHubId != null && this.Location != null) { var resourceInfo = new ResourceIdentifier(VirtualHubId); var hub = this.VirtualHubClient.Get(resourceInfo.ResourceGroupName, resourceInfo.ResourceName); if (hub.Location != this.Location) { throw new ArgumentException("VirtualHub and Firewall cannot be in different locations", nameof(VirtualHubId)); } } if (this.HubIPAddress != null && this.HubIPAddress.PublicIPs != null && this.HubIPAddress.PublicIPs.Addresses != null) { throw new ArgumentException("The list of public Ip addresses cannot be provided during the firewall creation"); } var sku = new PSAzureFirewallSku(); sku.Name = MNM.AzureFirewallSkuName.AZFWHub; sku.Tier = MNM.AzureFirewallSkuTier.Standard; firewall = new PSAzureFirewall() { Name = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, Sku = sku, VirtualHub = VirtualHubId != null ? new MNM.SubResource(VirtualHubId) : null, FirewallPolicy = FirewallPolicyId != null ? new MNM.SubResource(FirewallPolicyId) : null, HubIPAddresses = this.HubIPAddress }; } else { var sku = new PSAzureFirewallSku(); sku.Name = MNM.AzureFirewallSkuName.AZFWVNet; sku.Tier = MNM.AzureFirewallSkuTier.Standard; firewall = new PSAzureFirewall() { Name = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, FirewallPolicy = FirewallPolicyId != null ? new MNM.SubResource(FirewallPolicyId) : null, ApplicationRuleCollections = this.ApplicationRuleCollection?.ToList(), NatRuleCollections = this.NatRuleCollection?.ToList(), NetworkRuleCollections = this.NetworkRuleCollection?.ToList(), ThreatIntelMode = this.ThreatIntelMode ?? MNM.AzureFirewallThreatIntelMode.Alert, ThreatIntelWhitelist = this.ThreatIntelWhitelist, PrivateRange = this.PrivateRange, DNSEnableProxy = (this.EnableDnsProxy.IsPresent? "true" : null), DNSRequireProxyForNetworkRules = (this.DnsProxyNotRequiredForNetworkRule.IsPresent ? "false" : null), DNSServer = this.DnsServer, AllowActiveFTP = (this.AllowActiveFTP.IsPresent ? "true" : null), Sku = sku }; if (this.Zone != null) { firewall.Zones = this.Zone?.ToList(); } if (this.virtualNetwork != null) { firewall.Allocate(this.virtualNetwork, this.publicIpAddresses, this.ManagementPublicIpAddress); } firewall.ValidateDNSProxyRequirements(); } // Map to the sdk object var azureFirewallModel = NetworkResourceManagerProfile.Mapper.Map <MNM.AzureFirewall>(firewall); azureFirewallModel.Tags = TagsConversionHelper.CreateTagDictionary(this.Tag, validate: true); // Execute the Create AzureFirewall call this.AzureFirewallClient.CreateOrUpdate(this.ResourceGroupName, this.Name, azureFirewallModel); return(this.GetAzureFirewall(this.ResourceGroupName, this.Name)); }