Azure Firewall
App Vendor: Microsoft
App Category: Network Security
Connector Version: 1.0.0
About App
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
With Azure Firewall, you can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Azure Firewall uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network. The service is fully integrated with Azure Monitor for logging and analytics.
The Azure Firewall app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Delete Firewall | This action deletes the specified firewall. |
Get Firewall by ID | This action retrieves details of the specified firewall. |
List Firewalls in Resource Group | This action retrieves details of one or more firewalls in a resource group. |
List Firewalls in Subscription | This action retrieves all firewalls linked to a subscription ID. |
Update Tags | This action updates tags for the specified firewall. |
Create Firewall | This action creates a firewall. |
Update Firewall | This action updates details of the specified firewall. |
Configuration Parameters
The following configuration parameters are required for the Azure Firewall app to communicate with the Azure Firewall enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Client ID | Enter the Azure Firewall application ID/API Key. Example: 34dccdd26c5c99ceb3af22f392b708bf | Text | Required | |
Client Secret | Enter the Azure Firewall client secret/API Secret. Example: a8c7b7523b02e259f9a65b86f5a89bd21883e832 | Password | Required | |
Tenant ID | Enter the directory tenant against which you want to operate Azure Firewall, in GUID or domain-name format. Example: 3484168f-38c1-4842-83f5-b5176fef3cad | Text | Required |
Action: Delete firewall
This action deletes the specified firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource Group Name | Enter the resource group name to which the firewall belongs. Example: azurepoc | Text | Required | |
Azure Firewall Name | Enter the firewall name that you want to delete. Example: playbook-test-firewall | Text | Required |
Example Request
[
{
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"azure_firewall_name": "playbook-test-firewall",
"resource_group_name": "azurepoc"
}
]Action: Get Firewall by ID
This action retrieves details of the specified firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource Group Name | Enter the resource group name to which the firewall belongs. Example: azurepoc | Text | Required | |
Azure Firewall Name | Enter the firewall name for which you want to retrieve details. Example: playbook-test-firewall | Text | Required |
Example Request
[
{
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"azure_firewall_name": "playbook-test-firewall",
"resource_group_name": "azurepoc"
}
]Action: List Firewalls in Resource Group
This action retrieves details of one or more firewalls in a resource group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource Group Name | Enter the resource group name to which the firewall belongs. Example: playbook-test-firewall | Text | Required |
Example Request
[
{
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"resource_group_name": "azurepoc"
}
]Action: List Firewalls by Subscription ID
This action retrieves all firewalls linked to a subscription id.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required |
Example Request
[
{
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9"
}
]Action: Update Tags
This action updates tags for the specified firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource Group Name | Enter the resource group name to which the firewall belongs. Example: azurepoc | Text | Required | |
Azure Firewall Name | Enter the firewall name for which you want to retrieve details. Example: playbook-test-firewall | Text | Required | |
Tags | Enter the tags you want to add to the firewall. You can enter multiple tags as key-value pairs. Example: { "tag1": "value1", "tag2": "value2" } | Key_value | Required |
Example Request
[
{
"tags": {
"tag1": "tag1_value",
"tag2": "tag2_value"
},
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"azure_firewall_name": "playbook-test-firewall",
"resource_group_name": "azurepoc"
}
]Action: Create Firewall
This action creates a firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource Group Name | Enter the resource group name to which the firewall belongs. Example: azurepoc | Text | Required | |
Azure Firewall Name | Enter a name for the firewall. Example: playbook-test-firewall | Text | Required | |
Location | Enter the location. Example: westus | Text | Required | |
Additional parameters | Additional parameters used to create a firewall. 1st level of nesting: properties.field_name 2nd level of nesting onwards: object such as list or dictionary Example: {"priority":1} | Key_value | Optional |
Example Request
[
{
"location": "eastus",
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"azure_firewall_name": "playbook-test-firewall",
"resource_group_name": "azurepoc",
"params": {
"properties.networkRuleCollections": [
{
"id": "/subscriptions/9677ae65-e240-48aa-b929-13d57393b8c9/resourceGroups/azurepoc/providers/Microsoft.Network/azureFirewalls/playbook-test-firewall/networkRuleCollections/test-network-rules",
"name": "test-network-rules",
"type": "Microsoft.Network/azureFirewalls/networkRuleCollections",
"properties": {
"rules": [
{
"name": "Google DNS",
"protocols": [
"Any"
],
"sourceIpGroups": [],
"sourceAddresses": [
"192.168.10.1"
],
"destinationFqdns": [],
"destinationPorts": [
"53"
],
"destinationIpGroups": [],
"destinationAddresses": [
"8.8.8.8"
]
}
],
"action": {
"type": "Allow"
},
"priority": 100
}
}
]
}
}
]Action: Update Firewall
This action updates details of the specified firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Subscription ID | Enter the subscription id. Example: 9677ae65-e240-48aa-b929-13d57393b8c9 | Text | Required | |
Resource group name | Enter the resource group name to which the firewall belongs. Example: azurepoc | Text | Required | |
Azure firewall name | Enter the name of the firewall for which you want to retrieve details. Example: playbook-test-firewall | Text | Required | |
Additional parameters | Additional parameters used to update a firewall. 1st level of nesting: properties.field_name 2nd level of nesting onwards: object such as list or dictionary Example: {"priority":1} | Key_value | Optional |
Example Request
[
{
"params": {
"properties.networkRuleCollections": [
{
"id": "/subscriptions/9677ae65-e240-48aa-b929-13d57393b8c9/resourceGroups/azurepoc/providers/Microsoft.Network/azureFirewalls/playbook-test-firewall/networkRuleCollections/test-network-rules",
"name": "test-network-rules",
"type": "Microsoft.Network/azureFirewalls/networkRuleCollections",
"properties": {
"rules": [
{
"name": "Google DNS",
"protocols": [
"Any"
],
"sourceIpGroups": [],
"sourceAddresses": [
"192.168.10.1"
],
"destinationFqdns": [],
"destinationPorts": [
"53"
],
"destinationIpGroups": [],
"destinationAddresses": [
"8.8.8.8"
]
}
],
"action": {
"type": "Allow"
},
"priority": 100
}
}
]
},
"subscription_id": "9677ae65-e240-48aa-b929-13d57393b8c9",
"azure_firewall_name": "playbook-test-firewall",
"resource_group_name": "azurepoc"
}
]