Deploy an Azure Firewall with a dedicated Terraform module.
- A resource group
| Name | Version |
|---|---|
| azurerm | n/a |
No modules.
| Name | Type |
|---|---|
| azurerm_firewall.az_fw | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| dns_servers | A list of DNS servers that the Azure Firewall will direct DNS traffic to the for name resolution. | list(string) |
null |
no |
| firewall_policy_id | The ID of the Firewall Policy applied to this Firewall. | string |
null |
no |
| ip_config_name | Specifies the name of the IP Configuration. | string |
null |
no |
| ip_config_public_ip_address_id | The ID of the Public IP Address associated with the firewall. | string |
null |
no |
| ip_config_subnet_id | Reference to the subnet associated with the IP Configuration. The Subnet used for the Firewall must have the name AzureFirewallSubnet and the subnet mask must be at least a /26. | string |
null |
no |
| location | Specifies the supported Azure location where the resource exists. | string |
null |
no |
| mng_ip_config_name | Specifies the name of the IP Configuration. | string |
null |
no |
| mng_ip_config_public_ip_address_id | The ID of the Public IP Address associated with the firewall. The Management Subnet used for the Firewall must have the name AzureFirewallManagementSubnet and the subnet mask must be at least a /26. | string |
null |
no |
| mng_ip_config_subnet_id | Reference to the subnet associated with the IP Configuration. | string |
null |
no |
| name | Specifies the name of the Firewall. | string |
null |
no |
| private_ip_ranges | A list of SNAT private CIDR IP ranges, or the special string IANAPrivateRanges, which indicates Azure Firewall does not SNAT when the destination IP address is a private range per IANA RFC 1918. | any |
null |
no |
| public_ip_count | Specifies the number of public IPs to assign to the Firewall. | number |
1 |
no |
| resource_group_name | The name of the resource group in which to create the resource. | string |
null |
no |
| sku_name | Sku name of the Firewall. Possible values are AZFW_Hub and AZFW_VNet. | string |
null |
no |
| sku_tier | Sku tier of the Firewall. Possible values are Premium and Standard. | string |
null |
no |
| tags | A mapping of tags to assign to the resource. | map |
{} |
no |
| threat_intel_mode | The operation mode for threat intelligence-based filtering. Possible values are: Off, Alert,Deny and ""(empty string) | string |
"Alert" |
no |
| use_ip_configuration | Set to true to add ip_configuration block of settings | bool |
false |
no |
| use_management_ip_configuration | Set to true to add management_ip_configuration block of settings | bool |
false |
no |
| use_virtual_hub | Set to true to add virtual_hub block of settings | bool |
false |
no |
| virtual_hub_id | Specifies the ID of the Virtual Hub where the Firewall resides in. | string |
null |
no |
| zones | Specifies the availability zones in which the Azure Firewall should be created. | any |
null |
no |
| Name | Description |
|---|---|
| fw_id | n/a |
| fw_name | n/a |