New-AzureRmFirewallApplicationRule

Reference

Module:: AzureRM.Network

Creates a Firewall Application Rule.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

New-AzureRmFirewallApplicationRule
   -Name <String>
   [-Description <String>]
   [-SourceAddress <System.Collections.Generic.List`1[System.String]>]
   -TargetFqdn <System.Collections.Generic.List`1[System.String]>
   -Protocol <System.Collections.Generic.List`1[System.String]>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-AzureRmFirewallApplicationRule
   -Name <String>
   [-Description <String>]
   [-SourceAddress <System.Collections.Generic.List`1[System.String]>]
   -FqdnTag <System.Collections.Generic.List`1[System.String]>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzureRmFirewallApplicationRule cmdlet creates an application rule for Azure Firewall.

Examples

1: Create a rule to allow all HTTPS traffic from 10.0.0.0

New-AzureRmFirewallApplicationRule -Name "https-rule" -Protocol "https:443" -TargetFqdn "*" -SourceAddress "10.0.0.0"

This example creates a rule which will allow all HTTPS traffic on port 443 from 10.0.0.0.

2: Create a rule to allow WindowsUpdate for 10.0.0.0/24 subnet

New-AzureRmFirewallApplicationRule -Name "windows-update-rule" -FqdnTag WindowsUpdate -SourceAddress "10.0.0.0/24"

This example creates a rule which will allow traffic for Windows Updates for 10.0.0.0/24 domain.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:	IAzureContextContainer
Aliases:	AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Description

Specifies an optional description of this rule.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-FqdnTag

Specifies a list of FQDN Tags for this rule. The available tags can be retrieved using Get-AzureRmFirewallFqdnTag cmdlet.

Type:	List<T>[String]
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Name

Specifies the name of this application rule. The name must be unique inside a rule collection.

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Protocol

Specifies the type of traffic to be filtered by this rule. The format is <protocol type>:<port>. For example, "http:80" or "https:443". Protocol is mandatory when TargetFqdn is used, but it cannot be used with FqdnTag. The supported protocols are HTTP and HTTPS.

Type:	List<T>[String]
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-SourceAddress

The source addresses of the rule

Type:	List<T>[String]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-TargetFqdn

Specifies a list of domain names filtered by this rule. The asterik character, '*', is accepted only as the first character of an FQDN in the list. When used, the asterik matches any number of characters. (e.g. '*msn.com' will match msn.com and all its subdomains)

Type:	List<T>[String]
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

None

This cmdlet does not accept any input.

Outputs

Microsoft.Azure.Commands.Network.Models.PSFirewallApplicationRule

Share via

New-AzureRmFirewallApplicationRule

Syntax

Description

Examples

1: Create a rule to allow all HTTPS traffic from 10.0.0.0

2: Create a rule to allow WindowsUpdate for 10.0.0.0/24 subnet

Parameters

-Confirm

-DefaultProfile

-Description

-FqdnTag

-Name

-Protocol

-SourceAddress

-TargetFqdn

-WhatIf

Inputs

Outputs

Additional resources

Share via

New-AzureRmFirewallApplicationRule

Syntax

Description

Examples

1: Create a rule to allow all HTTPS traffic from 10.0.0.0

2: Create a rule to allow WindowsUpdate for 10.0.0.0/24 subnet

Parameters

-Confirm

-DefaultProfile

-Description

-FqdnTag

-Name

-Protocol

-SourceAddress

-TargetFqdn

-WhatIf

Inputs

Outputs

Related Links

Additional resources