@drunk-pulumi/azure 0.0.36 → 0.0.38

package/VNet/Bastion.js

@@ -3,26 +3,30 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const IpAddress_1 = require("./IpAddress");
 const network = require("@pulumi/azure-native/network");
 const Naming_1 = require("../Common/Naming");
-exports.default = ({ name, group, subnetId, dependsOn }) => {
+exports.default = ({ name, group, subnetId, dependsOn, importUri, ignoreChanges, sku = "Basic", }) => {
     name = (0, Naming_1.getBastionName)(name);
-    const ipAddress = (0, IpAddress_1.default)({
+    const ipAddressId = (0, IpAddress_1.default)({
         name,
         group,
-        sku: { name: "Standard", tier: "Regional" },
         lock: false,
-    });
+    }).id;
     return new network.BastionHost(name, {
         bastionHostName: name,
         ...group,
-        //dnsName: name,
+        sku: { name: sku },
         ipConfigurations: [
             {
                 name: "IpConfig",
-                publicIPAddress: { id: ipAddress.id },
+                publicIPAddress: { id: ipAddressId },
                 subnet: { id: subnetId },
                 privateIPAllocationMethod: network.IPAllocationMethod.Dynamic,
             },
         ],
-    }, { dependsOn: dependsOn || ipAddress, deleteBeforeReplace: true });
+    }, {
+        dependsOn: dependsOn,
+        deleteBeforeReplace: true,
+        import: importUri,
+        ignoreChanges,
+    });
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQmFzdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9WTmV0L0Jhc3Rpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSwyQ0FBb0M7QUFDcEMsd0RBQXdEO0FBRXhELDZDQUFrRDtBQU9sRCxrQkFBZSxDQUFDLEVBQUUsSUFBSSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFTLEVBQUUsRUFBRTtJQUM3RCxJQUFJLEdBQUcsSUFBQSx1QkFBYyxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRTVCLE1BQU0sU0FBUyxHQUFHLElBQUEsbUJBQVMsRUFBQztRQUMxQixJQUFJO1FBQ0osS0FBSztRQUNMLEdBQUcsRUFBRSxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRTtRQUMzQyxJQUFJLEVBQUUsS0FBSztLQUNaLENBQUMsQ0FBQztJQUVILE9BQU8sSUFBSSxPQUFPLENBQUMsV0FBVyxDQUM1QixJQUFJLEVBQ0o7UUFDRSxlQUFlLEVBQUUsSUFBSTtRQUNyQixHQUFHLEtBQUs7UUFDUixnQkFBZ0I7UUFFaEIsZ0JBQWdCLEVBQUU7WUFDaEI7Z0JBQ0UsSUFBSSxFQUFFLFVBQVU7Z0JBQ2hCLGVBQWUsRUFBRSxFQUFFLEVBQUUsRUFBRSxTQUFTLENBQUMsRUFBRSxFQUFFO2dCQUNyQyxNQUFNLEVBQUUsRUFBRSxFQUFFLEVBQUUsUUFBUSxFQUFFO2dCQUN4Qix5QkFBeUIsRUFBRSxPQUFPLENBQUMsa0JBQWtCLENBQUMsT0FBTzthQUM5RDtTQUNGO0tBQ0YsRUFDRCxFQUFFLFNBQVMsRUFBRSxTQUFTLElBQUksU0FBUyxFQUFFLG1CQUFtQixFQUFFLElBQUksRUFBRSxDQUNqRSxDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQmFzdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9WTmV0L0Jhc3Rpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSwyQ0FBb0M7QUFDcEMsd0RBQXdEO0FBRXhELDZDQUFrRDtBQU9sRCxrQkFBZSxDQUFDLEVBQ2QsSUFBSSxFQUNKLEtBQUssRUFDTCxRQUFRLEVBQ1IsU0FBUyxFQUNULFNBQVMsRUFDVCxhQUFhLEVBQ2IsR0FBRyxHQUFHLE9BQU8sR0FDQSxFQUFFLEVBQUU7SUFDakIsSUFBSSxHQUFHLElBQUEsdUJBQWMsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUU1QixNQUFNLFdBQVcsR0FBRyxJQUFBLG1CQUFTLEVBQUM7UUFDNUIsSUFBSTtRQUNKLEtBQUs7UUFDTCxJQUFJLEVBQUUsS0FBSztLQUNaLENBQUMsQ0FBQyxFQUFFLENBQUM7SUFFTixPQUFPLElBQUksT0FBTyxDQUFDLFdBQVcsQ0FDNUIsSUFBSSxFQUNKO1FBQ0UsZUFBZSxFQUFFLElBQUk7UUFDckIsR0FBRyxLQUFLO1FBQ1IsR0FBRyxFQUFFLEVBQUUsSUFBSSxFQUFFLEdBQUcsRUFBRTtRQUNsQixnQkFBZ0IsRUFBRTtZQUNoQjtnQkFDRSxJQUFJLEVBQUUsVUFBVTtnQkFDaEIsZUFBZSxFQUFFLEVBQUUsRUFBRSxFQUFFLFdBQVcsRUFBRTtnQkFDcEMsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsRUFBRTtnQkFDeEIseUJBQXlCLEVBQUUsT0FBTyxDQUFDLGtCQUFrQixDQUFDLE9BQU87YUFDOUQ7U0FDRjtLQUNGLEVBQ0Q7UUFDRSxTQUFTLEVBQUUsU0FBUztRQUNwQixtQkFBbUIsRUFBRSxJQUFJO1FBQ3pCLE1BQU0sRUFBRSxTQUFTO1FBQ2pCLGFBQWE7S0FDZCxDQUNGLENBQUM7QUFDSixDQUFDLENBQUMifQ==

package/VNet/Firewall.d.ts

@@ -1,27 +1,34 @@
-import * as network from '@pulumi/azure-native/network';
-import * as pulumi from '@pulumi/pulumi';
-import { BasicMonitorArgs, BasicResourceArgs, DefaultResourceArgs } from '../types';
-import { FirewallPolicyProps } from './FirewallRules/types';
+import * as network from "@pulumi/azure-native/network";
+import * as pulumi from "@pulumi/pulumi";
+import { BasicMonitorArgs, BasicResourceArgs, DefaultResourceArgs } from "../types";
+import { FirewallPolicyProps } from "./types";
+import { Input } from "@pulumi/pulumi";
 export interface FwOutboundConfig {
-    name?: string;
     subnetId: pulumi.Input<string>;
-    publicIpAddress: network.PublicIPAddress;
+    publicIpAddress?: network.PublicIPAddress;
 }
 export type FirewallSkus = {
     name: network.AzureFirewallSkuName;
     tier: network.AzureFirewallSkuTier;
 };
-interface Props extends BasicResourceArgs, Omit<DefaultResourceArgs, 'monitoring'> {
+export interface FirewallProps extends BasicResourceArgs, Omit<DefaultResourceArgs, "monitoring"> {
+    /** The public outbound IP address ignores this property if want to enable the Force Tunneling mode */
     outbound: Array<FwOutboundConfig>;
-    /** This must be provided if sku is Basic */
+    /** This must be provided if sku is Basic or want to enable the Force Tunneling mode */
     management?: FwOutboundConfig;
+    snat?: {
+        privateRanges?: Input<string>;
+        autoLearnPrivateRanges?: boolean;
+        routeServerId?: Input<string>;
+    };
     policy: FirewallPolicyProps;
     enableDnsProxy?: boolean;
     sku?: FirewallSkus;
-    monitorConfig?: BasicMonitorArgs;
+    monitorConfig?: Omit<BasicMonitorArgs, "dependsOn">;
 }
-declare const _default: ({ name, group, policy, outbound, management, monitorConfig, enableDnsProxy, sku, ...others }: Props) => {
-    firewall: import("@pulumi/azure-native/network/azureFirewall").AzureFirewall;
-    policy: import("@pulumi/azure-native/network/firewallPolicy").FirewallPolicy | undefined;
+export type FirewallResult = {
+    firewall: network.AzureFirewall;
+    policy: network.FirewallPolicy | undefined;
 };
+declare const _default: ({ name, group, snat, policy, outbound, management, monitorConfig, enableDnsProxy, sku, ...others }: FirewallProps) => FirewallResult;
 export default _default;

package/VNet/Firewall.js

@@ -5,77 +5,96 @@ const AzureEnv_1 = require("../Common/AzureEnv");
 const Naming_1 = require("../Common/Naming");
 const ResourceCreator_1 = require("../Core/ResourceCreator");
 const FirewallPolicy_1 = require("./FirewallPolicy");
-exports.default = ({ name, group, 
-//rules,
-policy, outbound, management, monitorConfig, enableDnsProxy, sku = {
+const IpAddress_1 = require("./IpAddress");
+const StackEnv_1 = require("../Common/StackEnv");
+exports.default = ({ name, group, snat, policy, outbound, management, monitorConfig, enableDnsProxy, sku = {
     name: network.AzureFirewallSkuName.AZFW_VNet,
     tier: network.AzureFirewallSkuTier.Basic,
 }, ...others }) => {
-    if (sku.tier === network.AzureFirewallSkuTier.Basic && !management) {
-        throw new Error('Management Public Ip Address is required for Firewall Basic tier.');
+    // Validation
+    if (!StackEnv_1.isDryRun) {
+        if (!outbound && !management)
+            throw new Error("Management Public Ip Address is required for the Force Tunneling mode.");
+        if (sku.tier === network.AzureFirewallSkuTier.Basic && !management)
+            throw new Error("Management Subnet is required for Firewall Basic tier.");
     }
     const fwName = (0, Naming_1.getFirewallName)(name);
-    // if (rules?.applicationRuleCollections) {
-    //   //Add Denied other rules
-    //   rules.applicationRuleCollections.push(deniedOthersRule);
-    // }
-    const fwPolicy = policy.enabled
+    //Create Public IpAddress for Management
+    const manageIpAddress = management
+        ? management.publicIpAddress ??
+            (0, IpAddress_1.default)({
+                name: `${name}-mag`,
+                group,
+                lock: false,
+            })
+        : undefined;
+    const additionalProperties = {};
+    if (enableDnsProxy && sku.tier !== network.AzureFirewallSkuTier.Basic) {
+        additionalProperties["Network.DNS.EnableProxy"] = "Enabled";
+    }
+    if (snat) {
+        if (snat.privateRanges)
+            additionalProperties.privateRanges = snat.privateRanges;
+        if (snat.autoLearnPrivateRanges)
+            additionalProperties.autoLearnPrivateRanges = "Enabled";
+        if (snat.routeServerId)
+            additionalProperties["Network.RouteServerInfo.RouteServerID"] =
+                snat.routeServerId;
+    }
+    const fwPolicy = policy
         ? (0, FirewallPolicy_1.default)({
             name,
             group,
             basePolicyId: policy.parentPolicyId,
             sku: sku.tier,
-            dnsSettings: { enableProxy: true },
+            dnsSettings: sku?.tier !== "Basic"
+                ? {
+                    enableProxy: true,
+                }
+                : undefined,
         })
         : undefined;
-    const dependsOn = new Array();
-    outbound.forEach((o) => dependsOn.push(o.publicIpAddress));
-    if (management)
-        dependsOn.push(management.publicIpAddress);
     const { resource } = (0, ResourceCreator_1.default)(network.AzureFirewall, {
         azureFirewallName: fwName,
         ...group,
-        //...rules,
-        firewallPolicy: fwPolicy ? { id: fwPolicy.id } : undefined,
-        zones: AzureEnv_1.isPrd ? ['1', '2', '3'] : undefined,
-        threatIntelMode: network.AzureFirewallThreatIntelMode.Deny,
         sku,
-        managementIpConfiguration: management
+        firewallPolicy: fwPolicy ? { id: fwPolicy.id } : undefined,
+        zones: AzureEnv_1.isPrd ? ["1", "2", "3"] : undefined,
+        threatIntelMode: sku.tier !== network.AzureFirewallSkuTier.Basic && sku.name !== "AZFW_Hub"
+            ? network.AzureFirewallThreatIntelMode.Deny
+            : undefined,
+        managementIpConfiguration: management && manageIpAddress
             ? {
-                name: management.name,
-                publicIPAddress: { id: management.publicIpAddress.id },
+                name: "management",
+                publicIPAddress: { id: manageIpAddress.id },
                 subnet: { id: management.subnetId },
             }
             : undefined,
-        ipConfigurations: outbound.map((o, i) => ({
-            name: o.name || `outbound-${i}`,
-            publicIPAddress: o.publicIpAddress.id
-                ? { id: o.publicIpAddress.id }
-                : undefined,
-            subnet: { id: o.subnetId },
-        })),
-        additionalProperties: enableDnsProxy && sku.tier !== network.AzureFirewallSkuTier.Basic
-            ? {
-                'Network.DNS.EnableProxy': 'true',
-            }
+        ipConfigurations: outbound
+            ? outbound.map((o, i) => ({
+                name: `outbound-${i}`,
+                publicIPAddress: o.publicIpAddress
+                    ? { id: o.publicIpAddress.id }
+                    : undefined,
+                subnet: { id: o.subnetId },
+            }))
             : undefined,
+        additionalProperties,
         monitoring: {
             ...monitorConfig,
             logsCategories: [
-                'AzureFirewallApplicationRule',
-                'AzureFirewallNetworkRule',
-                'AzureFirewallDnsProxy',
+                "AzureFirewallApplicationRule",
+                "AzureFirewallNetworkRule",
+                "AzureFirewallDnsProxy",
             ],
         },
         ...others,
-        dependsOn,
     });
     //Link Rule to Policy
     if (fwPolicy && policy?.rules) {
         (0, FirewallPolicy_1.linkRulesToPolicy)({
-            name: `${name}-policies`,
             group,
-            priority: policy.priority,
+            //priority: 201,
             firewallPolicyName: fwPolicy.name,
             rules: policy.rules,
             dependsOn: [fwPolicy, resource],
@@ -83,4 +102,4 @@ policy, outbound, management, monitorConfig, enableDnsProxy, sku = {
     }
     return { firewall: resource, policy: fwPolicy };
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlyZXdhbGwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvVk5ldC9GaXJld2FsbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHdEQUF3RDtBQUd4RCxpREFBMkM7QUFDM0MsNkNBQW1EO0FBQ25ELDZEQUFzRDtBQU10RCxxREFBcUU7QUE0QnJFLGtCQUFlLENBQUMsRUFDZCxJQUFJLEVBQ0osS0FBSztBQUNMLFFBQVE7QUFDUixNQUFNLEVBQ04sUUFBUSxFQUNSLFVBQVUsRUFDVixhQUFhLEVBQ2IsY0FBYyxFQUNkLEdBQUcsR0FBRztJQUNKLElBQUksRUFBRSxPQUFPLENBQUMsb0JBQW9CLENBQUMsU0FBUztJQUM1QyxJQUFJLEVBQUUsT0FBTyxDQUFDLG9CQUFvQixDQUFDLEtBQUs7Q0FDekMsRUFDRCxHQUFHLE1BQU0sRUFDSCxFQUFFLEVBQUU7SUFDVixJQUFJLEdBQUcsQ0FBQyxJQUFJLEtBQUssT0FBTyxDQUFDLG9CQUFvQixDQUFDLEtBQUssSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ25FLE1BQU0sSUFBSSxLQUFLLENBQ2IsbUVBQW1FLENBQ3BFLENBQUM7SUFDSixDQUFDO0lBRUQsTUFBTSxNQUFNLEdBQUcsSUFBQSx3QkFBZSxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRXJDLDJDQUEyQztJQUMzQyw2QkFBNkI7SUFDN0IsNkRBQTZEO0lBQzdELElBQUk7SUFFSixNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsT0FBTztRQUM3QixDQUFDLENBQUMsSUFBQSx3QkFBYyxFQUFDO1lBQ2IsSUFBSTtZQUNKLEtBQUs7WUFDTCxZQUFZLEVBQUUsTUFBTSxDQUFDLGNBQWM7WUFDbkMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ2IsV0FBVyxFQUFFLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRTtTQUNuQyxDQUFDO1FBQ0osQ0FBQyxDQUFDLFNBQVMsQ0FBQztJQUVkLE1BQU0sU0FBUyxHQUFHLElBQUksS0FBSyxFQUFtQixDQUFDO0lBQy9DLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUM7SUFDM0QsSUFBSSxVQUFVO1FBQUUsU0FBUyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsZUFBZSxDQUFDLENBQUM7SUFFM0QsTUFBTSxFQUFFLFFBQVEsRUFBRSxHQUFHLElBQUEseUJBQWUsRUFBQyxPQUFPLENBQUMsYUFBYSxFQUFFO1FBQzFELGlCQUFpQixFQUFFLE1BQU07UUFDekIsR0FBRyxLQUFLO1FBQ1IsV0FBVztRQUNYLGNBQWMsRUFBRSxRQUFRLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLFFBQVEsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztRQUUxRCxLQUFLLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxTQUFTO1FBQzFDLGVBQWUsRUFBRSxPQUFPLENBQUMsNEJBQTRCLENBQUMsSUFBSTtRQUMxRCxHQUFHO1FBRUgseUJBQXlCLEVBQUUsVUFBVTtZQUNuQyxDQUFDLENBQUM7Z0JBQ0UsSUFBSSxFQUFFLFVBQVUsQ0FBQyxJQUFJO2dCQUNyQixlQUFlLEVBQUUsRUFBRSxFQUFFLEVBQUUsVUFBVSxDQUFDLGVBQWUsQ0FBQyxFQUFFLEVBQUU7Z0JBQ3RELE1BQU0sRUFBRSxFQUFFLEVBQUUsRUFBRSxVQUFVLENBQUMsUUFBUSxFQUFFO2FBQ3BDO1lBQ0gsQ0FBQyxDQUFDLFNBQVM7UUFFYixnQkFBZ0IsRUFBRSxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUN4QyxJQUFJLEVBQUUsQ0FBQyxDQUFDLElBQUksSUFBSSxZQUFZLENBQUMsRUFBRTtZQUMvQixlQUFlLEVBQUUsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxFQUFFO2dCQUNuQyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxFQUFFLEVBQUU7Z0JBQzlCLENBQUMsQ0FBQyxTQUFTO1lBQ2IsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsb0JBQW9CLEVBQ2xCLGNBQWMsSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxLQUFLO1lBQy9ELENBQUMsQ0FBQztnQkFDRSx5QkFBeUIsRUFBRSxNQUFNO2FBQ2xDO1lBQ0gsQ0FBQyxDQUFDLFNBQVM7UUFFZixVQUFVLEVBQUU7WUFDVixHQUFHLGFBQWE7WUFDaEIsY0FBYyxFQUFFO2dCQUNkLDhCQUE4QjtnQkFDOUIsMEJBQTBCO2dCQUMxQix1QkFBdUI7YUFDeEI7U0FDRjtRQUVELEdBQUcsTUFBTTtRQUNULFNBQVM7S0FDeUMsQ0FBQyxDQUFDO0lBRXRELHFCQUFxQjtJQUNyQixJQUFJLFFBQVEsSUFBSSxNQUFNLEVBQUUsS0FBSyxFQUFFLENBQUM7UUFDOUIsSUFBQSxrQ0FBaUIsRUFBQztZQUNoQixJQUFJLEVBQUUsR0FBRyxJQUFJLFdBQVc7WUFDeEIsS0FBSztZQUNMLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUTtZQUN6QixrQkFBa0IsRUFBRSxRQUFRLENBQUMsSUFBSTtZQUNqQyxLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7WUFDbkIsU0FBUyxFQUFFLENBQUMsUUFBUSxFQUFFLFFBQVEsQ0FBQztTQUNoQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsT0FBTyxFQUFFLFFBQVEsRUFBRSxRQUFpQyxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsQ0FBQztBQUMzRSxDQUFDLENBQUMifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlyZXdhbGwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvVk5ldC9GaXJld2FsbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHdEQUF3RDtBQUd4RCxpREFBMkM7QUFDM0MsNkNBQW1EO0FBQ25ELDZEQUFzRDtBQU10RCxxREFBcUU7QUFHckUsMkNBQW9DO0FBQ3BDLGlEQUE4QztBQXFDOUMsa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixLQUFLLEVBQ0wsSUFBSSxFQUNKLE1BQU0sRUFDTixRQUFRLEVBQ1IsVUFBVSxFQUNWLGFBQWEsRUFDYixjQUFjLEVBQ2QsR0FBRyxHQUFHO0lBQ0osSUFBSSxFQUFFLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTO0lBQzVDLElBQUksRUFBRSxPQUFPLENBQUMsb0JBQW9CLENBQUMsS0FBSztDQUN6QyxFQUNELEdBQUcsTUFBTSxFQUNLLEVBQWtCLEVBQUU7SUFDbEMsYUFBYTtJQUNiLElBQUksQ0FBQyxtQkFBUSxFQUFFLENBQUM7UUFDZCxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsVUFBVTtZQUMxQixNQUFNLElBQUksS0FBSyxDQUNiLHdFQUF3RSxDQUN6RSxDQUFDO1FBRUosSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxLQUFLLElBQUksQ0FBQyxVQUFVO1lBQ2hFLE1BQU0sSUFBSSxLQUFLLENBQUMsd0RBQXdELENBQUMsQ0FBQztJQUM5RSxDQUFDO0lBRUQsTUFBTSxNQUFNLEdBQUcsSUFBQSx3QkFBZSxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRXJDLHdDQUF3QztJQUN4QyxNQUFNLGVBQWUsR0FBRyxVQUFVO1FBQ2hDLENBQUMsQ0FBQyxVQUFVLENBQUMsZUFBZTtZQUMxQixJQUFBLG1CQUFTLEVBQUM7Z0JBQ1IsSUFBSSxFQUFFLEdBQUcsSUFBSSxNQUFNO2dCQUNuQixLQUFLO2dCQUNMLElBQUksRUFBRSxLQUFLO2FBQ1osQ0FBQztRQUNKLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFFZCxNQUFNLG9CQUFvQixHQUFrQyxFQUFFLENBQUM7SUFDL0QsSUFBSSxjQUFjLElBQUksR0FBRyxDQUFDLElBQUksS0FBSyxPQUFPLENBQUMsb0JBQW9CLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDdEUsb0JBQW9CLENBQUMseUJBQXlCLENBQUMsR0FBRyxTQUFTLENBQUM7SUFDOUQsQ0FBQztJQUNELElBQUksSUFBSSxFQUFFLENBQUM7UUFDVCxJQUFJLElBQUksQ0FBQyxhQUFhO1lBQ3BCLG9CQUFvQixDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDO1FBQzFELElBQUksSUFBSSxDQUFDLHNCQUFzQjtZQUM3QixvQkFBb0IsQ0FBQyxzQkFBc0IsR0FBRyxTQUFTLENBQUM7UUFDMUQsSUFBSSxJQUFJLENBQUMsYUFBYTtZQUNwQixvQkFBb0IsQ0FBQyx1Q0FBdUMsQ0FBQztnQkFDM0QsSUFBSSxDQUFDLGFBQWEsQ0FBQztJQUN6QixDQUFDO0lBRUQsTUFBTSxRQUFRLEdBQUcsTUFBTTtRQUNyQixDQUFDLENBQUMsSUFBQSx3QkFBYyxFQUFDO1lBQ2IsSUFBSTtZQUNKLEtBQUs7WUFDTCxZQUFZLEVBQUUsTUFBTSxDQUFDLGNBQWM7WUFDbkMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ2IsV0FBVyxFQUNULEdBQUcsRUFBRSxJQUFJLEtBQUssT0FBTztnQkFDbkIsQ0FBQyxDQUFDO29CQUNFLFdBQVcsRUFBRSxJQUFJO2lCQUNsQjtnQkFDSCxDQUFDLENBQUMsU0FBUztTQUNoQixDQUFDO1FBQ0osQ0FBQyxDQUFDLFNBQVMsQ0FBQztJQUVkLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFBLHlCQUFlLEVBQUMsT0FBTyxDQUFDLGFBQWEsRUFBRTtRQUMxRCxpQkFBaUIsRUFBRSxNQUFNO1FBQ3pCLEdBQUcsS0FBSztRQUNSLEdBQUc7UUFDSCxjQUFjLEVBQUUsUUFBUSxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVM7UUFDMUQsS0FBSyxFQUFFLGdCQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUztRQUUxQyxlQUFlLEVBQ2IsR0FBRyxDQUFDLElBQUksS0FBSyxPQUFPLENBQUMsb0JBQW9CLENBQUMsS0FBSyxJQUFJLEdBQUcsQ0FBQyxJQUFJLEtBQUssVUFBVTtZQUN4RSxDQUFDLENBQUMsT0FBTyxDQUFDLDRCQUE0QixDQUFDLElBQUk7WUFDM0MsQ0FBQyxDQUFDLFNBQVM7UUFFZix5QkFBeUIsRUFDdkIsVUFBVSxJQUFJLGVBQWU7WUFDM0IsQ0FBQyxDQUFDO2dCQUNFLElBQUksRUFBRSxZQUFZO2dCQUNsQixlQUFlLEVBQUUsRUFBRSxFQUFFLEVBQUUsZUFBZSxDQUFDLEVBQUUsRUFBRTtnQkFDM0MsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLFVBQVUsQ0FBQyxRQUFRLEVBQUU7YUFDcEM7WUFDSCxDQUFDLENBQUMsU0FBUztRQUVmLGdCQUFnQixFQUFFLFFBQVE7WUFDeEIsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUN0QixJQUFJLEVBQUUsWUFBWSxDQUFDLEVBQUU7Z0JBQ3JCLGVBQWUsRUFBRSxDQUFDLENBQUMsZUFBZTtvQkFDaEMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxlQUFlLENBQUMsRUFBRSxFQUFFO29CQUM5QixDQUFDLENBQUMsU0FBUztnQkFDYixNQUFNLEVBQUUsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDLFFBQVEsRUFBRTthQUMzQixDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsU0FBUztRQUViLG9CQUFvQjtRQUVwQixVQUFVLEVBQUU7WUFDVixHQUFHLGFBQWE7WUFDaEIsY0FBYyxFQUFFO2dCQUNkLDhCQUE4QjtnQkFDOUIsMEJBQTBCO2dCQUMxQix1QkFBdUI7YUFDeEI7U0FDRjtRQUVELEdBQUcsTUFBTTtLQUN5QyxDQUFDLENBQUM7SUFFdEQscUJBQXFCO0lBQ3JCLElBQUksUUFBUSxJQUFJLE1BQU0sRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUM5QixJQUFBLGtDQUFpQixFQUFDO1lBQ2hCLEtBQUs7WUFDTCxnQkFBZ0I7WUFDaEIsa0JBQWtCLEVBQUUsUUFBUSxDQUFDLElBQUk7WUFDakMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxLQUFLO1lBQ25CLFNBQVMsRUFBRSxDQUFDLFFBQVEsRUFBRSxRQUFRLENBQUM7U0FDaEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE9BQU8sRUFBRSxRQUFRLEVBQUUsUUFBaUMsRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLENBQUM7QUFDM0UsQ0FBQyxDQUFDIn0=

package/VNet/FirewallPolicies/AksFirewallPolicy.d.ts

@@ -1,20 +1,20 @@
-import { Input } from '@pulumi/pulumi';
-import { FirewallRuleProps } from '../FirewallRules/types';
-interface Props {
-    name: string;
-    vnetAddressSpace: Array<Input<string>>;
-    location: Input<string>;
-    privateCluster?: boolean;
-    /** Allows access to Docker and Kubenetes registries */
+import { Input } from "@pulumi/pulumi";
+import { FirewallPolicyRuleCollectionResults } from "../types";
+interface AzureFirewallPolicyProps {
+    priority: number;
+    subnetSpaces: Array<Input<string>>;
+    /** Allows access to Docker and Kubernetes registries */
     allowAccessPublicRegistries?: boolean;
-    natRule: {
-        publicIpAddress: Input<string>;
-        internalIpAddress: Input<string>;
-        apim?: {
-            apimPublicIpAddress: Input<string>;
+    dNATs?: [
+        {
+            name: string;
+            allowHttp?: boolean;
+            publicIpAddresses: Input<string>[];
+            /** Default value is '*' and it will allows all incoming requests */
+            sourceIpAddress?: Input<string>;
             internalIpAddress: Input<string>;
-        };
-    };
+        }
+    ];
 }
-declare const _default: ({ name, location, privateCluster, allowAccessPublicRegistries, vnetAddressSpace, natRule, }: Props) => FirewallRuleProps;
+declare const _default: ({ priority, allowAccessPublicRegistries, subnetSpaces, dNATs, }: AzureFirewallPolicyProps) => FirewallPolicyRuleCollectionResults;
 export default _default;