Adding support for firewallPolicy on HttpListener and PathRule

venkatsvpr · venkatsvpr · commit 85081cfafce3 · 2019-10-16T14:18:49.000-07:00
diff --git a/src/Network/Network/help/New-AzApplicationGatewayHttpListener.md b/src/Network/Network/help/New-AzApplicationGatewayHttpListener.md
@@ -19,6 +19,7 @@ New-AzApplicationGatewayHttpListener -Name <String> [-FrontendIPConfigurationId
  [-FrontendPortId <String>] [-SslCertificateId <String>] [-HostName <String>]
  [-RequireServerNameIndication <String>] -Protocol <String>
  [-CustomErrorConfiguration <PSApplicationGatewayCustomError[]>] [-DefaultProfile <IAzureContextContainer>]
+ [-FirewallPolicyId <String>]
  [<CommonParameters>]
 ```
 
@@ -27,6 +28,7 @@ New-AzApplicationGatewayHttpListener -Name <String> [-FrontendIPConfigurationId
 New-AzApplicationGatewayHttpListener -Name <String>
  [-FrontendIPConfiguration <PSApplicationGatewayFrontendIPConfiguration>]
  [-FrontendPort <PSApplicationGatewayFrontendPort>] [-SslCertificate <PSApplicationGatewaySslCertificate>]
+ [-FirewallPolicy <PSApplicationGatewayWebApplicationFirewallPolicy>]
  [-HostName <String>] [-RequireServerNameIndication <String>] -Protocol <String>
  [-CustomErrorConfiguration <PSApplicationGatewayCustomError[]>] [-DefaultProfile <IAzureContextContainer>]
  [<CommonParameters>]
@@ -52,6 +54,13 @@ PS C:\>$Listener = New-AzApplicationGatewayHttpListener -Name "Listener01" -Prot
 This command creates an HTTP listener that uses SSL offload and provides the SSL certificate in the $SSLCert01 variable.
 The command stores the result in the variable named $Listener.
 
+### Example 3: Create an HTTP listener with firewall-policy
+```
+PS C:\>$Listener = New-AzApplicationGatewayHttpListener -Name "Listener01" -Protocol "Http" -FrontendIpConfiguration $FIp01 -FrontendPort $FP01 -FirewallPolicy $firewallPolicy
+```
+
+This command creates an HTTP listener named Listener01, FirewallPolicy as $firewallPolicy and stores the result in the variable named $Listener.
+
 ## PARAMETERS
 
 ### -CustomErrorConfiguration
@@ -234,6 +243,43 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -FirewallPolicy
+Specifies the object reference to a top-level firewall policy. 
+The object reference can be created by using New-AzApplicationGatewayWebApplicationFirewallPolicy cmdlet.
+$firewallPolicy = New-AzApplicationGatewayFirewallPolicy -Name "wafPolicy1" -ResourceGroup "rgName"
+A firewall policy created using the above commandlet can be referred at a path-rule level. 
+he above command would create a default policy settings and managed rules.
+Instead of the default values, users can specify PolicySettings, ManagedRules by using New-AzApplicationGatewayFirewallPolicySettings and New-AzApplicationGatewayFirewallPolicyManagedRules respectively.
+
+```yaml
+Type: Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayWebApplicationFirewallPolicy
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -FirewallPolicyId
+Specifies the ID of an existing top-level web application firewall resource.
+Firewall policy IDs can be returned by using the Get-AzApplicationGatewayWebApplicationFirewallPolicy cmdlet. 
+After we have the ID you can use *FirewallPolicyId* parameter instead of *FirewallPolicy* parameter.
+For instance:
+-FirewallPolicyId  �/subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/<firewallPolicyName>�
+
+```yaml
+Type: Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayWebApplicationFirewallPolicy
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### CommonParameters
 This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
 
diff --git a/src/Network/Network/help/New-AzApplicationGatewayPathRuleConfig.md b/src/Network/Network/help/New-AzApplicationGatewayPathRuleConfig.md
@@ -17,7 +17,7 @@ Creates an application gateway path rule.
 ```
 New-AzApplicationGatewayPathRuleConfig -Name <String> -Paths <String[]> [-BackendAddressPoolId <String>]
  [-BackendHttpSettingsId <String>] [-RewriteRuleSetId <String>] [-RedirectConfigurationId <String>]
- [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
+ [-FirewallPolicyId <String>] [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
 ```
 
 ### SetByResource
@@ -26,6 +26,7 @@ New-AzApplicationGatewayPathRuleConfig -Name <String> -Paths <String[]>
  [-BackendAddressPool <PSApplicationGatewayBackendAddressPool>]
  [-BackendHttpSettings <PSApplicationGatewayBackendHttpSettings>]
  [-RewriteRuleSet <PSApplicationGatewayRewriteRuleSet>]
+ [-FirewallPolicy <PSApplicationGatewayWebApplicationFirewallPolicy>]
  [-RedirectConfiguration <PSApplicationGatewayRedirectConfiguration>]
  [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
 ```
@@ -53,6 +54,13 @@ The next two commands create a backend address pool and a backend HTTP settings
 The fourth command creates the path rule object and is stored in a variable named $PathRuleConfig.
 The fifth command uses **Add-AzApplicationGatewayUrlPathMapConfig** to add the configuration settings and the new path rule contained within those settings to ContosoApplicationGateway.
 
+### Example 2
+```
+PS C:\> $PathRuleConfig = New-AzApplicationGatewayPathRuleConfig -Name "base" -Paths "/base" -BackendAddressPool $AddressPool -BackendHttpSettings $HttpSettings -FirewallPolicy $firewallPolicy
+```
+
+These command creates a path-rule with the Name as "base", Paths as "/base", BackendAddressPool as $AddressPool, BackendHttpSettings as $HttpSettings and FirewallPolicy as $firewallPolicy.ngs and the new path rule contained within those settings to ContosoApplicationGateway.
+
 ## PARAMETERS
 
 ### -BackendAddressPool
@@ -141,6 +149,43 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -FirewallPolicy
+Specifies the object reference to a top-level firewall policy. 
+The object reference can be created by using New-AzApplicationGatewayWebApplicationFirewallPolicy cmdlet.
+$firewallPolicy = New-AzApplicationGatewayFirewallPolicy -Name "wafPolicy1" -ResourceGroup "rgName"
+A firewall policy created using the above commandlet can be referred at a path-rule level. 
+he above command would create a default policy settings and managed rules.
+Instead of the default values, users can specify PolicySettings, ManagedRules by using New-AzApplicationGatewayFirewallPolicySettings and New-AzApplicationGatewayFirewallPolicyManagedRules respectively.
+
+```yaml
+Type: Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayWebApplicationFirewallPolicy
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -FirewallPolicyId
+Specifies the ID of an existing top-level web application firewall resource.
+Firewall policy IDs can be returned by using the Get-AzApplicationGatewayWebApplicationFirewallPolicy cmdlet. 
+After we have the ID you can use *FirewallPolicyId* parameter instead of *FirewallPolicy* parameter.
+For instance:
+-FirewallPolicyId  "/subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/<firewallPolicyName>"
+
+```yaml
+Type: Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayWebApplicationFirewallPolicy
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -DefaultProfile
 The credentials, account, tenant, and subscription used for communication with azure.
 
