diff --git a/src/azure-firewall/HISTORY.rst b/src/azure-firewall/HISTORY.rst index 658077c0a26..e8dff7c8066 100644 --- a/src/azure-firewall/HISTORY.rst +++ b/src/azure-firewall/HISTORY.rst @@ -2,6 +2,10 @@ Release History =============== +0.14.2 +++++++ +* `az network firewall create/update`: add parameter `--fat-flow-logging` + 0.14.1 ++++++ * `az network firewall policy`: add parameter `sql` diff --git a/src/azure-firewall/azext_firewall/_params.py b/src/azure-firewall/azext_firewall/_params.py index 83fd4817461..95e9dc078bb 100644 --- a/src/azure-firewall/azext_firewall/_params.py +++ b/src/azure-firewall/azext_firewall/_params.py @@ -65,6 +65,8 @@ def load_arguments(self, _): c.argument('threat_intel_mode', arg_type=get_enum_type(['Alert', 'Deny', 'Off']), help='The operation mode for Threat Intelligence.') c.argument('allow_active_ftp', arg_type=get_three_state_flag(), help="Allow Active FTP. By default it is false. It's only allowed for azure firewall on virtual network.") + c.argument('enable_fat_flow_logging', options_list=['--fat-flow-logging'], arg_type=get_three_state_flag(), + help="Identify fat flows. By default it is false.") with self.argument_context('network firewall', arg_group='Virtual Hub Public Ip') as c: c.argument('hub_public_ip_count', options_list=['--public-ip-count', '--count'], type=int, diff --git a/src/azure-firewall/azext_firewall/custom.py b/src/azure-firewall/azext_firewall/custom.py index 5b975f43e2c..54f86662f8e 100644 --- a/src/azure-firewall/azext_firewall/custom.py +++ b/src/azure-firewall/azext_firewall/custom.py @@ -68,7 +68,8 @@ def create_azure_firewall(cmd, resource_group_name, azure_firewall_name, locatio tags=None, zones=None, private_ranges=None, firewall_policy=None, virtual_hub=None, sku=None, dns_servers=None, enable_dns_proxy=None, - threat_intel_mode=None, hub_public_ip_count=None, allow_active_ftp=None, tier=None): + threat_intel_mode=None, hub_public_ip_count=None, allow_active_ftp=None, tier=None, + enable_fat_flow_logging=False): if firewall_policy and any([enable_dns_proxy, dns_servers]): raise CLIError('usage error: firewall policy and dns settings cannot co-exist.') if sku and sku.lower() == 'azfw_hub' and not all([virtual_hub, hub_public_ip_count]): @@ -118,6 +119,11 @@ def create_azure_firewall(cmd, resource_group_name, azure_firewall_name, locatio firewall.additional_properties = {} firewall.additional_properties['Network.FTP.AllowActiveFTP'] = "true" + if enable_fat_flow_logging: + if firewall.additional_properties is None: + firewall.additional_properties = {} + firewall.additional_properties['Network.AdditionalLogs.EnableFatFlowLogging'] = "true" + return client.begin_create_or_update(resource_group_name, azure_firewall_name, firewall) @@ -126,7 +132,7 @@ def update_azure_firewall(cmd, instance, tags=None, zones=None, private_ranges=N firewall_policy=None, virtual_hub=None, dns_servers=None, enable_dns_proxy=None, threat_intel_mode=None, hub_public_ip_addresses=None, - hub_public_ip_count=None, allow_active_ftp=None): + hub_public_ip_count=None, allow_active_ftp=None, enable_fat_flow_logging=None): if firewall_policy and any([enable_dns_proxy, dns_servers]): raise CLIError('usage error: firewall policy and dns settings cannot co-exist.') if all([hub_public_ip_addresses, hub_public_ip_count]): @@ -194,6 +200,14 @@ def update_azure_firewall(cmd, instance, tags=None, zones=None, private_ranges=N elif 'Network.FTP.AllowActiveFTP' in instance.additional_properties: del instance.additional_properties['Network.FTP.AllowActiveFTP'] + if enable_fat_flow_logging is not None: + if instance.additional_properties is None: + instance.additional_properties = {} + if enable_fat_flow_logging: + instance.additional_properties['Network.AdditionalLogs.EnableFatFlowLogging'] = "true" + elif 'Network.AdditionalLogs.EnableFatFlowLogging' in instance.additional_properties: + del instance.additional_properties['Network.AdditionalLogs.EnableFatFlowLogging'] + return instance diff --git a/src/azure-firewall/azext_firewall/tests/latest/recordings/test_azure_firewall_with_v2.yaml b/src/azure-firewall/azext_firewall/tests/latest/recordings/test_azure_firewall_with_v2.yaml new file mode 100644 index 00000000000..199c66755d0 --- /dev/null +++ b/src/azure-firewall/azext_firewall/tests/latest/recordings/test_azure_firewall_with_v2.yaml @@ -0,0 +1,719 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall create + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_azure_firewall_with_v2000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001","name":"cli_test_azure_firewall_with_v2000001","type":"Microsoft.Resources/resourceGroups","location":"westus","tags":{"product":"azurecli","cause":"automation","date":"2022-08-08T05:57:59Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '352' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:05 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westus", "properties": {"additionalProperties": {"Network.AdditionalLogs.EnableFatFlowLogging": + "true"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall create + Connection: + - keep-alive + Content-Length: + - '119' + Content-Type: + - application/json + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"ce58d804-d180-463d-bdce-c92efadd6d1a\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Updating\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {\r\n \"Network.AdditionalLogs.EnableFatFlowLogging\": + \"true\"\r\n },\r\n \"ipConfigurations\": [],\r\n \"networkRuleCollections\": + [],\r\n \"applicationRuleCollections\": [],\r\n \"natRuleCollections\": + []\r\n }\r\n}" + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/c59d388b-80a6-4dda-9cce-353d05ab7918?api-version=2021-08-01 + cache-control: + - no-cache + content-length: + - '719' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:12 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 718aaf73-4310-421b-820c-b110ecdbee8b + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall create + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/c59d388b-80a6-4dda-9cce-353d05ab7918?api-version=2021-08-01 + response: + body: + string: "{\r\n \"status\": \"Succeeded\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '29' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:24 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - c7c64406-1da5-4e0a-a2b3-a72634a47b26 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall create + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"c56b6488-c434-4d9d-a718-42c3d1ce48e5\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Succeeded\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {\r\n \"Network.AdditionalLogs.EnableFatFlowLogging\": + \"true\"\r\n },\r\n \"ipConfigurations\": [],\r\n \"networkRuleCollections\": + [],\r\n \"applicationRuleCollections\": [],\r\n \"natRuleCollections\": + []\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '720' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:24 GMT + etag: + - W/"c56b6488-c434-4d9d-a718-42c3d1ce48e5" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - fddc24cb-1669-4179-8655-35edf38874ea + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall update + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"c56b6488-c434-4d9d-a718-42c3d1ce48e5\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Succeeded\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {\r\n \"Network.AdditionalLogs.EnableFatFlowLogging\": + \"true\"\r\n },\r\n \"ipConfigurations\": [],\r\n \"networkRuleCollections\": + [],\r\n \"applicationRuleCollections\": [],\r\n \"natRuleCollections\": + []\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '720' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:26 GMT + etag: + - W/"c56b6488-c434-4d9d-a718-42c3d1ce48e5" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 75e5cb13-b2b3-4216-80da-8bfcccfc76bc + status: + code: 200 + message: OK +- request: + body: '{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1", + "location": "westus", "properties": {"applicationRuleCollections": [], "natRuleCollections": + [], "networkRuleCollections": [], "ipConfigurations": [], "threatIntelMode": + "Alert", "sku": {"name": "AZFW_VNet", "tier": "Standard"}, "additionalProperties": + {}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall update + Connection: + - keep-alive + Content-Length: + - '419' + Content-Type: + - application/json + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"419748f3-9e9e-4ce9-98c9-122a0f89470b\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Updating\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {},\r\n \"ipConfigurations\": + [],\r\n \"networkRuleCollections\": [],\r\n \"applicationRuleCollections\": + [],\r\n \"natRuleCollections\": []\r\n }\r\n}" + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/3f69b122-a5f3-41b9-a124-ce9ed92dc2f4?api-version=2021-08-01 + cache-control: + - no-cache + content-length: + - '652' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:28 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - d887c2c8-5961-463c-bc2f-be25b2d8b5b6 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall update + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/3f69b122-a5f3-41b9-a124-ce9ed92dc2f4?api-version=2021-08-01 + response: + body: + string: "{\r\n \"status\": \"Succeeded\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '29' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:38 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - adf805a0-9f0a-4a96-833d-8aab30bb959e + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall update + Connection: + - keep-alive + ParameterSetName: + - -g -n --fat-flow-logging + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"2f05dc67-9f0f-494b-9edd-b7c92aa0aa93\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Succeeded\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {},\r\n \"ipConfigurations\": + [],\r\n \"networkRuleCollections\": [],\r\n \"applicationRuleCollections\": + [],\r\n \"natRuleCollections\": []\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '653' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:39 GMT + etag: + - W/"2f05dc67-9f0f-494b-9edd-b7c92aa0aa93" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 412b29b5-b53d-47a8-aaf2-02823f7aba5e + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall show + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: "{\r\n \"name\": \"af1\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"2f05dc67-9f0f-494b-9edd-b7c92aa0aa93\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n \"properties\": + {\r\n \"provisioningState\": \"Succeeded\",\r\n \"sku\": {\r\n \"name\": + \"AZFW_VNet\",\r\n \"tier\": \"Standard\"\r\n },\r\n \"threatIntelMode\": + \"Alert\",\r\n \"additionalProperties\": {},\r\n \"ipConfigurations\": + [],\r\n \"networkRuleCollections\": [],\r\n \"applicationRuleCollections\": + [],\r\n \"natRuleCollections\": []\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '653' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:41 GMT + etag: + - W/"2f05dc67-9f0f-494b-9edd-b7c92aa0aa93" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - ba0f68e7-ef1d-42f1-988f-defdc2374e6c + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall list + Connection: + - keep-alive + ParameterSetName: + - -g + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls?api-version=2021-08-01 + response: + body: + string: "{\r\n \"value\": [\r\n {\r\n \"name\": \"af1\",\r\n \"id\": + \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1\",\r\n + \ \"etag\": \"W/\\\"2f05dc67-9f0f-494b-9edd-b7c92aa0aa93\\\"\",\r\n \"type\": + \"Microsoft.Network/azureFirewalls\",\r\n \"location\": \"westus\",\r\n + \ \"properties\": {\r\n \"provisioningState\": \"Succeeded\",\r\n + \ \"sku\": {\r\n \"name\": \"AZFW_VNet\",\r\n \"tier\": + \"Standard\"\r\n },\r\n \"threatIntelMode\": \"Alert\",\r\n + \ \"additionalProperties\": {},\r\n \"ipConfigurations\": [],\r\n + \ \"networkRuleCollections\": [],\r\n \"applicationRuleCollections\": + [],\r\n \"natRuleCollections\": []\r\n }\r\n }\r\n ]\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '758' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:42 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - c3470271-6265-45c4-82cc-972f3dcb140c + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall delete + Connection: + - keep-alive + Content-Length: + - '0' + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: DELETE + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_azure_firewall_with_v2000001/providers/Microsoft.Network/azureFirewalls/af1?api-version=2021-08-01 + response: + body: + string: '' + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + cache-control: + - no-cache + content-length: + - '0' + date: + - Mon, 08 Aug 2022 05:58:44 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operationResults/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - aae6ca2f-62d8-4338-a6ff-b1c2f4438f4d + x-ms-ratelimit-remaining-subscription-deletes: + - '14998' + status: + code: 202 + message: Accepted +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall delete + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + response: + body: + string: "{\r\n \"status\": \"Succeeded\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '29' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:54 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 1404db50-89fd-4a6f-b702-23663ac6de46 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - network firewall delete + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.39.0 azsdk-python-azure-mgmt-network/19.3.0 Python/3.9.5 (Windows-10-10.0.19044-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operationResults/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + response: + body: + string: '' + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operations/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + cache-control: + - no-cache + content-type: + - application/json; charset=utf-8 + date: + - Mon, 08 Aug 2022 05:58:55 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/westus/operationResults/94f70437-cc37-4fcf-b003-eddc4d246514?api-version=2021-08-01 + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - aae6ca2f-62d8-4338-a6ff-b1c2f4438f4d + status: + code: 204 + message: No Content +version: 1 diff --git a/src/azure-firewall/azext_firewall/tests/latest/test_azure_firewall_scenario.py b/src/azure-firewall/azext_firewall/tests/latest/test_azure_firewall_scenario.py index 6ce7fca125d..efec47cb08b 100644 --- a/src/azure-firewall/azext_firewall/tests/latest/test_azure_firewall_scenario.py +++ b/src/azure-firewall/azext_firewall/tests/latest/test_azure_firewall_scenario.py @@ -40,6 +40,21 @@ def test_azure_firewall(self, resource_group): self.cmd('network firewall list -g {rg}') self.cmd('network firewall delete -g {rg} -n {af}') + @ResourceGroupPreparer(name_prefix='cli_test_azure_firewall_with_v2') + def test_azure_firewall_with_v2(self, resource_group): + self.kwargs.update({ + 'af': 'af1' + }) + self.cmd('network firewall create -g {rg} -n {af} --fat-flow-logging', checks=[ + self.check('"Network.AdditionalLogs.EnableFatFlowLogging"', 'true') + ]) + self.cmd('network firewall update -g {rg} -n {af} --fat-flow-logging false', checks=[ + self.not_exists('"Network.AdditionalLogs.EnableFatFlowLogging"') + ]) + self.cmd('network firewall show -g {rg} -n {af}') + self.cmd('network firewall list -g {rg}') + self.cmd('network firewall delete -g {rg} -n {af}') + @ResourceGroupPreparer(name_prefix='cli_test_azure_firewall_ip_config') def test_azure_firewall_ip_config(self, resource_group): diff --git a/src/azure-firewall/setup.py b/src/azure-firewall/setup.py index ba123cb8d39..0a5723f3bc1 100644 --- a/src/azure-firewall/setup.py +++ b/src/azure-firewall/setup.py @@ -8,7 +8,7 @@ from codecs import open from setuptools import setup, find_packages -VERSION = "0.14.1" +VERSION = "0.14.2" CLASSIFIERS = [ 'Development Status :: 4 - Beta',