Add Firewall Policy resources for the Azure Firewall resources deployed by the module

[krowlandson]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Is your feature request related to a problem?

No

Describe the solution you'd like

As documented, Azure Firewall supports both Classic rules and policies, but policies is the recommenced configuration.

The native ARM implementation already deploys a Microsoft.Network/firewallPolicies resource and links it to each Microsoft.Network/azureFirewalls resource created by the deployment.

As the recommendation is to use firewall policies, we want to update the module to natively support creation and attachment of a firewall policy for each Azure Firewall deployed by the module.

Currently customers can attach their own policy using the advanced {} configuration within the configure_connectivity_resources input variable (and we will ensure customer-specified configurations continue to take precedence over module defaults), but we would like to implement a default firewall policy which customers can then attach rule sets to, or use policy rule hierarchies to customise.

Additional context

[krowlandson]

Fixed by #331