From 2af335d234b4105dee1491fb12e62a4b1300e9cb Mon Sep 17 00:00:00 2001 From: SDKAuto Date: Wed, 7 Feb 2024 12:10:49 +0000 Subject: [PATCH] CodeGen from PR 27681 in Azure/azure-rest-api-specs Merge 241d22a319b838789959739e4654901fe9ac6201 into ddbc747af45270d28bc127a213e66f92f78633c1 --- .../2019-08-01/tenantDeploymentTemplate.json | 126 + .../PaloAltoNetworks.Cloudngfw.json | 2210 ++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2210 ++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2224 ++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2224 ++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2238 ++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2277 +++++++++++++++++ .../PaloAltoNetworks.Cloudngfw.json | 2277 +++++++++++++++++ schemas/common/autogeneratedResources.json | 126 + 9 files changed, 15912 insertions(+) create mode 100644 schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json create mode 100644 schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json diff --git a/schemas/2019-08-01/tenantDeploymentTemplate.json b/schemas/2019-08-01/tenantDeploymentTemplate.json index c980048aec..0956e4e4ab 100644 --- a/schemas/2019-08-01/tenantDeploymentTemplate.json +++ b/schemas/2019-08-01/tenantDeploymentTemplate.json @@ -1086,6 +1086,132 @@ }, { "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.Web.json#/tenant_resourceDefinitions/sourcecontrols" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_postRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/tenant_resourceDefinitions/globalRulestacks_preRules" } ] } diff --git a/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json b/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..c7d5b04057 --- /dev/null +++ b/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2210 @@ +{ + "id": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json b/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..a1194db0e1 --- /dev/null +++ b/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2210 @@ +{ + "id": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2022-08-29" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json b/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..15c0190fea --- /dev/null +++ b/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2224 @@ +{ + "id": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "trustedRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Non-RFC 1918 address" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json b/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..874dde5e4b --- /dev/null +++ b/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2224 @@ +{ + "id": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-09-01" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "trustedRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Non-RFC 1918 address" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json b/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..eea41023fd --- /dev/null +++ b/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2238 @@ +{ + "id": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-10-10-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "privateSourceNatRulesDestination": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Array of ipv4 destination address for which source NAT is to be performed" + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "trustedRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Non-RFC 1918 address" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json b/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..57a63ffa2d --- /dev/null +++ b/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2277 @@ +{ + "id": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "isStrataCloudManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Strata Cloud Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + }, + "strataCloudManagerConfig": { + "oneOf": [ + { + "$ref": "#/definitions/StrataCloudManagerConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This field is only present if Strata Cloud Manager is managing the policy for this firewall" + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-01-19-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "privateSourceNatRulesDestination": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Array of ipv4 destination address for which source NAT is to be performed" + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "trustedRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Non-RFC 1918 address" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "StrataCloudManagerConfig": { + "type": "object", + "properties": { + "cloudManagerName": { + "type": "string", + "description": "Strata Cloud Manager name which is intended to manage the policy for this firewall." + } + }, + "required": [ + "cloudManagerName" + ], + "description": "This field is only present if Strata Cloud Manager is managing the policy for this firewall" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json b/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json new file mode 100644 index 0000000000..7ef16ac480 --- /dev/null +++ b/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json @@ -0,0 +1,2277 @@ +{ + "id": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "PaloAltoNetworks.Cloudngfw", + "description": "PaloAltoNetworks Cloudngfw Resource Types", + "resourceDefinitions": { + "firewalls": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "Firewall resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FirewallDeploymentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/firewalls" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/firewalls" + }, + "localRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "name": { + "type": "string", + "description": "LocalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/localRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_localRules_childResource" + }, + { + "$ref": "#/definitions/localRulestacks_prefixlists_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks" + }, + "localRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + } + }, + "tenant_resourceDefinitions": { + "globalRulestacks": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/AzureResourceManagerManagedIdentityProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "location": { + "type": "string", + "description": "Global Location" + }, + "name": { + "type": "string", + "description": "GlobalRulestack resource name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "PAN Rulestack Describe Object" + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/globalRulestacks_certificates_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_fqdnlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_postRules_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_prefixlists_childResource" + }, + { + "$ref": "#/definitions/globalRulestacks_preRules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks" + }, + "globalRulestacks_certificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + } + }, + "definitions": { + "AzureResourceManagerManagedIdentityProperties": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of managed identity assigned to this resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/AzureResourceManagerUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identities assigned to this resource by the user." + } + }, + "required": [ + "type" + ], + "description": "The properties of the managed service identities assigned to this resource." + }, + "AzureResourceManagerUserAssignedIdentity": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The active directory client identifier for this principal." + }, + "principalId": { + "type": "string", + "description": "The active directory identifier for this principal." + } + }, + "description": "A managed identity assigned by the user." + }, + "Category": { + "type": "object", + "properties": { + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "feed list" + }, + "urlCustom": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "custom URL" + } + }, + "required": [ + "feeds", + "urlCustom" + ], + "description": "URL/EDL to match" + }, + "CertificateObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "certificateSelfSigned": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "use certificate self signed." + }, + "certificateSignerResourceId": { + "type": "string", + "description": "Resource Id of certificate signer, to be populated only when certificateSelfSigned is false" + }, + "description": { + "type": "string", + "description": "user description for this object" + }, + "etag": { + "type": "string", + "description": "read only string representing last create or update" + } + }, + "required": [ + "certificateSelfSigned" + ], + "description": "certificate used for inbound and outbound decryption" + }, + "DestinationAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "fqdnLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "destination address" + }, + "DNSSettings": { + "type": "object", + "properties": { + "dnsServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "enabledDnsType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "CUSTOM", + "AZURE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enabled DNS proxy type, disabled by default." + }, + "enableDnsProxy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable DNS proxy, disabled by default." + } + }, + "description": "DNS Proxy settings for Firewall" + }, + "EndpointConfiguration": { + "type": "object", + "properties": { + "address": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "port": { + "type": "string", + "description": "port ID" + } + }, + "required": [ + "address", + "port" + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "FirewallDeploymentProperties": { + "type": "object", + "properties": { + "associatedRulestack": { + "oneOf": [ + { + "$ref": "#/definitions/RulestackDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Associated rulestack details" + }, + "dnsSettings": { + "oneOf": [ + { + "$ref": "#/definitions/DNSSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "DNS Proxy settings for Firewall" + }, + "frontEndSettings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FrontendSetting" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Frontend settings for Firewall" + }, + "isPanoramaManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Managed: Default is False. Default will be CloudSec managed." + }, + "isStrataCloudManaged": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Strata Cloud Managed: Default is False. Default will be CloudSec managed." + }, + "marketplaceDetails": { + "oneOf": [ + { + "$ref": "#/definitions/MarketplaceDetails" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "networkProfile": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkProfile" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network settings for Firewall" + }, + "panEtag": { + "type": "string", + "description": "panEtag info" + }, + "panoramaConfig": { + "oneOf": [ + { + "$ref": "#/definitions/PanoramaConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Panorama Config" + }, + "planData": { + "oneOf": [ + { + "$ref": "#/definitions/PlanData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Billing plan information." + }, + "strataCloudManagerConfig": { + "oneOf": [ + { + "$ref": "#/definitions/StrataCloudManagerConfig" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This field is only present if Strata Cloud Manager is managing the policy for this firewall" + } + }, + "required": [ + "dnsSettings", + "marketplaceDetails", + "networkProfile", + "planData" + ], + "description": "Properties specific to the Firewall resource deployment." + }, + "FqdnObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "fqdn object description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "fqdnList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn list" + } + }, + "required": [ + "fqdnList" + ], + "description": "fqdn object" + }, + "FrontendSetting": { + "type": "object", + "properties": { + "backendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "frontendConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/EndpointConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Endpoint Configuration for frontend and backend" + }, + "name": { + "type": "string", + "description": "Settings name" + }, + "protocol": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TCP", + "UDP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol Type." + } + }, + "required": [ + "backendConfiguration", + "frontendConfiguration", + "name", + "protocol" + ], + "description": "Frontend setting for Firewall" + }, + "globalRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/certificates" + }, + "globalRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/fqdnlists" + }, + "globalRulestacks_postRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Post Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "postRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/postRules" + }, + "globalRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/prefixlists" + }, + "globalRulestacks_preRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Pre Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "preRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/globalRulestacks/preRules" + }, + "IPAddress": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Address value" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address" + }, + "IPAddressSpace": { + "type": "object", + "properties": { + "addressSpace": { + "type": "string", + "description": "Address Space" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + } + }, + "description": "IP Address Space" + }, + "localRulestacks_certificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "certificate name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/CertificateObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "certificate used for inbound and outbound decryption" + }, + "type": { + "type": "string", + "enum": [ + "certificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates" + }, + "localRulestacks_fqdnlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "fqdn list name" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FqdnObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "fqdn object" + }, + "type": { + "type": "string", + "enum": [ + "fqdnlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists" + }, + "localRulestacks_localRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RuleEntry" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "definition of rule" + }, + "type": { + "type": "string", + "enum": [ + "localRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules" + }, + "localRulestacks_prefixlists_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2024-02-07-preview" + ] + }, + "name": { + "type": "string", + "description": "Local Rule priority" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrefixObject" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix entry" + }, + "type": { + "type": "string", + "enum": [ + "prefixlists" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists" + }, + "MarketplaceDetails": { + "type": "object", + "properties": { + "marketplaceSubscriptionStatus": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PendingFulfillmentStart", + "Subscribed", + "Suspended", + "Unsubscribed", + "NotStarted", + "FulfillmentRequested" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Marketplace Subscription Status." + }, + "offerId": { + "type": "string", + "description": "Offer Id" + }, + "publisherId": { + "type": "string", + "description": "Publisher Id" + } + }, + "required": [ + "offerId", + "publisherId" + ], + "description": "MarketplaceDetails of PAN Firewall resource" + }, + "NetworkProfile": { + "type": "object", + "properties": { + "egressNatIp": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Egress nat IP to use" + }, + "enableEgressNat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable egress NAT, enabled by default." + }, + "networkType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "VNET", + "VWAN" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "vnet or vwan, cannot be updated." + }, + "privateSourceNatRulesDestination": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Array of ipv4 destination address for which source NAT is to be performed" + }, + "publicIps": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPAddress" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of IPs associated with the Firewall" + }, + "trustedRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Non-RFC 1918 address" + }, + "vnetConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VnetConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VnetInfo for Firewall Networking" + }, + "vwanConfiguration": { + "oneOf": [ + { + "$ref": "#/definitions/VwanConfiguration" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "VwanInfo for Firewall Networking" + } + }, + "required": [ + "enableEgressNat", + "networkType", + "publicIps" + ], + "description": "Network settings for Firewall" + }, + "PanoramaConfig": { + "type": "object", + "properties": { + "configString": { + "type": "string", + "description": "Base64 encoded string representing Panorama parameters to be used by Firewall to connect to Panorama. This string is generated via azure plugin in Panorama" + } + }, + "required": [ + "configString" + ], + "description": "Panorama Config" + }, + "PlanData": { + "type": "object", + "properties": { + "billingCycle": { + "oneOf": [ + { + "type": "string", + "enum": [ + "WEEKLY", + "MONTHLY" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different billing cycles like MONTHLY/WEEKLY." + }, + "planId": { + "type": "string", + "maxLength": 50, + "description": "plan id as published by Liftr.PAN" + }, + "usageType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PAYG", + "COMMITTED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "different usage type like PAYG/COMMITTED." + } + }, + "required": [ + "billingCycle", + "planId" + ], + "description": "Billing plan information." + }, + "PrefixObject": { + "type": "object", + "properties": { + "auditComment": { + "type": "string", + "description": "comment for this object" + }, + "description": { + "type": "string", + "description": "prefix description" + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "prefixList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "required": [ + "prefixList" + ], + "description": "prefix entry" + }, + "RuleEntry": { + "type": "object", + "properties": { + "actionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "DenySilent", + "DenyResetServer", + "DenyResetBoth" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "rule action." + }, + "applications": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "array of rule applications" + }, + "auditComment": { + "type": "string", + "description": "rule comment" + }, + "category": { + "oneOf": [ + { + "$ref": "#/definitions/Category" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "URL/EDL to match" + }, + "decryptionRuleType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SSLOutboundInspection", + "SSLInboundInspection", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable decryption." + }, + "description": { + "type": "string", + "description": "rule description" + }, + "destination": { + "oneOf": [ + { + "$ref": "#/definitions/DestinationAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "destination address" + }, + "enableLogging": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "enable or disable logging." + }, + "etag": { + "type": "string", + "description": "etag info" + }, + "inboundInspectionCertificate": { + "type": "string", + "description": "inbound Inspection Certificate" + }, + "negateDestination": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "negateSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TRUE", + "FALSE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "cidr should not be 'any'." + }, + "protocol": { + "type": "string", + "default": "application-default", + "description": "any, application-default, TCP:number, UDP:number" + }, + "protocolPortList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prot port list" + }, + "ruleName": { + "type": "string", + "description": "rule name" + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DISABLED", + "ENABLED" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "state of this rule." + }, + "source": { + "oneOf": [ + { + "$ref": "#/definitions/SourceAddr" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Address properties" + }, + "tags": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "tag for rule" + } + }, + "required": [ + "ruleName" + ], + "description": "definition of rule" + }, + "RulestackDetails": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Rulestack location" + }, + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "rulestackId": { + "type": "string", + "description": "Associated rulestack Id" + } + }, + "description": "Associated rulestack details" + }, + "RulestackProperties": { + "type": "object", + "properties": { + "associatedSubscriptions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "subscription scope of global rulestack" + }, + "defaultMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "IPS", + "FIREWALL", + "NONE" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Mode for default rules creation." + }, + "description": { + "type": "string", + "description": "rulestack description" + }, + "minAppIdVersion": { + "type": "string", + "description": "minimum version" + }, + "panEtag": { + "type": "string", + "description": "PanEtag info" + }, + "panLocation": { + "type": "string", + "description": "Rulestack Location, Required for GlobalRulestacks, Not for LocalRulestacks" + }, + "scope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LOCAL", + "GLOBAL" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rulestack Type." + }, + "securityServices": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "security services" + } + }, + "description": "PAN Rulestack Describe Object" + }, + "SecurityServices": { + "type": "object", + "properties": { + "antiSpywareProfile": { + "type": "string", + "description": "Anti spyware Profile data" + }, + "antiVirusProfile": { + "type": "string", + "description": "anti virus profile data" + }, + "dnsSubscription": { + "type": "string", + "description": "DNS Subscription profile data" + }, + "fileBlockingProfile": { + "type": "string", + "description": "File blocking profile data" + }, + "outboundTrustCertificate": { + "type": "string", + "description": "Trusted Egress Decryption profile data" + }, + "outboundUnTrustCertificate": { + "type": "string", + "description": "Untrusted Egress Decryption profile data" + }, + "urlFilteringProfile": { + "type": "string", + "description": "URL filtering profile data" + }, + "vulnerabilityProfile": { + "type": "string", + "description": "IPs Vulnerability Profile Data" + } + }, + "description": "security services" + }, + "SourceAddr": { + "type": "object", + "properties": { + "cidrs": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "special value 'any'" + }, + "countries": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of countries" + }, + "feeds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "list of feeds" + }, + "prefixLists": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "prefix list" + } + }, + "description": "Address properties" + }, + "StrataCloudManagerConfig": { + "type": "object", + "properties": { + "cloudManagerName": { + "type": "string", + "description": "Strata Cloud Manager name which is intended to manage the policy for this firewall." + } + }, + "required": [ + "cloudManagerName" + ], + "description": "This field is only present if Strata Cloud Manager is managing the policy for this firewall" + }, + "TagInfo": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "tag name" + }, + "value": { + "type": "string", + "description": "tag value" + } + }, + "required": [ + "key", + "value" + ], + "description": "Tag" + }, + "VnetConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "trustSubnet", + "unTrustSubnet", + "vnet" + ], + "description": "VnetInfo for Firewall Networking" + }, + "VwanConfiguration": { + "type": "object", + "properties": { + "ipOfTrustSubnetForUdr": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddress" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address" + }, + "networkVirtualApplianceId": { + "type": "string", + "description": "Network Virtual Appliance resource ID " + }, + "trustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "unTrustSubnet": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + }, + "vHub": { + "oneOf": [ + { + "$ref": "#/definitions/IPAddressSpace" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "IP Address Space" + } + }, + "required": [ + "vHub" + ], + "description": "VwanInfo for Firewall Networking" + } + } +} \ No newline at end of file diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index 2de03f8388..0231fdbe41 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -43698,6 +43698,132 @@ }, { "$ref": "https://schema.management.azure.com/schemas/2023-09-01/NGINX.NGINXPLUS.json#/resourceDefinitions/nginxDeployments_configurations" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2022-08-29-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-09-01-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-10-10-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-01-19-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/firewalls" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_certificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_fqdnlists" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_localRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2024-02-07-preview/PaloAltoNetworks.Cloudngfw.json#/resourceDefinitions/localRulestacks_prefixlists" } ] }