diff --git a/internal/services/firewall/firewall_policy_rule_collection_group_resource.go b/internal/services/firewall/firewall_policy_rule_collection_group_resource.go index c38b4c5fc9cb..0b5bce0e78ef 100644 --- a/internal/services/firewall/firewall_policy_rule_collection_group_resource.go +++ b/internal/services/firewall/firewall_policy_rule_collection_group_resource.go @@ -129,6 +129,7 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource { Type: pluginsdk.TypeString, ValidateFunc: validation.Any( validation.IsIPAddress, + validation.IsIPv4Range, validation.IsCIDR, validation.StringInSlice([]string{`*`}, false), ), @@ -149,6 +150,7 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource { Type: pluginsdk.TypeString, ValidateFunc: validation.Any( validation.IsIPAddress, + validation.IsIPv4Range, validation.IsCIDR, validation.StringInSlice([]string{`*`}, false), ), @@ -252,6 +254,7 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource { Type: pluginsdk.TypeString, ValidateFunc: validation.Any( validation.IsIPAddress, + validation.IsIPv4Range, validation.IsCIDR, validation.StringInSlice([]string{`*`}, false), ), @@ -362,6 +365,7 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource { Type: pluginsdk.TypeString, ValidateFunc: validation.Any( validation.IsIPAddress, + validation.IsIPv4Range, validation.IsCIDR, validation.StringInSlice([]string{`*`}, false), ), diff --git a/website/docs/r/firewall_policy_rule_collection_group.html.markdown b/website/docs/r/firewall_policy_rule_collection_group.html.markdown index cf8c5c2cea81..061fd5f233ee 100644 --- a/website/docs/r/firewall_policy_rule_collection_group.html.markdown +++ b/website/docs/r/firewall_policy_rule_collection_group.html.markdown @@ -141,11 +141,11 @@ A `application_rule` (application rule) block supports the following: * `protocols` - (Optional) One or more `protocols` blocks as defined below. Not required when specifying `destination_fqdn_tags`, but required when specifying `destination_fqdns`. -* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR and `*`). +* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR, IP range and `*`). * `source_ip_groups` - (Optional) Specifies a list of source IP groups. -* `destination_addresses` - (Optional) Specifies a list of destination IP addresses (including CIDR and `*`). +* `destination_addresses` - (Optional) Specifies a list of destination IP addresses (including CIDR, IP range and `*`). * `destination_urls` - (Optional) Specifies a list of destination URLs for which policy should hold. Needs Premium SKU for Firewall Policy. Conflicts with `destination_fqdns`. @@ -167,11 +167,11 @@ A `network_rule` (network rule) block supports the following: * `destination_ports` - (Required) Specifies a list of destination ports. -* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR and `*`). +* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR, IP range and `*`). * `source_ip_groups` - (Optional) Specifies a list of source IP groups. -* `destination_addresses` - (Optional) Specifies a list of destination IP addresses (including CIDR and `*`) or Service Tags. +* `destination_addresses` - (Optional) Specifies a list of destination IP addresses (including CIDR, IP range and `*`) or Service Tags. * `destination_ip_groups` - (Optional) Specifies a list of destination IP groups. @@ -185,7 +185,7 @@ A `nat_rule` (NAT rule) block supports the following: * `protocols` - (Required) Specifies a list of network protocols this rule applies to. Possible values are `TCP`, `UDP`. -* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR and `*`). +* `source_addresses` - (Optional) Specifies a list of source IP addresses (including CIDR, IP range and `*`). * `source_ip_groups` - (Optional) Specifies a list of source IP groups.