» azurerm_firewall

Manages an Azure Firewall.

» Example Usage

resource "azurerm_resource_group" "test" {
  name     = "example-resources"
  location = "North Europe"
}

resource "azurerm_virtual_network" "test" {
  name                = "testvnet"
  address_space       = ["10.0.0.0/16"]
  location            = "${azurerm_resource_group.test.location}"
  resource_group_name = "${azurerm_resource_group.test.name}"
}

resource "azurerm_subnet" "test" {
  name                 = "AzureFirewallSubnet"
  resource_group_name  = "${azurerm_resource_group.test.name}"
  virtual_network_name = "${azurerm_virtual_network.test.name}"
  address_prefix       = "10.0.1.0/24"
}

resource "azurerm_public_ip" "test" {
  name                         = "testpip"
  location                     = "${azurerm_resource_group.test.location}"
  resource_group_name          = "${azurerm_resource_group.test.name}"
  public_ip_address_allocation = "Static"
  sku                          = "Standard"
}

resource "azurerm_firewall" "test" {
  name                = "testfirewall"
  location            = "${azurerm_resource_group.test.location}"
  resource_group_name = "${azurerm_resource_group.test.name}"

  ip_configuration {
    name                          = "configuration"
    subnet_id                     = "${azurerm_subnet.test.id}"
    internal_public_ip_address_id = "${azurerm_public_ip.test.id}"
  }
}

» Argument Reference

The following arguments are supported:

  • name - (Required) Specifies the name of the Firewall. Changing this forces a new resource to be created.

  • resource_group_name - (Required) The name of the resource group in which to create the resource. Changing this forces a new resource to be created.

  • location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

  • ip_configuration - (Required) A ip_configuration block as documented below.

  • tags - (Optional) A mapping of tags to assign to the resource.


A ip_configuration block supports the following:

  • name - (Required) Specifies the name of the IP Configuration.

  • subnet_id - (Required) Reference to the subnet associated with the IP Configuration.

» Attributes Reference

The following attributes are exported:

  • id - The Resource ID of the Azure Firewall.

  • ip_configuration - A ip_configuration block as defined below.


A ip_configuration block exports the following:

» Import

Azure Firewalls can be imported using the resource id, e.g.

terraform import azurerm_firewall.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/azureFirewalls/testfirewall