From 0c4f592d0e248b944871915fc5f8cef4049e1b43 Mon Sep 17 00:00:00 2001 From: Ishani Gupta Date: Sun, 24 May 2020 18:42:37 -0700 Subject: [PATCH] DNS Proxy support for Firewall Policy (#9461) * Adding DnsProxySettings Support in Firewall Policy dnsServers, dnsEnableProxy, dnsRequireProxyForNetworkRules are added as subproperties. * spell check * Removing DNS as prefix on sub properties. * Syntax error. * DnsProxySettings to DNSSettings * Fixing proxy settings name. Co-authored-by: Ishani Gupta --- .../examples/FirewallPolicyGet.json | 9 ++++++- .../FirewallPolicyListByResourceGroup.json | 9 ++++++- .../FirewallPolicyListBySubscription.json | 9 ++++++- .../examples/FirewallPolicyPut.json | 25 +++++++++++++++++-- .../stable/2020-05-01/firewallPolicy.json | 25 +++++++++++++++++++ 5 files changed, 72 insertions(+), 5 deletions(-) diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyGet.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyGet.json index 16e9142108d9..e62b93edd20b 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyGet.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyGet.json @@ -32,7 +32,14 @@ "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleGroups/ruleGroup1" } ], - "firewalls": [] + "firewalls": [], + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + } } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListByResourceGroup.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListByResourceGroup.json index 51621a041c49..aefd4423efcf 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListByResourceGroup.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListByResourceGroup.json @@ -25,7 +25,14 @@ "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleGroups/ruleGroup1" } ], - "firewalls": [] + "firewalls": [], + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + } } } ] diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListBySubscription.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListBySubscription.json index 6d312447394f..6ee5a8d3c844 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListBySubscription.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyListBySubscription.json @@ -24,7 +24,14 @@ "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleGroups/ruleGroup1" } ], - "firewalls": [] + "firewalls": [], + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + } } } ] diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyPut.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyPut.json index 7dc9b4b3325a..0481fa5c0a9d 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyPut.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/examples/FirewallPolicyPut.json @@ -18,6 +18,13 @@ "fqdns": [ "*.microsoft.com" ] + }, + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false } } } @@ -52,7 +59,14 @@ "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleGroups/rulegroup2" } ], - "firewalls": [] + "firewalls": [], + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + } } } }, @@ -85,7 +99,14 @@ "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/ruleGroups/rulegroup2" } ], - "firewalls": [] + "firewalls": [], + "dnsSettings": { + "servers": [ + "30.3.4.5" + ], + "enableProxy": true, + "requireProxyForNetworkRules": false + } } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json index 31bf00052c4d..f344aa3157be 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json @@ -630,6 +630,10 @@ "transportSecurity": { "description": "TLS Configuration definition.", "$ref": "#/definitions/FirewallPolicyTransportSecurity" + }, + "dnsSettings": { + "description": "DNS Proxy Settings definition.", + "$ref": "#/definitions/DnsSettings" } }, "description": "Firewall Policy definition." @@ -1183,6 +1187,27 @@ } } } + }, + "DnsSettings": { + "description": "DNS Proxy Settings in Firewall Policy.", + "x-ms-discriminator-value": "DnsSettings", + "properties": { + "servers": { + "type": "array", + "description": "List of Custom DNS Servers.", + "items": { + "type": "string" + } + }, + "enableProxy": { + "type": "boolean", + "description": "Enable DNS Proxy on Firewalls attached to the Firewall Policy." + }, + "requireProxyForNetworkRules": { + "type": "boolean", + "description": "FQDNs in Network Rules are supported when set to true." + } + } } } }