Resources/Schema/Subschema/New-CmAzIaasFirewalls.RuleCollectionGroups.SubSchema.json

{
    "$schema": "http://json-schema.org/draft-07/schema",
    "$id": "New-CmAzIaasFirewalls.RulesCollectionGroups",
    "type": "object",
    "title": "New-CmAzIaasFirewalls.RulesCollectionGroups",
    "description": "Settings for RulesCollectionGroups.",
    "properties": {
        "ruleCollectionGroups": {
            "$id": "#/ruleCollectionGroups",
            "type": ["array", "null"],
            "title": "ruleCollectionGroups",
            "description": "Container for configuration details of rules to added to Firewall Policy.",
            "minItems": 1,
            "items": {
                "$id": "#/ruleCollectionGroups/items",
                "allOf": [
                    {
                        "$id": "#/ruleCollectionGroups/items/allOf",
                        "type": "object",
                        "required": [
                            "name",
                            "priority"
                        ],
                        "properties": {
                            "name": {
                                "$id": "#/ruleCollectionGroups/items/allOf/name",
                                "type": "string",
                                "title": "Name",
                                "description": "Name of rule collection group."
                            },
                            "priority": {
                                "$id": "#/ruleCollectionGroups/items/allOf/priority",
                                "type": "number",
                                "title": "priority",
                                "minimum": 100,
                                "maximum": 1000,
                                "description": "Priority of rule collection."
                            },
                            "ruleCollections": {
                                "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections",
                                "type": ["array", "null"],
                                "title": "ruleCollections",
                                "description": "Collection of firewall rules.",
                                "items": {
                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items",
                                    "allOf": [
                                        {
                                            "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/",
                                            "type": "object",
                                            "required": [
                                                "priority",
                                                "rules",
                                                "name",
                                                "type"
                                            ],
                                            "properties": {
                                                "name": {
                                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/name",
                                                    "type": "string",
                                                    "title": "name",
                                                    "description": "Name of rule collection."
                                                },
                                                "type": {
                                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/type",
                                                    "type": "string",
                                                    "title": "type",
                                                    "enum": ["dnat", "network", "application"],
                                                    "description": "Type of rule collection."
                                                },
                                                "priority": {
                                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/priority",
                                                    "type": "integer",
                                                    "title": "priority",
                                                    "description": "Priority of rule collection."
                                                },
                                                "rules": {
                                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules",
                                                    "type": "array",
                                                    "title": "rules",
                                                    "additionalItems": false,
                                                    "items": {
                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items",
                                                        "oneOf": [
                                                            {
                                                                "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/",
                                                                "type": ["object", "null"],
                                                                "title": "Dnat",
                                                                "required": [
                                                                    "destinationPorts",
                                                                    "ipProtocols",
                                                                    "name",
                                                                    "sourceAddresses",
                                                                    "translatedAddress",
                                                                    "destinationAddresses",
                                                                    "translatedPort"
                                                                ],
                                                                "properties": {
                                                                    "sourceIpGroups": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/sourceIpGroups",
                                                                        "type": ["array", "null"],
                                                                        "title": "sourceIpGroups",
                                                                        "description": "Group of source Ips."
                                                                    },
                                                                    "destinationPorts": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/destinationPorts",
                                                                        "type": "array",
                                                                        "title": "destinationPorts",
                                                                        "description": "Destination ports."
                                                                    },
                                                                    "ipProtocols": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/ipProtocols",
                                                                        "type": "array",
                                                                        "title": "ipProtocols",
                                                                        "description": "Ip protocol to be TCP or UDP."
                                                                    },
                                                                    "name": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/name",
                                                                        "type": "string",
                                                                        "title": "name",
                                                                        "description": "Name of DNAT rule."
                                                                    },
                                                                    "sourceAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/sourceAddresses",
                                                                        "type": "array",
                                                                        "title": "sourceAddresses",
                                                                        "description": "Source Ip addresses."
                                                                    },
                                                                    "translatedAddress": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/translatedAddress",
                                                                        "type": "string",
                                                                        "title": "translatedAddress",
                                                                        "description": "Translated Ip addresses."
                                                                    },
                                                                    "destinationAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/destinationAddresses",
                                                                        "type": "array",
                                                                        "title": "destinationAddresses",
                                                                        "description": "Destination Ip addresses."
                                                                    },
                                                                    "translatedPort": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/dnat/translatedPort",
                                                                        "type": "integer",
                                                                        "title": "translatedPort",
                                                                        "description": "Translated ports."
                                                                    }
                                                                },
                                                                "additionalProperties": false
                                                            },
                                                            {
                                                                "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/",
                                                                "type": "object",
                                                                "title": "network",
                                                                "required": [
                                                                    "destinationPorts",
                                                                    "ipProtocols",
                                                                    "name",
                                                                    "sourceAddresses",
                                                                    "destinationAddresses"
                                                                ],
                                                                "properties": {
                                                                    "sourceIpGroups": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/sourceIpGroups",
                                                                        "type": ["array", "null"],
                                                                        "title": "sourceIpGroups",
                                                                        "description": "Group of source Ips."
                                                                    },
                                                                    "destinationPorts": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/destinationPorts",
                                                                        "type": "array",
                                                                        "title": "destinationPorts",
                                                                        "description": "Destination ports."
                                                                    },
                                                                    "ipProtocols": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/ipProtocols",
                                                                        "type": "array",
                                                                        "title": "ipProtocols",
                                                                        "description": "Ip protocol to be TCP or UDP."
                                                                    },
                                                                    "name": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/name",
                                                                        "type": "string",
                                                                        "title": "name",
                                                                        "description": "Name of network rule."
                                                                    },
                                                                    "sourceAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/sourceAddresses",
                                                                        "type": "array",
                                                                        "title": "sourceAddresses",
                                                                        "description": "Source Ip addresses."
                                                                    },
                                                                    "destinationIpGroups": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/destinationIpGroups",
                                                                        "type": ["array", "null"],
                                                                        "title": "destinationIpGroups",
                                                                        "description": "Group of destination Ips."
                                                                    },
                                                                    "destinationAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/destinationAddresses",
                                                                        "type": "array",
                                                                        "title": "destinationAddresses",
                                                                        "description": "Destination Ip addresses."
                                                                    },
                                                                    "destinationFqdns": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/network/destinationFqdns",
                                                                        "type": ["array", "null"],
                                                                        "title": "destinationFqdns",
                                                                        "description": "Destination fully qualified domain names."
                                                                    }
                                                                },
                                                                "additionalProperties": false
                                                            },
                                                            {
                                                                "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application",
                                                                "type": "object",
                                                                "title": "Application rules",
                                                                "description": "Contains application firewall rules.",
                                                                "required": [
                                                                    "name",
                                                                    "protocols",
                                                                    "targetFqdns",
                                                                    "terminateTLS",
                                                                    "sourceAddresses"
                                                                 ],
                                                                "properties": {
                                                                    "name": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/name",
                                                                        "type": "string",
                                                                        "title": "name",
                                                                        "description": "Name of application firewall rule."
                                                                     },
                                                                    "protocols": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/protocols",
                                                                        "type": "array",
                                                                        "title": "protocols",
                                                                        "description": "Defines protocol.",
                                                                        "items": {
                                                                            "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/protocols/items",
                                                                            "allOf": [
                                                                                 {
                                                                                    "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/protocols/items/allOf",
                                                                                    "type": "object",
                                                                                    "required": [
                                                                                        "protocolType",
                                                                                        "port"
                                                                                     ],
                                                                                    "properties": {
                                                                                        "protocolType": {
                                                                                            "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/protocols/items/allOf/protocolType",
                                                                                            "type": "string",
                                                                                            "title": "protocolType",
                                                                                            "description": "Protocol Type."
                                                                                         },
                                                                                        "port": {
                                                                                            "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/protocols/items/allOf/port",
                                                                                            "type": "integer",
                                                                                            "title": "port",
                                                                                            "description": "Application listen port."
                                                                                         }
                                                                                     },
                                                                                    "additionalProperties": true
                                                                                 }
                                                                             ]
                                                                         }
                                                                     },
                                                                    "targetFqdns": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/targetFqdns",
                                                                        "type": "array",
                                                                        "title": "targetFqdns",
                                                                        "description": "Target fully qualified domain name."
                                                                     },
                                                                    "terminateTLS": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/terminateTLS",
                                                                        "type": "boolean",
                                                                        "title": "terminateTLS",
                                                                        "description": "Enforce TLS."
                                                                     },
                                                                    "sourceAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/sourceAddresses",
                                                                        "type": "array",
                                                                        "title": "sourceAddresses",
                                                                        "description": "Source Ip addresses."
                                                                     },
                                                                    "destinationAddresses": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/destinationAddresses",
                                                                        "type": ["array", "null"],
                                                                        "title": "destinationAddresses",
                                                                        "description": "Destination Ip addresses."
                                                                     },
                                                                    "sourceIpGroups": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/sourceIpGroups",
                                                                        "type": ["array", "null"],
                                                                        "title": "sourceIpGroups",
                                                                        "description": "Group of source Ip addresses."
                                                                     },
                                                                    "targetUrls": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/targetUrls",
                                                                        "type": ["array", "null"],
                                                                        "title": "targetUrls",
                                                                        "description": "Target URLs."
                                                                     },
                                                                    "fqdnTags": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/fqdnTags",
                                                                        "type": ["array", "null"],
                                                                        "title": "fqdnTags",
                                                                        "description": "Fully qualified domain name tags."
                                                                     },
                                                                    "webCategories": {
                                                                        "$id": "#/ruleCollectionGroups/items/allOf/ruleCollections/items/allOf/rules/items/oneOf/application/webCategories",
                                                                        "type": ["array", "null"],
                                                                        "title": "webCategories",
                                                                        "description": "Web categories."
                                                                     }
                                                                 },
                                                                "additionalProperties": true
                                                             }
                                                        ]
                                                    }
                                                }
                                            },
                                            "additionalProperties": false
                                        }
                                    ]
                                }
                            }
 
                        },
                        "additionalProperties": false
                    }
                ]
            }
        }
    },
    "additionalProperties": false
}