added dependson properties, updated api versions

kennethcarnes · Feb 14, 2024 · 4c4d7ad · 4c4d7ad
1 parent e30e225
commit 4c4d7ad
Showing 1 changed file with 14 additions and 7 deletions.
diff --git a/bicep/firewall.bicep b/bicep/firewall.bicep
@@ -2,29 +2,29 @@ param location string
 param hubVnetName string
 param firewallPrivateIp string = '10.0.0.4'
 
-resource firewallPublicIP 'Microsoft.Network/publicIPAddresses@2021-05-01' = {
+resource firewallPublicIP 'Microsoft.Network/publicIPAddresses@2023-06-01' = {
   name: '${hubVnetName}-fw-pip'
   location: location
   properties: {
     publicIPAllocationMethod: 'Static'
   }
 }
 
-resource firewallMgmtPublicIP 'Microsoft.Network/publicIPAddresses@2021-05-01' = {
+resource firewallMgmtPublicIP 'Microsoft.Network/publicIPAddresses@2023-06-01' = {
   name: '${hubVnetName}-fw-mgmt-pip'
   location: location
   properties: {
     publicIPAllocationMethod: 'Static'
   }
 }
 
-resource azureFirewall 'Microsoft.Network/azureFirewalls@2021-05-01' = {
+resource azureFirewall 'Microsoft.Network/azureFirewalls@2023-06-01' = {
   name: '${hubVnetName}-firewall'
   location: location
   properties: {
     sku: {
       name: 'AZFW_VNet'
-      tier: 'Basic'
+      tier: 'Standard'
     }
     ipConfigurations: [
       {
@@ -53,7 +53,7 @@ resource azureFirewall 'Microsoft.Network/azureFirewalls@2021-05-01' = {
   }
 }
 
-resource routeTable 'Microsoft.Network/routeTables@2023-04-01' = {
+resource routeTable 'Microsoft.Network/routeTables@2023-06-01' = {
   name: '${hubVnetName}-routeTable'
   location: location
   properties: {
@@ -78,7 +78,7 @@ resource firewallPolicy 'Microsoft.Network/firewallPolicies@2023-06-01' = {
   }
 }
 
-resource applicationRuleCollection 'Microsoft.Network/firewallPolicies/ruleCollectionGroups@2023-06-01' = {
+resource applicationRuleCollection 'Microsoft.Network/firewallPolicies/ruleCollectionGroups@2023-02-01' = {
   parent: firewallPolicy
   name: 'ApplicationRules'
   properties: {
@@ -117,7 +117,7 @@ resource applicationRuleCollection 'Microsoft.Network/firewallPolicies/ruleColle
   }
 }
 
-resource networkRuleCollection 'Microsoft.Network/firewallPolicies/ruleCollectionGroups@2023-06-01' = {
+resource networkRuleCollection 'Microsoft.Network/firewallPolicies/ruleCollectionGroups@2023-02-01' = {
   parent: firewallPolicy
   name: 'NetworkRules'
   properties: {
@@ -140,6 +140,13 @@ resource networkRuleCollection 'Microsoft.Network/firewallPolicies/ruleCollectio
               '209.244.0.3'
               '209.244.0.4'
             ]
+            ipProtocols: [
+              'TCP'
+              'UDP'
+            ]
+            destinationPorts: [
+              '53'
+            ]
           }
         ]
       }