From b4825189d56186ec7a03edb805f523a93953a5b5 Mon Sep 17 00:00:00 2001 From: "RuiJun Hu (MSFT)" Date: Thu, 5 Jun 2025 15:37:08 +0800 Subject: [PATCH 1/3] codegen & implement --- .../cli/command_modules/network/_help.py | 15 + .../managed_rule/exception/__cmd_group.py | 23 + .../managed_rule/exception/__init__.py | 12 + .../waf_policy/managed_rule/exception/_add.py | 4404 +++++++++++++++++ .../cli/command_modules/network/commands.py | 4 + .../cli/command_modules/network/custom.py | 15 + 6 files changed, 4473 insertions(+) create mode 100644 src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__cmd_group.py create mode 100644 src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__init__.py create mode 100644 src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py diff --git a/src/azure-cli/azure/cli/command_modules/network/_help.py b/src/azure-cli/azure/cli/command_modules/network/_help.py index b9f55571729..8b81cb0c6e2 100644 --- a/src/azure-cli/azure/cli/command_modules/network/_help.py +++ b/src/azure-cli/azure/cli/command_modules/network/_help.py @@ -1590,6 +1590,21 @@ crafted: true """ +helps['network application-gateway waf-policy managed-rule exception'] = """ +type: group +short-summary: Manage exceptions to allow a request to skip the managed rules when the condition is satisfied. +""" + +helps['network application-gateway waf-policy managed-rule exception remove'] = """ +type: command +short-summary: Remove all managed rule exceptions that are applied on a WAF policy managed rules. +""" + +helps['network application-gateway waf-policy managed-rule exception list'] = """ +type: command +short-summary: List all managed rule exceptions that are applied on a WAF policy managed rules. +""" + helps['network application-gateway waf-policy managed-rule exclusion'] = """ type: group short-summary: Manage OWASP CRS exclusions that are applied on a WAF policy managed rules. diff --git a/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__cmd_group.py b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__cmd_group.py new file mode 100644 index 00000000000..a53cd40fe6b --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__cmd_group.py @@ -0,0 +1,23 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# +# Code generated by aaz-dev-tools +# -------------------------------------------------------------------------------------------- + +# pylint: skip-file +# flake8: noqa + +from azure.cli.core.aaz import * + + +@register_command_group( + "network application-gateway waf-policy managed-rule exception", +) +class __CMDGroup(AAZCommandGroup): + """Manage exceptions to allow a request to skip the managed rules when the condition is satisfied. + """ + pass + + +__all__ = ["__CMDGroup"] diff --git a/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__init__.py b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__init__.py new file mode 100644 index 00000000000..82b56d69810 --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/__init__.py @@ -0,0 +1,12 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# +# Code generated by aaz-dev-tools +# -------------------------------------------------------------------------------------------- + +# pylint: skip-file +# flake8: noqa + +from .__cmd_group import * +from ._add import * diff --git a/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py new file mode 100644 index 00000000000..413c6cfbff3 --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py @@ -0,0 +1,4404 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# +# Code generated by aaz-dev-tools +# -------------------------------------------------------------------------------------------- + +# pylint: skip-file +# flake8: noqa + +from azure.cli.core.aaz import * + + +@register_command( + "network application-gateway waf-policy managed-rule exception add", +) +class Add(AAZCommand): + """Allows traffic that met configured criteria to skip the configured managed rules. + + :example: Add and exception rule to the WAF policy managed rules. + az network application-gateway waf-policy managed-rule exception add -g myResourceGroup --policy-name myWAF --match-variable "RequestURI" --value-operator Contains --values "health" "default.aspx" "account/images" + """ + + _aaz_info = { + "version": "2024-07-01", + "resources": [ + ["mgmt-plane", "/subscriptions/{}/resourcegroups/{}/providers/microsoft.network/applicationgatewaywebapplicationfirewallpolicies/{}", "2024-07-01", "properties.managedRules.exceptions[]"], + ] + } + + def _handler(self, command_args): + super()._handler(command_args) + self.SubresourceSelector(ctx=self.ctx, name="subresource") + self._execute_operations() + return self._output() + + _args_schema = None + + @classmethod + def _build_arguments_schema(cls, *args, **kwargs): + if cls._args_schema is not None: + return cls._args_schema + cls._args_schema = super()._build_arguments_schema(*args, **kwargs) + + # define Arg Group "" + + _args_schema = cls._args_schema + _args_schema.policy_name = AAZStrArg( + options=["--policy-name"], + help="The name of the application gateway WAF policy.", + required=True, + fmt=AAZStrArgFormat( + max_length=128, + ), + ) + _args_schema.resource_group = AAZResourceGroupNameArg( + required=True, + ) + _args_schema.index = AAZIntArg( + options=["--index"], + help="Index of exception. If no index is provided, the default behaviour is `append`.", + ) + _args_schema.match_variable = AAZStrArg( + options=["--match-variable"], + help="The variable on which we evaluate the exception condition", + required=True, + enum={"RemoteAddr": "RemoteAddr", "RequestHeader": "RequestHeader", "RequestURI": "RequestURI"}, + ) + _args_schema.selector = AAZStrArg( + options=["--selector"], + help="When the matchVariable points to a key-value pair (e.g, RequestHeader), this identifies the key.", + ) + _args_schema.selector_match_operator = AAZStrArg( + options=["--selector-operator", "--selector-match-operator"], + help="When the matchVariable points to a key-value pair (e.g, RequestHeader), this operates on the selector", + enum={"Contains": "Contains", "EndsWith": "EndsWith", "Equals": "Equals", "StartsWith": "StartsWith"}, + ) + _args_schema.value_match_operator = AAZStrArg( + options=["--value-operator", "--value-match-operator"], + help="Operates on the allowed values for the matchVariable", + required=True, + enum={"Contains": "Contains", "EndsWith": "EndsWith", "Equals": "Equals", "IPMatch": "IPMatch", "StartsWith": "StartsWith"}, + ) + _args_schema.values = AAZListArg( + options=["--values"], + help="Allowed values for the matchVariable", + ) + + values = cls._args_schema.values + values.Element = AAZStrArg() + + # define Arg Group "Parameters" + + _args_schema = cls._args_schema + _args_schema.rule_sets = AAZListArg( + options=["--rule-sets"], + arg_group="Parameters", + help="The managed rule sets that are associated with the exception.", + ) + + rule_sets = cls._args_schema.rule_sets + rule_sets.Element = AAZObjectArg() + cls._build_args_exclusion_managed_rule_set_update(rule_sets.Element) + return cls._args_schema + + _args_exclusion_managed_rule_set_update = None + + @classmethod + def _build_args_exclusion_managed_rule_set_update(cls, _schema): + if cls._args_exclusion_managed_rule_set_update is not None: + _schema.rule_groups = cls._args_exclusion_managed_rule_set_update.rule_groups + _schema.rule_set_type = cls._args_exclusion_managed_rule_set_update.rule_set_type + _schema.rule_set_version = cls._args_exclusion_managed_rule_set_update.rule_set_version + return + + cls._args_exclusion_managed_rule_set_update = AAZObjectArg() + + exclusion_managed_rule_set_update = cls._args_exclusion_managed_rule_set_update + exclusion_managed_rule_set_update.rule_groups = AAZListArg( + options=["rule-groups"], + help="Defines the rule groups to apply to the rule set.", + ) + exclusion_managed_rule_set_update.rule_set_type = AAZStrArg( + options=["rule-set-type"], + help="Defines the rule set type to use.", + required=True, + ) + exclusion_managed_rule_set_update.rule_set_version = AAZStrArg( + options=["rule-set-version"], + help="Defines the version of the rule set to use.", + required=True, + ) + + rule_groups = cls._args_exclusion_managed_rule_set_update.rule_groups + rule_groups.Element = AAZObjectArg() + + _element = cls._args_exclusion_managed_rule_set_update.rule_groups.Element + _element.rule_group_name = AAZStrArg( + options=["rule-group-name"], + help="The managed rule group for exclusion.", + required=True, + ) + _element.rules = AAZListArg( + options=["rules"], + help="List of rules that will be excluded. If none specified, all rules in the group will be excluded.", + ) + + rules = cls._args_exclusion_managed_rule_set_update.rule_groups.Element.rules + rules.Element = AAZObjectArg() + + _element = cls._args_exclusion_managed_rule_set_update.rule_groups.Element.rules.Element + _element.rule_id = AAZStrArg( + options=["rule-id"], + help="Identifier for the managed rule.", + required=True, + ) + + _schema.rule_groups = cls._args_exclusion_managed_rule_set_update.rule_groups + _schema.rule_set_type = cls._args_exclusion_managed_rule_set_update.rule_set_type + _schema.rule_set_version = cls._args_exclusion_managed_rule_set_update.rule_set_version + + def _execute_operations(self): + self.pre_operations() + self.WebApplicationFirewallPoliciesGet(ctx=self.ctx)() + self.pre_instance_create() + self.InstanceCreateByJson(ctx=self.ctx)() + self.post_instance_create(self.ctx.selectors.subresource.required()) + self.WebApplicationFirewallPoliciesCreateOrUpdate(ctx=self.ctx)() + self.post_operations() + + @register_callback + def pre_operations(self): + pass + + @register_callback + def post_operations(self): + pass + + @register_callback + def pre_instance_create(self): + pass + + @register_callback + def post_instance_create(self, instance): + pass + + def _output(self, *args, **kwargs): + result = self.deserialize_output(self.ctx.selectors.subresource.required(), client_flatten=True) + return result + + class SubresourceSelector(AAZJsonSelector): + + def _get(self): + result = self.ctx.vars.instance + result = result.properties.managedRules.exceptions + filters = enumerate(result) + filters = filter( + lambda e: e[0] == self.ctx.args.index, + filters + ) + idx = next(filters)[0] + return result[idx] + + def _set(self, value): + result = self.ctx.vars.instance + result = result.properties.managedRules.exceptions + filters = enumerate(result) + filters = filter( + lambda e: e[0] == self.ctx.args.index, + filters + ) + idx = next(filters, [len(result)])[0] + self.ctx.args.index = idx + result[idx] = value + return + + class WebApplicationFirewallPoliciesGet(AAZHttpOperation): + CLIENT_TYPE = "MgmtClient" + + def __call__(self, *args, **kwargs): + request = self.make_request() + session = self.client.send_request(request=request, stream=False, **kwargs) + if session.http_response.status_code in [200]: + return self.on_200(session) + + return self.on_error(session.http_response) + + @property + def url(self): + return self.client.format_url( + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/{policyName}", + **self.url_parameters + ) + + @property + def method(self): + return "GET" + + @property + def error_format(self): + return "ODataV4Format" + + @property + def url_parameters(self): + parameters = { + **self.serialize_url_param( + "policyName", self.ctx.args.policy_name, + required=True, + ), + **self.serialize_url_param( + "resourceGroupName", self.ctx.args.resource_group, + required=True, + ), + **self.serialize_url_param( + "subscriptionId", self.ctx.subscription_id, + required=True, + ), + } + return parameters + + @property + def query_parameters(self): + parameters = { + **self.serialize_query_param( + "api-version", "2024-07-01", + required=True, + ), + } + return parameters + + @property + def header_parameters(self): + parameters = { + **self.serialize_header_param( + "Accept", "application/json", + ), + } + return parameters + + def on_200(self, session): + data = self.deserialize_http_content(session) + self.ctx.set_var( + "instance", + data, + schema_builder=self._build_schema_on_200 + ) + + _schema_on_200 = None + + @classmethod + def _build_schema_on_200(cls): + if cls._schema_on_200 is not None: + return cls._schema_on_200 + + cls._schema_on_200 = AAZObjectType() + _AddHelper._build_schema_web_application_firewall_policy_read(cls._schema_on_200) + + return cls._schema_on_200 + + class WebApplicationFirewallPoliciesCreateOrUpdate(AAZHttpOperation): + CLIENT_TYPE = "MgmtClient" + + def __call__(self, *args, **kwargs): + request = self.make_request() + session = self.client.send_request(request=request, stream=False, **kwargs) + if session.http_response.status_code in [200, 201]: + return self.on_200_201(session) + + return self.on_error(session.http_response) + + @property + def url(self): + return self.client.format_url( + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/{policyName}", + **self.url_parameters + ) + + @property + def method(self): + return "PUT" + + @property + def error_format(self): + return "ODataV4Format" + + @property + def url_parameters(self): + parameters = { + **self.serialize_url_param( + "policyName", self.ctx.args.policy_name, + required=True, + ), + **self.serialize_url_param( + "resourceGroupName", self.ctx.args.resource_group, + required=True, + ), + **self.serialize_url_param( + "subscriptionId", self.ctx.subscription_id, + required=True, + ), + } + return parameters + + @property + def query_parameters(self): + parameters = { + **self.serialize_query_param( + "api-version", "2024-07-01", + required=True, + ), + } + return parameters + + @property + def header_parameters(self): + parameters = { + **self.serialize_header_param( + "Content-Type", "application/json", + ), + **self.serialize_header_param( + "Accept", "application/json", + ), + } + return parameters + + @property + def content(self): + _content_value, _builder = self.new_content_builder( + self.ctx.args, + value=self.ctx.vars.instance, + ) + + return self.serialize_content(_content_value) + + def on_200_201(self, session): + data = self.deserialize_http_content(session) + self.ctx.set_var( + "instance", + data, + schema_builder=self._build_schema_on_200_201 + ) + + _schema_on_200_201 = None + + @classmethod + def _build_schema_on_200_201(cls): + if cls._schema_on_200_201 is not None: + return cls._schema_on_200_201 + + cls._schema_on_200_201 = AAZObjectType() + _AddHelper._build_schema_web_application_firewall_policy_read(cls._schema_on_200_201) + + return cls._schema_on_200_201 + + class InstanceCreateByJson(AAZJsonInstanceCreateOperation): + + def __call__(self, *args, **kwargs): + self.ctx.selectors.subresource.set(self._create_instance()) + + def _create_instance(self): + _instance_value, _builder = self.new_content_builder( + self.ctx.args, + typ=AAZObjectType + ) + _builder.set_prop("exceptionManagedRuleSets", AAZListType, ".rule_sets") + _builder.set_prop("matchVariable", AAZStrType, ".match_variable", typ_kwargs={"flags": {"required": True}}) + _builder.set_prop("selector", AAZStrType, ".selector") + _builder.set_prop("selectorMatchOperator", AAZStrType, ".selector_match_operator") + _builder.set_prop("valueMatchOperator", AAZStrType, ".value_match_operator", typ_kwargs={"flags": {"required": True}}) + _builder.set_prop("values", AAZListType, ".values") + + exception_managed_rule_sets = _builder.get(".exceptionManagedRuleSets") + if exception_managed_rule_sets is not None: + _AddHelper._build_schema_exclusion_managed_rule_set_update(exception_managed_rule_sets.set_elements(AAZObjectType, ".")) + + values = _builder.get(".values") + if values is not None: + values.set_elements(AAZStrType, ".") + + return _instance_value + + +class _AddHelper: + """Helper class for Add""" + + @classmethod + def _build_schema_exclusion_managed_rule_set_update(cls, _builder): + if _builder is None: + return + _builder.set_prop("ruleGroups", AAZListType, ".rule_groups") + _builder.set_prop("ruleSetType", AAZStrType, ".rule_set_type", typ_kwargs={"flags": {"required": True}}) + _builder.set_prop("ruleSetVersion", AAZStrType, ".rule_set_version", typ_kwargs={"flags": {"required": True}}) + + rule_groups = _builder.get(".ruleGroups") + if rule_groups is not None: + rule_groups.set_elements(AAZObjectType, ".") + + _elements = _builder.get(".ruleGroups[]") + if _elements is not None: + _elements.set_prop("ruleGroupName", AAZStrType, ".rule_group_name", typ_kwargs={"flags": {"required": True}}) + _elements.set_prop("rules", AAZListType, ".rules") + + rules = _builder.get(".ruleGroups[].rules") + if rules is not None: + rules.set_elements(AAZObjectType, ".") + + _elements = _builder.get(".ruleGroups[].rules[]") + if _elements is not None: + _elements.set_prop("ruleId", AAZStrType, ".rule_id", typ_kwargs={"flags": {"required": True}}) + + _schema_application_gateway_backend_address_pool_read = None + + @classmethod + def _build_schema_application_gateway_backend_address_pool_read(cls, _schema): + if cls._schema_application_gateway_backend_address_pool_read is not None: + _schema.etag = cls._schema_application_gateway_backend_address_pool_read.etag + _schema.id = cls._schema_application_gateway_backend_address_pool_read.id + _schema.name = cls._schema_application_gateway_backend_address_pool_read.name + _schema.properties = cls._schema_application_gateway_backend_address_pool_read.properties + _schema.type = cls._schema_application_gateway_backend_address_pool_read.type + return + + cls._schema_application_gateway_backend_address_pool_read = _schema_application_gateway_backend_address_pool_read = AAZObjectType() + + application_gateway_backend_address_pool_read = _schema_application_gateway_backend_address_pool_read + application_gateway_backend_address_pool_read.etag = AAZStrType( + flags={"read_only": True}, + ) + application_gateway_backend_address_pool_read.id = AAZStrType() + application_gateway_backend_address_pool_read.name = AAZStrType() + application_gateway_backend_address_pool_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + application_gateway_backend_address_pool_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_application_gateway_backend_address_pool_read.properties + properties.backend_addresses = AAZListType( + serialized_name="backendAddresses", + ) + properties.backend_ip_configurations = AAZListType( + serialized_name="backendIPConfigurations", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + backend_addresses = _schema_application_gateway_backend_address_pool_read.properties.backend_addresses + backend_addresses.Element = AAZObjectType() + + _element = _schema_application_gateway_backend_address_pool_read.properties.backend_addresses.Element + _element.fqdn = AAZStrType() + _element.ip_address = AAZStrType( + serialized_name="ipAddress", + ) + + backend_ip_configurations = _schema_application_gateway_backend_address_pool_read.properties.backend_ip_configurations + backend_ip_configurations.Element = AAZObjectType() + cls._build_schema_network_interface_ip_configuration_read(backend_ip_configurations.Element) + + _schema.etag = cls._schema_application_gateway_backend_address_pool_read.etag + _schema.id = cls._schema_application_gateway_backend_address_pool_read.id + _schema.name = cls._schema_application_gateway_backend_address_pool_read.name + _schema.properties = cls._schema_application_gateway_backend_address_pool_read.properties + _schema.type = cls._schema_application_gateway_backend_address_pool_read.type + + _schema_application_gateway_custom_error_read = None + + @classmethod + def _build_schema_application_gateway_custom_error_read(cls, _schema): + if cls._schema_application_gateway_custom_error_read is not None: + _schema.custom_error_page_url = cls._schema_application_gateway_custom_error_read.custom_error_page_url + _schema.status_code = cls._schema_application_gateway_custom_error_read.status_code + return + + cls._schema_application_gateway_custom_error_read = _schema_application_gateway_custom_error_read = AAZObjectType() + + application_gateway_custom_error_read = _schema_application_gateway_custom_error_read + application_gateway_custom_error_read.custom_error_page_url = AAZStrType( + serialized_name="customErrorPageUrl", + ) + application_gateway_custom_error_read.status_code = AAZStrType( + serialized_name="statusCode", + ) + + _schema.custom_error_page_url = cls._schema_application_gateway_custom_error_read.custom_error_page_url + _schema.status_code = cls._schema_application_gateway_custom_error_read.status_code + + _schema_application_gateway_header_configuration_read = None + + @classmethod + def _build_schema_application_gateway_header_configuration_read(cls, _schema): + if cls._schema_application_gateway_header_configuration_read is not None: + _schema.header_name = cls._schema_application_gateway_header_configuration_read.header_name + _schema.header_value = cls._schema_application_gateway_header_configuration_read.header_value + _schema.header_value_matcher = cls._schema_application_gateway_header_configuration_read.header_value_matcher + return + + cls._schema_application_gateway_header_configuration_read = _schema_application_gateway_header_configuration_read = AAZObjectType() + + application_gateway_header_configuration_read = _schema_application_gateway_header_configuration_read + application_gateway_header_configuration_read.header_name = AAZStrType( + serialized_name="headerName", + ) + application_gateway_header_configuration_read.header_value = AAZStrType( + serialized_name="headerValue", + ) + application_gateway_header_configuration_read.header_value_matcher = AAZObjectType( + serialized_name="headerValueMatcher", + ) + + header_value_matcher = _schema_application_gateway_header_configuration_read.header_value_matcher + header_value_matcher.ignore_case = AAZBoolType( + serialized_name="ignoreCase", + ) + header_value_matcher.negate = AAZBoolType() + header_value_matcher.pattern = AAZStrType() + + _schema.header_name = cls._schema_application_gateway_header_configuration_read.header_name + _schema.header_value = cls._schema_application_gateway_header_configuration_read.header_value + _schema.header_value_matcher = cls._schema_application_gateway_header_configuration_read.header_value_matcher + + _schema_application_gateway_ip_configuration_read = None + + @classmethod + def _build_schema_application_gateway_ip_configuration_read(cls, _schema): + if cls._schema_application_gateway_ip_configuration_read is not None: + _schema.etag = cls._schema_application_gateway_ip_configuration_read.etag + _schema.id = cls._schema_application_gateway_ip_configuration_read.id + _schema.name = cls._schema_application_gateway_ip_configuration_read.name + _schema.properties = cls._schema_application_gateway_ip_configuration_read.properties + _schema.type = cls._schema_application_gateway_ip_configuration_read.type + return + + cls._schema_application_gateway_ip_configuration_read = _schema_application_gateway_ip_configuration_read = AAZObjectType() + + application_gateway_ip_configuration_read = _schema_application_gateway_ip_configuration_read + application_gateway_ip_configuration_read.etag = AAZStrType( + flags={"read_only": True}, + ) + application_gateway_ip_configuration_read.id = AAZStrType() + application_gateway_ip_configuration_read.name = AAZStrType() + application_gateway_ip_configuration_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + application_gateway_ip_configuration_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_application_gateway_ip_configuration_read.properties + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.subnet = AAZObjectType() + cls._build_schema_sub_resource_read(properties.subnet) + + _schema.etag = cls._schema_application_gateway_ip_configuration_read.etag + _schema.id = cls._schema_application_gateway_ip_configuration_read.id + _schema.name = cls._schema_application_gateway_ip_configuration_read.name + _schema.properties = cls._schema_application_gateway_ip_configuration_read.properties + _schema.type = cls._schema_application_gateway_ip_configuration_read.type + + _schema_application_gateway_ssl_policy_read = None + + @classmethod + def _build_schema_application_gateway_ssl_policy_read(cls, _schema): + if cls._schema_application_gateway_ssl_policy_read is not None: + _schema.cipher_suites = cls._schema_application_gateway_ssl_policy_read.cipher_suites + _schema.disabled_ssl_protocols = cls._schema_application_gateway_ssl_policy_read.disabled_ssl_protocols + _schema.min_protocol_version = cls._schema_application_gateway_ssl_policy_read.min_protocol_version + _schema.policy_name = cls._schema_application_gateway_ssl_policy_read.policy_name + _schema.policy_type = cls._schema_application_gateway_ssl_policy_read.policy_type + return + + cls._schema_application_gateway_ssl_policy_read = _schema_application_gateway_ssl_policy_read = AAZObjectType() + + application_gateway_ssl_policy_read = _schema_application_gateway_ssl_policy_read + application_gateway_ssl_policy_read.cipher_suites = AAZListType( + serialized_name="cipherSuites", + ) + application_gateway_ssl_policy_read.disabled_ssl_protocols = AAZListType( + serialized_name="disabledSslProtocols", + ) + application_gateway_ssl_policy_read.min_protocol_version = AAZStrType( + serialized_name="minProtocolVersion", + ) + application_gateway_ssl_policy_read.policy_name = AAZStrType( + serialized_name="policyName", + ) + application_gateway_ssl_policy_read.policy_type = AAZStrType( + serialized_name="policyType", + ) + + cipher_suites = _schema_application_gateway_ssl_policy_read.cipher_suites + cipher_suites.Element = AAZStrType() + + disabled_ssl_protocols = _schema_application_gateway_ssl_policy_read.disabled_ssl_protocols + disabled_ssl_protocols.Element = AAZStrType() + + _schema.cipher_suites = cls._schema_application_gateway_ssl_policy_read.cipher_suites + _schema.disabled_ssl_protocols = cls._schema_application_gateway_ssl_policy_read.disabled_ssl_protocols + _schema.min_protocol_version = cls._schema_application_gateway_ssl_policy_read.min_protocol_version + _schema.policy_name = cls._schema_application_gateway_ssl_policy_read.policy_name + _schema.policy_type = cls._schema_application_gateway_ssl_policy_read.policy_type + + _schema_application_security_group_read = None + + @classmethod + def _build_schema_application_security_group_read(cls, _schema): + if cls._schema_application_security_group_read is not None: + _schema.etag = cls._schema_application_security_group_read.etag + _schema.id = cls._schema_application_security_group_read.id + _schema.location = cls._schema_application_security_group_read.location + _schema.name = cls._schema_application_security_group_read.name + _schema.properties = cls._schema_application_security_group_read.properties + _schema.tags = cls._schema_application_security_group_read.tags + _schema.type = cls._schema_application_security_group_read.type + return + + cls._schema_application_security_group_read = _schema_application_security_group_read = AAZObjectType() + + application_security_group_read = _schema_application_security_group_read + application_security_group_read.etag = AAZStrType( + flags={"read_only": True}, + ) + application_security_group_read.id = AAZStrType() + application_security_group_read.location = AAZStrType() + application_security_group_read.name = AAZStrType( + flags={"read_only": True}, + ) + application_security_group_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + application_security_group_read.tags = AAZDictType() + application_security_group_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_application_security_group_read.properties + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + + tags = _schema_application_security_group_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_application_security_group_read.etag + _schema.id = cls._schema_application_security_group_read.id + _schema.location = cls._schema_application_security_group_read.location + _schema.name = cls._schema_application_security_group_read.name + _schema.properties = cls._schema_application_security_group_read.properties + _schema.tags = cls._schema_application_security_group_read.tags + _schema.type = cls._schema_application_security_group_read.type + + _schema_exclusion_managed_rule_set_read = None + + @classmethod + def _build_schema_exclusion_managed_rule_set_read(cls, _schema): + if cls._schema_exclusion_managed_rule_set_read is not None: + _schema.rule_groups = cls._schema_exclusion_managed_rule_set_read.rule_groups + _schema.rule_set_type = cls._schema_exclusion_managed_rule_set_read.rule_set_type + _schema.rule_set_version = cls._schema_exclusion_managed_rule_set_read.rule_set_version + return + + cls._schema_exclusion_managed_rule_set_read = _schema_exclusion_managed_rule_set_read = AAZObjectType() + + exclusion_managed_rule_set_read = _schema_exclusion_managed_rule_set_read + exclusion_managed_rule_set_read.rule_groups = AAZListType( + serialized_name="ruleGroups", + ) + exclusion_managed_rule_set_read.rule_set_type = AAZStrType( + serialized_name="ruleSetType", + flags={"required": True}, + ) + exclusion_managed_rule_set_read.rule_set_version = AAZStrType( + serialized_name="ruleSetVersion", + flags={"required": True}, + ) + + rule_groups = _schema_exclusion_managed_rule_set_read.rule_groups + rule_groups.Element = AAZObjectType() + + _element = _schema_exclusion_managed_rule_set_read.rule_groups.Element + _element.rule_group_name = AAZStrType( + serialized_name="ruleGroupName", + flags={"required": True}, + ) + _element.rules = AAZListType() + + rules = _schema_exclusion_managed_rule_set_read.rule_groups.Element.rules + rules.Element = AAZObjectType() + + _element = _schema_exclusion_managed_rule_set_read.rule_groups.Element.rules.Element + _element.rule_id = AAZStrType( + serialized_name="ruleId", + flags={"required": True}, + ) + + _schema.rule_groups = cls._schema_exclusion_managed_rule_set_read.rule_groups + _schema.rule_set_type = cls._schema_exclusion_managed_rule_set_read.rule_set_type + _schema.rule_set_version = cls._schema_exclusion_managed_rule_set_read.rule_set_version + + _schema_extended_location_read = None + + @classmethod + def _build_schema_extended_location_read(cls, _schema): + if cls._schema_extended_location_read is not None: + _schema.name = cls._schema_extended_location_read.name + _schema.type = cls._schema_extended_location_read.type + return + + cls._schema_extended_location_read = _schema_extended_location_read = AAZObjectType() + + extended_location_read = _schema_extended_location_read + extended_location_read.name = AAZStrType() + extended_location_read.type = AAZStrType() + + _schema.name = cls._schema_extended_location_read.name + _schema.type = cls._schema_extended_location_read.type + + _schema_frontend_ip_configuration_read = None + + @classmethod + def _build_schema_frontend_ip_configuration_read(cls, _schema): + if cls._schema_frontend_ip_configuration_read is not None: + _schema.etag = cls._schema_frontend_ip_configuration_read.etag + _schema.id = cls._schema_frontend_ip_configuration_read.id + _schema.name = cls._schema_frontend_ip_configuration_read.name + _schema.properties = cls._schema_frontend_ip_configuration_read.properties + _schema.type = cls._schema_frontend_ip_configuration_read.type + _schema.zones = cls._schema_frontend_ip_configuration_read.zones + return + + cls._schema_frontend_ip_configuration_read = _schema_frontend_ip_configuration_read = AAZObjectType() + + frontend_ip_configuration_read = _schema_frontend_ip_configuration_read + frontend_ip_configuration_read.etag = AAZStrType( + flags={"read_only": True}, + ) + frontend_ip_configuration_read.id = AAZStrType() + frontend_ip_configuration_read.name = AAZStrType() + frontend_ip_configuration_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + frontend_ip_configuration_read.type = AAZStrType( + flags={"read_only": True}, + ) + frontend_ip_configuration_read.zones = AAZListType() + + properties = _schema_frontend_ip_configuration_read.properties + properties.gateway_load_balancer = AAZObjectType( + serialized_name="gatewayLoadBalancer", + ) + cls._build_schema_sub_resource_read(properties.gateway_load_balancer) + properties.inbound_nat_pools = AAZListType( + serialized_name="inboundNatPools", + flags={"read_only": True}, + ) + properties.inbound_nat_rules = AAZListType( + serialized_name="inboundNatRules", + flags={"read_only": True}, + ) + properties.load_balancing_rules = AAZListType( + serialized_name="loadBalancingRules", + flags={"read_only": True}, + ) + properties.outbound_rules = AAZListType( + serialized_name="outboundRules", + flags={"read_only": True}, + ) + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_address_version = AAZStrType( + serialized_name="privateIPAddressVersion", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_address = AAZObjectType( + serialized_name="publicIPAddress", + ) + cls._build_schema_public_ip_address_read(properties.public_ip_address) + properties.public_ip_prefix = AAZObjectType( + serialized_name="publicIPPrefix", + ) + cls._build_schema_sub_resource_read(properties.public_ip_prefix) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + + inbound_nat_pools = _schema_frontend_ip_configuration_read.properties.inbound_nat_pools + inbound_nat_pools.Element = AAZObjectType() + cls._build_schema_sub_resource_read(inbound_nat_pools.Element) + + inbound_nat_rules = _schema_frontend_ip_configuration_read.properties.inbound_nat_rules + inbound_nat_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(inbound_nat_rules.Element) + + load_balancing_rules = _schema_frontend_ip_configuration_read.properties.load_balancing_rules + load_balancing_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(load_balancing_rules.Element) + + outbound_rules = _schema_frontend_ip_configuration_read.properties.outbound_rules + outbound_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(outbound_rules.Element) + + zones = _schema_frontend_ip_configuration_read.zones + zones.Element = AAZStrType() + + _schema.etag = cls._schema_frontend_ip_configuration_read.etag + _schema.id = cls._schema_frontend_ip_configuration_read.id + _schema.name = cls._schema_frontend_ip_configuration_read.name + _schema.properties = cls._schema_frontend_ip_configuration_read.properties + _schema.type = cls._schema_frontend_ip_configuration_read.type + _schema.zones = cls._schema_frontend_ip_configuration_read.zones + + _schema_ip_configuration_read = None + + @classmethod + def _build_schema_ip_configuration_read(cls, _schema): + if cls._schema_ip_configuration_read is not None: + _schema.etag = cls._schema_ip_configuration_read.etag + _schema.id = cls._schema_ip_configuration_read.id + _schema.name = cls._schema_ip_configuration_read.name + _schema.properties = cls._schema_ip_configuration_read.properties + return + + cls._schema_ip_configuration_read = _schema_ip_configuration_read = AAZObjectType() + + ip_configuration_read = _schema_ip_configuration_read + ip_configuration_read.etag = AAZStrType( + flags={"read_only": True}, + ) + ip_configuration_read.id = AAZStrType() + ip_configuration_read.name = AAZStrType() + ip_configuration_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + + properties = _schema_ip_configuration_read.properties + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_address = AAZObjectType( + serialized_name="publicIPAddress", + ) + cls._build_schema_public_ip_address_read(properties.public_ip_address) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + + _schema.etag = cls._schema_ip_configuration_read.etag + _schema.id = cls._schema_ip_configuration_read.id + _schema.name = cls._schema_ip_configuration_read.name + _schema.properties = cls._schema_ip_configuration_read.properties + + _schema_managed_service_identity_read = None + + @classmethod + def _build_schema_managed_service_identity_read(cls, _schema): + if cls._schema_managed_service_identity_read is not None: + _schema.principal_id = cls._schema_managed_service_identity_read.principal_id + _schema.tenant_id = cls._schema_managed_service_identity_read.tenant_id + _schema.type = cls._schema_managed_service_identity_read.type + _schema.user_assigned_identities = cls._schema_managed_service_identity_read.user_assigned_identities + return + + cls._schema_managed_service_identity_read = _schema_managed_service_identity_read = AAZIdentityObjectType() + + managed_service_identity_read = _schema_managed_service_identity_read + managed_service_identity_read.principal_id = AAZStrType( + serialized_name="principalId", + flags={"read_only": True}, + ) + managed_service_identity_read.tenant_id = AAZStrType( + serialized_name="tenantId", + flags={"read_only": True}, + ) + managed_service_identity_read.type = AAZStrType() + managed_service_identity_read.user_assigned_identities = AAZDictType( + serialized_name="userAssignedIdentities", + ) + + user_assigned_identities = _schema_managed_service_identity_read.user_assigned_identities + user_assigned_identities.Element = AAZObjectType() + + _element = _schema_managed_service_identity_read.user_assigned_identities.Element + _element.client_id = AAZStrType( + serialized_name="clientId", + flags={"read_only": True}, + ) + _element.principal_id = AAZStrType( + serialized_name="principalId", + flags={"read_only": True}, + ) + + _schema.principal_id = cls._schema_managed_service_identity_read.principal_id + _schema.tenant_id = cls._schema_managed_service_identity_read.tenant_id + _schema.type = cls._schema_managed_service_identity_read.type + _schema.user_assigned_identities = cls._schema_managed_service_identity_read.user_assigned_identities + + _schema_network_interface_ip_configuration_read = None + + @classmethod + def _build_schema_network_interface_ip_configuration_read(cls, _schema): + if cls._schema_network_interface_ip_configuration_read is not None: + _schema.etag = cls._schema_network_interface_ip_configuration_read.etag + _schema.id = cls._schema_network_interface_ip_configuration_read.id + _schema.name = cls._schema_network_interface_ip_configuration_read.name + _schema.properties = cls._schema_network_interface_ip_configuration_read.properties + _schema.type = cls._schema_network_interface_ip_configuration_read.type + return + + cls._schema_network_interface_ip_configuration_read = _schema_network_interface_ip_configuration_read = AAZObjectType() + + network_interface_ip_configuration_read = _schema_network_interface_ip_configuration_read + network_interface_ip_configuration_read.etag = AAZStrType( + flags={"read_only": True}, + ) + network_interface_ip_configuration_read.id = AAZStrType() + network_interface_ip_configuration_read.name = AAZStrType() + network_interface_ip_configuration_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + network_interface_ip_configuration_read.type = AAZStrType() + + properties = _schema_network_interface_ip_configuration_read.properties + properties.application_gateway_backend_address_pools = AAZListType( + serialized_name="applicationGatewayBackendAddressPools", + ) + properties.application_security_groups = AAZListType( + serialized_name="applicationSecurityGroups", + ) + properties.gateway_load_balancer = AAZObjectType( + serialized_name="gatewayLoadBalancer", + ) + cls._build_schema_sub_resource_read(properties.gateway_load_balancer) + properties.load_balancer_backend_address_pools = AAZListType( + serialized_name="loadBalancerBackendAddressPools", + ) + properties.load_balancer_inbound_nat_rules = AAZListType( + serialized_name="loadBalancerInboundNatRules", + ) + properties.primary = AAZBoolType() + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_address_prefix_length = AAZIntType( + serialized_name="privateIPAddressPrefixLength", + nullable=True, + ) + properties.private_ip_address_version = AAZStrType( + serialized_name="privateIPAddressVersion", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.private_link_connection_properties = AAZObjectType( + serialized_name="privateLinkConnectionProperties", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_address = AAZObjectType( + serialized_name="publicIPAddress", + ) + cls._build_schema_public_ip_address_read(properties.public_ip_address) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + properties.virtual_network_taps = AAZListType( + serialized_name="virtualNetworkTaps", + ) + + application_gateway_backend_address_pools = _schema_network_interface_ip_configuration_read.properties.application_gateway_backend_address_pools + application_gateway_backend_address_pools.Element = AAZObjectType() + cls._build_schema_application_gateway_backend_address_pool_read(application_gateway_backend_address_pools.Element) + + application_security_groups = _schema_network_interface_ip_configuration_read.properties.application_security_groups + application_security_groups.Element = AAZObjectType() + cls._build_schema_application_security_group_read(application_security_groups.Element) + + load_balancer_backend_address_pools = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools + load_balancer_backend_address_pools.Element = AAZObjectType() + + _element = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties + properties.backend_ip_configurations = AAZListType( + serialized_name="backendIPConfigurations", + flags={"read_only": True}, + ) + properties.drain_period_in_seconds = AAZIntType( + serialized_name="drainPeriodInSeconds", + ) + properties.inbound_nat_rules = AAZListType( + serialized_name="inboundNatRules", + flags={"read_only": True}, + ) + properties.load_balancer_backend_addresses = AAZListType( + serialized_name="loadBalancerBackendAddresses", + ) + properties.load_balancing_rules = AAZListType( + serialized_name="loadBalancingRules", + flags={"read_only": True}, + ) + properties.location = AAZStrType() + properties.outbound_rule = AAZObjectType( + serialized_name="outboundRule", + flags={"read_only": True}, + ) + cls._build_schema_sub_resource_read(properties.outbound_rule) + properties.outbound_rules = AAZListType( + serialized_name="outboundRules", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.sync_mode = AAZStrType( + serialized_name="syncMode", + ) + properties.tunnel_interfaces = AAZListType( + serialized_name="tunnelInterfaces", + ) + properties.virtual_network = AAZObjectType( + serialized_name="virtualNetwork", + ) + cls._build_schema_sub_resource_read(properties.virtual_network) + + backend_ip_configurations = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.backend_ip_configurations + backend_ip_configurations.Element = AAZObjectType() + cls._build_schema_network_interface_ip_configuration_read(backend_ip_configurations.Element) + + inbound_nat_rules = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.inbound_nat_rules + inbound_nat_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(inbound_nat_rules.Element) + + load_balancer_backend_addresses = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancer_backend_addresses + load_balancer_backend_addresses.Element = AAZObjectType() + + _element = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancer_backend_addresses.Element + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + + properties = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancer_backend_addresses.Element.properties + properties.admin_state = AAZStrType( + serialized_name="adminState", + ) + properties.inbound_nat_rules_port_mapping = AAZListType( + serialized_name="inboundNatRulesPortMapping", + flags={"read_only": True}, + ) + properties.ip_address = AAZStrType( + serialized_name="ipAddress", + ) + properties.load_balancer_frontend_ip_configuration = AAZObjectType( + serialized_name="loadBalancerFrontendIPConfiguration", + ) + cls._build_schema_sub_resource_read(properties.load_balancer_frontend_ip_configuration) + properties.network_interface_ip_configuration = AAZObjectType( + serialized_name="networkInterfaceIPConfiguration", + flags={"read_only": True}, + ) + cls._build_schema_sub_resource_read(properties.network_interface_ip_configuration) + properties.subnet = AAZObjectType() + cls._build_schema_sub_resource_read(properties.subnet) + properties.virtual_network = AAZObjectType( + serialized_name="virtualNetwork", + ) + cls._build_schema_sub_resource_read(properties.virtual_network) + + inbound_nat_rules_port_mapping = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancer_backend_addresses.Element.properties.inbound_nat_rules_port_mapping + inbound_nat_rules_port_mapping.Element = AAZObjectType() + + _element = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancer_backend_addresses.Element.properties.inbound_nat_rules_port_mapping.Element + _element.backend_port = AAZIntType( + serialized_name="backendPort", + ) + _element.frontend_port = AAZIntType( + serialized_name="frontendPort", + ) + _element.inbound_nat_rule_name = AAZStrType( + serialized_name="inboundNatRuleName", + ) + + load_balancing_rules = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.load_balancing_rules + load_balancing_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(load_balancing_rules.Element) + + outbound_rules = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.outbound_rules + outbound_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(outbound_rules.Element) + + tunnel_interfaces = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.tunnel_interfaces + tunnel_interfaces.Element = AAZObjectType() + + _element = _schema_network_interface_ip_configuration_read.properties.load_balancer_backend_address_pools.Element.properties.tunnel_interfaces.Element + _element.identifier = AAZIntType() + _element.port = AAZIntType() + _element.protocol = AAZStrType() + _element.type = AAZStrType() + + load_balancer_inbound_nat_rules = _schema_network_interface_ip_configuration_read.properties.load_balancer_inbound_nat_rules + load_balancer_inbound_nat_rules.Element = AAZObjectType() + + _element = _schema_network_interface_ip_configuration_read.properties.load_balancer_inbound_nat_rules.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_ip_configuration_read.properties.load_balancer_inbound_nat_rules.Element.properties + properties.backend_address_pool = AAZObjectType( + serialized_name="backendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.backend_address_pool) + properties.backend_ip_configuration = AAZObjectType( + serialized_name="backendIPConfiguration", + flags={"read_only": True}, + ) + cls._build_schema_network_interface_ip_configuration_read(properties.backend_ip_configuration) + properties.backend_port = AAZIntType( + serialized_name="backendPort", + ) + properties.enable_floating_ip = AAZBoolType( + serialized_name="enableFloatingIP", + ) + properties.enable_tcp_reset = AAZBoolType( + serialized_name="enableTcpReset", + ) + properties.frontend_ip_configuration = AAZObjectType( + serialized_name="frontendIPConfiguration", + ) + cls._build_schema_sub_resource_read(properties.frontend_ip_configuration) + properties.frontend_port = AAZIntType( + serialized_name="frontendPort", + ) + properties.frontend_port_range_end = AAZIntType( + serialized_name="frontendPortRangeEnd", + ) + properties.frontend_port_range_start = AAZIntType( + serialized_name="frontendPortRangeStart", + ) + properties.idle_timeout_in_minutes = AAZIntType( + serialized_name="idleTimeoutInMinutes", + ) + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + private_link_connection_properties = _schema_network_interface_ip_configuration_read.properties.private_link_connection_properties + private_link_connection_properties.fqdns = AAZListType( + flags={"read_only": True}, + ) + private_link_connection_properties.group_id = AAZStrType( + serialized_name="groupId", + flags={"read_only": True}, + ) + private_link_connection_properties.required_member_name = AAZStrType( + serialized_name="requiredMemberName", + flags={"read_only": True}, + ) + + fqdns = _schema_network_interface_ip_configuration_read.properties.private_link_connection_properties.fqdns + fqdns.Element = AAZStrType() + + virtual_network_taps = _schema_network_interface_ip_configuration_read.properties.virtual_network_taps + virtual_network_taps.Element = AAZObjectType() + cls._build_schema_virtual_network_tap_read(virtual_network_taps.Element) + + _schema.etag = cls._schema_network_interface_ip_configuration_read.etag + _schema.id = cls._schema_network_interface_ip_configuration_read.id + _schema.name = cls._schema_network_interface_ip_configuration_read.name + _schema.properties = cls._schema_network_interface_ip_configuration_read.properties + _schema.type = cls._schema_network_interface_ip_configuration_read.type + + _schema_network_interface_tap_configuration_read = None + + @classmethod + def _build_schema_network_interface_tap_configuration_read(cls, _schema): + if cls._schema_network_interface_tap_configuration_read is not None: + _schema.etag = cls._schema_network_interface_tap_configuration_read.etag + _schema.id = cls._schema_network_interface_tap_configuration_read.id + _schema.name = cls._schema_network_interface_tap_configuration_read.name + _schema.properties = cls._schema_network_interface_tap_configuration_read.properties + _schema.type = cls._schema_network_interface_tap_configuration_read.type + return + + cls._schema_network_interface_tap_configuration_read = _schema_network_interface_tap_configuration_read = AAZObjectType() + + network_interface_tap_configuration_read = _schema_network_interface_tap_configuration_read + network_interface_tap_configuration_read.etag = AAZStrType( + flags={"read_only": True}, + ) + network_interface_tap_configuration_read.id = AAZStrType() + network_interface_tap_configuration_read.name = AAZStrType() + network_interface_tap_configuration_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + network_interface_tap_configuration_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_tap_configuration_read.properties + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.virtual_network_tap = AAZObjectType( + serialized_name="virtualNetworkTap", + ) + cls._build_schema_virtual_network_tap_read(properties.virtual_network_tap) + + _schema.etag = cls._schema_network_interface_tap_configuration_read.etag + _schema.id = cls._schema_network_interface_tap_configuration_read.id + _schema.name = cls._schema_network_interface_tap_configuration_read.name + _schema.properties = cls._schema_network_interface_tap_configuration_read.properties + _schema.type = cls._schema_network_interface_tap_configuration_read.type + + _schema_network_interface_read = None + + @classmethod + def _build_schema_network_interface_read(cls, _schema): + if cls._schema_network_interface_read is not None: + _schema.etag = cls._schema_network_interface_read.etag + _schema.extended_location = cls._schema_network_interface_read.extended_location + _schema.id = cls._schema_network_interface_read.id + _schema.location = cls._schema_network_interface_read.location + _schema.name = cls._schema_network_interface_read.name + _schema.properties = cls._schema_network_interface_read.properties + _schema.tags = cls._schema_network_interface_read.tags + _schema.type = cls._schema_network_interface_read.type + return + + cls._schema_network_interface_read = _schema_network_interface_read = AAZObjectType() + + network_interface_read = _schema_network_interface_read + network_interface_read.etag = AAZStrType( + flags={"read_only": True}, + ) + network_interface_read.extended_location = AAZObjectType( + serialized_name="extendedLocation", + ) + cls._build_schema_extended_location_read(network_interface_read.extended_location) + network_interface_read.id = AAZStrType() + network_interface_read.location = AAZStrType() + network_interface_read.name = AAZStrType( + flags={"read_only": True}, + ) + network_interface_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + network_interface_read.tags = AAZDictType() + network_interface_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_read.properties + properties.auxiliary_mode = AAZStrType( + serialized_name="auxiliaryMode", + ) + properties.auxiliary_sku = AAZStrType( + serialized_name="auxiliarySku", + ) + properties.default_outbound_connectivity_enabled = AAZBoolType( + serialized_name="defaultOutboundConnectivityEnabled", + flags={"read_only": True}, + ) + properties.disable_tcp_state_tracking = AAZBoolType( + serialized_name="disableTcpStateTracking", + ) + properties.dns_settings = AAZObjectType( + serialized_name="dnsSettings", + ) + properties.dscp_configuration = AAZObjectType( + serialized_name="dscpConfiguration", + flags={"read_only": True}, + ) + cls._build_schema_sub_resource_read(properties.dscp_configuration) + properties.enable_accelerated_networking = AAZBoolType( + serialized_name="enableAcceleratedNetworking", + ) + properties.enable_ip_forwarding = AAZBoolType( + serialized_name="enableIPForwarding", + ) + properties.hosted_workloads = AAZListType( + serialized_name="hostedWorkloads", + flags={"read_only": True}, + ) + properties.ip_configurations = AAZListType( + serialized_name="ipConfigurations", + ) + properties.mac_address = AAZStrType( + serialized_name="macAddress", + flags={"read_only": True}, + ) + properties.migration_phase = AAZStrType( + serialized_name="migrationPhase", + ) + properties.network_security_group = AAZObjectType( + serialized_name="networkSecurityGroup", + ) + cls._build_schema_network_security_group_read(properties.network_security_group) + properties.nic_type = AAZStrType( + serialized_name="nicType", + ) + properties.primary = AAZBoolType( + flags={"read_only": True}, + ) + properties.private_endpoint = AAZObjectType( + serialized_name="privateEndpoint", + flags={"read_only": True}, + ) + cls._build_schema_private_endpoint_read(properties.private_endpoint) + properties.private_link_service = AAZObjectType( + serialized_name="privateLinkService", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.tap_configurations = AAZListType( + serialized_name="tapConfigurations", + flags={"read_only": True}, + ) + properties.virtual_machine = AAZObjectType( + serialized_name="virtualMachine", + flags={"read_only": True}, + ) + cls._build_schema_sub_resource_read(properties.virtual_machine) + properties.vnet_encryption_supported = AAZBoolType( + serialized_name="vnetEncryptionSupported", + flags={"read_only": True}, + ) + properties.workload_type = AAZStrType( + serialized_name="workloadType", + ) + + dns_settings = _schema_network_interface_read.properties.dns_settings + dns_settings.applied_dns_servers = AAZListType( + serialized_name="appliedDnsServers", + flags={"read_only": True}, + ) + dns_settings.dns_servers = AAZListType( + serialized_name="dnsServers", + ) + dns_settings.internal_dns_name_label = AAZStrType( + serialized_name="internalDnsNameLabel", + ) + dns_settings.internal_domain_name_suffix = AAZStrType( + serialized_name="internalDomainNameSuffix", + flags={"read_only": True}, + ) + dns_settings.internal_fqdn = AAZStrType( + serialized_name="internalFqdn", + flags={"read_only": True}, + ) + + applied_dns_servers = _schema_network_interface_read.properties.dns_settings.applied_dns_servers + applied_dns_servers.Element = AAZStrType() + + dns_servers = _schema_network_interface_read.properties.dns_settings.dns_servers + dns_servers.Element = AAZStrType() + + hosted_workloads = _schema_network_interface_read.properties.hosted_workloads + hosted_workloads.Element = AAZStrType() + + ip_configurations = _schema_network_interface_read.properties.ip_configurations + ip_configurations.Element = AAZObjectType() + cls._build_schema_network_interface_ip_configuration_read(ip_configurations.Element) + + private_link_service = _schema_network_interface_read.properties.private_link_service + private_link_service.etag = AAZStrType( + flags={"read_only": True}, + ) + private_link_service.extended_location = AAZObjectType( + serialized_name="extendedLocation", + ) + cls._build_schema_extended_location_read(private_link_service.extended_location) + private_link_service.id = AAZStrType() + private_link_service.location = AAZStrType() + private_link_service.name = AAZStrType( + flags={"read_only": True}, + ) + private_link_service.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + private_link_service.tags = AAZDictType() + private_link_service.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_read.properties.private_link_service.properties + properties.alias = AAZStrType( + flags={"read_only": True}, + ) + properties.auto_approval = AAZObjectType( + serialized_name="autoApproval", + ) + properties.destination_ip_address = AAZStrType( + serialized_name="destinationIPAddress", + ) + properties.enable_proxy_protocol = AAZBoolType( + serialized_name="enableProxyProtocol", + ) + properties.fqdns = AAZListType() + properties.ip_configurations = AAZListType( + serialized_name="ipConfigurations", + ) + properties.load_balancer_frontend_ip_configurations = AAZListType( + serialized_name="loadBalancerFrontendIpConfigurations", + ) + properties.network_interfaces = AAZListType( + serialized_name="networkInterfaces", + flags={"read_only": True}, + ) + properties.private_endpoint_connections = AAZListType( + serialized_name="privateEndpointConnections", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.visibility = AAZObjectType() + + auto_approval = _schema_network_interface_read.properties.private_link_service.properties.auto_approval + auto_approval.subscriptions = AAZListType() + + subscriptions = _schema_network_interface_read.properties.private_link_service.properties.auto_approval.subscriptions + subscriptions.Element = AAZStrType() + + fqdns = _schema_network_interface_read.properties.private_link_service.properties.fqdns + fqdns.Element = AAZStrType() + + ip_configurations = _schema_network_interface_read.properties.private_link_service.properties.ip_configurations + ip_configurations.Element = AAZObjectType() + + _element = _schema_network_interface_read.properties.private_link_service.properties.ip_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_read.properties.private_link_service.properties.ip_configurations.Element.properties + properties.primary = AAZBoolType() + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_address_version = AAZStrType( + serialized_name="privateIPAddressVersion", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + + load_balancer_frontend_ip_configurations = _schema_network_interface_read.properties.private_link_service.properties.load_balancer_frontend_ip_configurations + load_balancer_frontend_ip_configurations.Element = AAZObjectType() + cls._build_schema_frontend_ip_configuration_read(load_balancer_frontend_ip_configurations.Element) + + network_interfaces = _schema_network_interface_read.properties.private_link_service.properties.network_interfaces + network_interfaces.Element = AAZObjectType() + cls._build_schema_network_interface_read(network_interfaces.Element) + + private_endpoint_connections = _schema_network_interface_read.properties.private_link_service.properties.private_endpoint_connections + private_endpoint_connections.Element = AAZObjectType() + + _element = _schema_network_interface_read.properties.private_link_service.properties.private_endpoint_connections.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_interface_read.properties.private_link_service.properties.private_endpoint_connections.Element.properties + properties.link_identifier = AAZStrType( + serialized_name="linkIdentifier", + flags={"read_only": True}, + ) + properties.private_endpoint = AAZObjectType( + serialized_name="privateEndpoint", + flags={"read_only": True}, + ) + cls._build_schema_private_endpoint_read(properties.private_endpoint) + properties.private_endpoint_location = AAZStrType( + serialized_name="privateEndpointLocation", + flags={"read_only": True}, + ) + properties.private_link_service_connection_state = AAZObjectType( + serialized_name="privateLinkServiceConnectionState", + ) + cls._build_schema_private_link_service_connection_state_read(properties.private_link_service_connection_state) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + visibility = _schema_network_interface_read.properties.private_link_service.properties.visibility + visibility.subscriptions = AAZListType() + + subscriptions = _schema_network_interface_read.properties.private_link_service.properties.visibility.subscriptions + subscriptions.Element = AAZStrType() + + tags = _schema_network_interface_read.properties.private_link_service.tags + tags.Element = AAZStrType() + + tap_configurations = _schema_network_interface_read.properties.tap_configurations + tap_configurations.Element = AAZObjectType() + cls._build_schema_network_interface_tap_configuration_read(tap_configurations.Element) + + tags = _schema_network_interface_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_network_interface_read.etag + _schema.extended_location = cls._schema_network_interface_read.extended_location + _schema.id = cls._schema_network_interface_read.id + _schema.location = cls._schema_network_interface_read.location + _schema.name = cls._schema_network_interface_read.name + _schema.properties = cls._schema_network_interface_read.properties + _schema.tags = cls._schema_network_interface_read.tags + _schema.type = cls._schema_network_interface_read.type + + _schema_network_security_group_read = None + + @classmethod + def _build_schema_network_security_group_read(cls, _schema): + if cls._schema_network_security_group_read is not None: + _schema.etag = cls._schema_network_security_group_read.etag + _schema.id = cls._schema_network_security_group_read.id + _schema.location = cls._schema_network_security_group_read.location + _schema.name = cls._schema_network_security_group_read.name + _schema.properties = cls._schema_network_security_group_read.properties + _schema.tags = cls._schema_network_security_group_read.tags + _schema.type = cls._schema_network_security_group_read.type + return + + cls._schema_network_security_group_read = _schema_network_security_group_read = AAZObjectType() + + network_security_group_read = _schema_network_security_group_read + network_security_group_read.etag = AAZStrType( + flags={"read_only": True}, + ) + network_security_group_read.id = AAZStrType() + network_security_group_read.location = AAZStrType() + network_security_group_read.name = AAZStrType( + flags={"read_only": True}, + ) + network_security_group_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + network_security_group_read.tags = AAZDictType() + network_security_group_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_security_group_read.properties + properties.default_security_rules = AAZListType( + serialized_name="defaultSecurityRules", + flags={"read_only": True}, + ) + properties.flow_logs = AAZListType( + serialized_name="flowLogs", + flags={"read_only": True}, + ) + properties.flush_connection = AAZBoolType( + serialized_name="flushConnection", + ) + properties.network_interfaces = AAZListType( + serialized_name="networkInterfaces", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.security_rules = AAZListType( + serialized_name="securityRules", + ) + properties.subnets = AAZListType( + flags={"read_only": True}, + ) + + default_security_rules = _schema_network_security_group_read.properties.default_security_rules + default_security_rules.Element = AAZObjectType() + cls._build_schema_security_rule_read(default_security_rules.Element) + + flow_logs = _schema_network_security_group_read.properties.flow_logs + flow_logs.Element = AAZObjectType() + + _element = _schema_network_security_group_read.properties.flow_logs.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.identity = AAZIdentityObjectType() + cls._build_schema_managed_service_identity_read(_element.identity) + _element.location = AAZStrType() + _element.name = AAZStrType( + flags={"read_only": True}, + ) + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.tags = AAZDictType() + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_network_security_group_read.properties.flow_logs.Element.properties + properties.enabled = AAZBoolType() + properties.enabled_filtering_criteria = AAZStrType( + serialized_name="enabledFilteringCriteria", + ) + properties.flow_analytics_configuration = AAZObjectType( + serialized_name="flowAnalyticsConfiguration", + ) + properties.format = AAZObjectType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.retention_policy = AAZObjectType( + serialized_name="retentionPolicy", + ) + properties.storage_id = AAZStrType( + serialized_name="storageId", + flags={"required": True}, + ) + properties.target_resource_guid = AAZStrType( + serialized_name="targetResourceGuid", + flags={"read_only": True}, + ) + properties.target_resource_id = AAZStrType( + serialized_name="targetResourceId", + flags={"required": True}, + ) + + flow_analytics_configuration = _schema_network_security_group_read.properties.flow_logs.Element.properties.flow_analytics_configuration + flow_analytics_configuration.network_watcher_flow_analytics_configuration = AAZObjectType( + serialized_name="networkWatcherFlowAnalyticsConfiguration", + ) + + network_watcher_flow_analytics_configuration = _schema_network_security_group_read.properties.flow_logs.Element.properties.flow_analytics_configuration.network_watcher_flow_analytics_configuration + network_watcher_flow_analytics_configuration.enabled = AAZBoolType() + network_watcher_flow_analytics_configuration.traffic_analytics_interval = AAZIntType( + serialized_name="trafficAnalyticsInterval", + ) + network_watcher_flow_analytics_configuration.workspace_id = AAZStrType( + serialized_name="workspaceId", + ) + network_watcher_flow_analytics_configuration.workspace_region = AAZStrType( + serialized_name="workspaceRegion", + ) + network_watcher_flow_analytics_configuration.workspace_resource_id = AAZStrType( + serialized_name="workspaceResourceId", + ) + + format = _schema_network_security_group_read.properties.flow_logs.Element.properties.format + format.type = AAZStrType() + format.version = AAZIntType() + + retention_policy = _schema_network_security_group_read.properties.flow_logs.Element.properties.retention_policy + retention_policy.days = AAZIntType() + retention_policy.enabled = AAZBoolType() + + tags = _schema_network_security_group_read.properties.flow_logs.Element.tags + tags.Element = AAZStrType() + + network_interfaces = _schema_network_security_group_read.properties.network_interfaces + network_interfaces.Element = AAZObjectType() + cls._build_schema_network_interface_read(network_interfaces.Element) + + security_rules = _schema_network_security_group_read.properties.security_rules + security_rules.Element = AAZObjectType() + cls._build_schema_security_rule_read(security_rules.Element) + + subnets = _schema_network_security_group_read.properties.subnets + subnets.Element = AAZObjectType() + cls._build_schema_subnet_read(subnets.Element) + + tags = _schema_network_security_group_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_network_security_group_read.etag + _schema.id = cls._schema_network_security_group_read.id + _schema.location = cls._schema_network_security_group_read.location + _schema.name = cls._schema_network_security_group_read.name + _schema.properties = cls._schema_network_security_group_read.properties + _schema.tags = cls._schema_network_security_group_read.tags + _schema.type = cls._schema_network_security_group_read.type + + _schema_private_endpoint_read = None + + @classmethod + def _build_schema_private_endpoint_read(cls, _schema): + if cls._schema_private_endpoint_read is not None: + _schema.etag = cls._schema_private_endpoint_read.etag + _schema.extended_location = cls._schema_private_endpoint_read.extended_location + _schema.id = cls._schema_private_endpoint_read.id + _schema.location = cls._schema_private_endpoint_read.location + _schema.name = cls._schema_private_endpoint_read.name + _schema.properties = cls._schema_private_endpoint_read.properties + _schema.tags = cls._schema_private_endpoint_read.tags + _schema.type = cls._schema_private_endpoint_read.type + return + + cls._schema_private_endpoint_read = _schema_private_endpoint_read = AAZObjectType( + flags={"read_only": True} + ) + + private_endpoint_read = _schema_private_endpoint_read + private_endpoint_read.etag = AAZStrType( + flags={"read_only": True}, + ) + private_endpoint_read.extended_location = AAZObjectType( + serialized_name="extendedLocation", + ) + cls._build_schema_extended_location_read(private_endpoint_read.extended_location) + private_endpoint_read.id = AAZStrType() + private_endpoint_read.location = AAZStrType() + private_endpoint_read.name = AAZStrType( + flags={"read_only": True}, + ) + private_endpoint_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + private_endpoint_read.tags = AAZDictType() + private_endpoint_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_private_endpoint_read.properties + properties.application_security_groups = AAZListType( + serialized_name="applicationSecurityGroups", + ) + properties.custom_dns_configs = AAZListType( + serialized_name="customDnsConfigs", + ) + properties.custom_network_interface_name = AAZStrType( + serialized_name="customNetworkInterfaceName", + ) + properties.ip_configurations = AAZListType( + serialized_name="ipConfigurations", + ) + properties.manual_private_link_service_connections = AAZListType( + serialized_name="manualPrivateLinkServiceConnections", + ) + properties.network_interfaces = AAZListType( + serialized_name="networkInterfaces", + flags={"read_only": True}, + ) + properties.private_link_service_connections = AAZListType( + serialized_name="privateLinkServiceConnections", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + + application_security_groups = _schema_private_endpoint_read.properties.application_security_groups + application_security_groups.Element = AAZObjectType() + cls._build_schema_application_security_group_read(application_security_groups.Element) + + custom_dns_configs = _schema_private_endpoint_read.properties.custom_dns_configs + custom_dns_configs.Element = AAZObjectType() + + _element = _schema_private_endpoint_read.properties.custom_dns_configs.Element + _element.fqdn = AAZStrType() + _element.ip_addresses = AAZListType( + serialized_name="ipAddresses", + ) + + ip_addresses = _schema_private_endpoint_read.properties.custom_dns_configs.Element.ip_addresses + ip_addresses.Element = AAZStrType() + + ip_configurations = _schema_private_endpoint_read.properties.ip_configurations + ip_configurations.Element = AAZObjectType() + + _element = _schema_private_endpoint_read.properties.ip_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_private_endpoint_read.properties.ip_configurations.Element.properties + properties.group_id = AAZStrType( + serialized_name="groupId", + ) + properties.member_name = AAZStrType( + serialized_name="memberName", + ) + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + + manual_private_link_service_connections = _schema_private_endpoint_read.properties.manual_private_link_service_connections + manual_private_link_service_connections.Element = AAZObjectType() + cls._build_schema_private_link_service_connection_read(manual_private_link_service_connections.Element) + + network_interfaces = _schema_private_endpoint_read.properties.network_interfaces + network_interfaces.Element = AAZObjectType() + cls._build_schema_network_interface_read(network_interfaces.Element) + + private_link_service_connections = _schema_private_endpoint_read.properties.private_link_service_connections + private_link_service_connections.Element = AAZObjectType() + cls._build_schema_private_link_service_connection_read(private_link_service_connections.Element) + + tags = _schema_private_endpoint_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_private_endpoint_read.etag + _schema.extended_location = cls._schema_private_endpoint_read.extended_location + _schema.id = cls._schema_private_endpoint_read.id + _schema.location = cls._schema_private_endpoint_read.location + _schema.name = cls._schema_private_endpoint_read.name + _schema.properties = cls._schema_private_endpoint_read.properties + _schema.tags = cls._schema_private_endpoint_read.tags + _schema.type = cls._schema_private_endpoint_read.type + + _schema_private_link_service_connection_state_read = None + + @classmethod + def _build_schema_private_link_service_connection_state_read(cls, _schema): + if cls._schema_private_link_service_connection_state_read is not None: + _schema.actions_required = cls._schema_private_link_service_connection_state_read.actions_required + _schema.description = cls._schema_private_link_service_connection_state_read.description + _schema.status = cls._schema_private_link_service_connection_state_read.status + return + + cls._schema_private_link_service_connection_state_read = _schema_private_link_service_connection_state_read = AAZObjectType() + + private_link_service_connection_state_read = _schema_private_link_service_connection_state_read + private_link_service_connection_state_read.actions_required = AAZStrType( + serialized_name="actionsRequired", + ) + private_link_service_connection_state_read.description = AAZStrType() + private_link_service_connection_state_read.status = AAZStrType() + + _schema.actions_required = cls._schema_private_link_service_connection_state_read.actions_required + _schema.description = cls._schema_private_link_service_connection_state_read.description + _schema.status = cls._schema_private_link_service_connection_state_read.status + + _schema_private_link_service_connection_read = None + + @classmethod + def _build_schema_private_link_service_connection_read(cls, _schema): + if cls._schema_private_link_service_connection_read is not None: + _schema.etag = cls._schema_private_link_service_connection_read.etag + _schema.id = cls._schema_private_link_service_connection_read.id + _schema.name = cls._schema_private_link_service_connection_read.name + _schema.properties = cls._schema_private_link_service_connection_read.properties + _schema.type = cls._schema_private_link_service_connection_read.type + return + + cls._schema_private_link_service_connection_read = _schema_private_link_service_connection_read = AAZObjectType() + + private_link_service_connection_read = _schema_private_link_service_connection_read + private_link_service_connection_read.etag = AAZStrType( + flags={"read_only": True}, + ) + private_link_service_connection_read.id = AAZStrType() + private_link_service_connection_read.name = AAZStrType() + private_link_service_connection_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + private_link_service_connection_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_private_link_service_connection_read.properties + properties.group_ids = AAZListType( + serialized_name="groupIds", + ) + properties.private_link_service_connection_state = AAZObjectType( + serialized_name="privateLinkServiceConnectionState", + ) + cls._build_schema_private_link_service_connection_state_read(properties.private_link_service_connection_state) + properties.private_link_service_id = AAZStrType( + serialized_name="privateLinkServiceId", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.request_message = AAZStrType( + serialized_name="requestMessage", + ) + + group_ids = _schema_private_link_service_connection_read.properties.group_ids + group_ids.Element = AAZStrType() + + _schema.etag = cls._schema_private_link_service_connection_read.etag + _schema.id = cls._schema_private_link_service_connection_read.id + _schema.name = cls._schema_private_link_service_connection_read.name + _schema.properties = cls._schema_private_link_service_connection_read.properties + _schema.type = cls._schema_private_link_service_connection_read.type + + _schema_public_ip_address_read = None + + @classmethod + def _build_schema_public_ip_address_read(cls, _schema): + if cls._schema_public_ip_address_read is not None: + _schema.etag = cls._schema_public_ip_address_read.etag + _schema.extended_location = cls._schema_public_ip_address_read.extended_location + _schema.id = cls._schema_public_ip_address_read.id + _schema.location = cls._schema_public_ip_address_read.location + _schema.name = cls._schema_public_ip_address_read.name + _schema.properties = cls._schema_public_ip_address_read.properties + _schema.sku = cls._schema_public_ip_address_read.sku + _schema.tags = cls._schema_public_ip_address_read.tags + _schema.type = cls._schema_public_ip_address_read.type + _schema.zones = cls._schema_public_ip_address_read.zones + return + + cls._schema_public_ip_address_read = _schema_public_ip_address_read = AAZObjectType() + + public_ip_address_read = _schema_public_ip_address_read + public_ip_address_read.etag = AAZStrType( + flags={"read_only": True}, + ) + public_ip_address_read.extended_location = AAZObjectType( + serialized_name="extendedLocation", + ) + cls._build_schema_extended_location_read(public_ip_address_read.extended_location) + public_ip_address_read.id = AAZStrType() + public_ip_address_read.location = AAZStrType() + public_ip_address_read.name = AAZStrType( + flags={"read_only": True}, + ) + public_ip_address_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + public_ip_address_read.sku = AAZObjectType() + public_ip_address_read.tags = AAZDictType() + public_ip_address_read.type = AAZStrType( + flags={"read_only": True}, + ) + public_ip_address_read.zones = AAZListType() + + properties = _schema_public_ip_address_read.properties + properties.ddos_settings = AAZObjectType( + serialized_name="ddosSettings", + ) + properties.delete_option = AAZStrType( + serialized_name="deleteOption", + ) + properties.dns_settings = AAZObjectType( + serialized_name="dnsSettings", + ) + properties.idle_timeout_in_minutes = AAZIntType( + serialized_name="idleTimeoutInMinutes", + ) + properties.ip_address = AAZStrType( + serialized_name="ipAddress", + ) + properties.ip_configuration = AAZObjectType( + serialized_name="ipConfiguration", + flags={"read_only": True}, + ) + cls._build_schema_ip_configuration_read(properties.ip_configuration) + properties.ip_tags = AAZListType( + serialized_name="ipTags", + ) + properties.linked_public_ip_address = AAZObjectType( + serialized_name="linkedPublicIPAddress", + ) + cls._build_schema_public_ip_address_read(properties.linked_public_ip_address) + properties.migration_phase = AAZStrType( + serialized_name="migrationPhase", + ) + properties.nat_gateway = AAZObjectType( + serialized_name="natGateway", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_address_version = AAZStrType( + serialized_name="publicIPAddressVersion", + ) + properties.public_ip_allocation_method = AAZStrType( + serialized_name="publicIPAllocationMethod", + ) + properties.public_ip_prefix = AAZObjectType( + serialized_name="publicIPPrefix", + ) + cls._build_schema_sub_resource_read(properties.public_ip_prefix) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.service_public_ip_address = AAZObjectType( + serialized_name="servicePublicIPAddress", + ) + cls._build_schema_public_ip_address_read(properties.service_public_ip_address) + + ddos_settings = _schema_public_ip_address_read.properties.ddos_settings + ddos_settings.ddos_protection_plan = AAZObjectType( + serialized_name="ddosProtectionPlan", + ) + cls._build_schema_sub_resource_read(ddos_settings.ddos_protection_plan) + ddos_settings.protection_mode = AAZStrType( + serialized_name="protectionMode", + ) + + dns_settings = _schema_public_ip_address_read.properties.dns_settings + dns_settings.domain_name_label = AAZStrType( + serialized_name="domainNameLabel", + ) + dns_settings.domain_name_label_scope = AAZStrType( + serialized_name="domainNameLabelScope", + ) + dns_settings.fqdn = AAZStrType() + dns_settings.reverse_fqdn = AAZStrType( + serialized_name="reverseFqdn", + ) + + ip_tags = _schema_public_ip_address_read.properties.ip_tags + ip_tags.Element = AAZObjectType() + + _element = _schema_public_ip_address_read.properties.ip_tags.Element + _element.ip_tag_type = AAZStrType( + serialized_name="ipTagType", + ) + _element.tag = AAZStrType() + + nat_gateway = _schema_public_ip_address_read.properties.nat_gateway + nat_gateway.etag = AAZStrType( + flags={"read_only": True}, + ) + nat_gateway.id = AAZStrType() + nat_gateway.location = AAZStrType() + nat_gateway.name = AAZStrType( + flags={"read_only": True}, + ) + nat_gateway.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + nat_gateway.sku = AAZObjectType() + nat_gateway.tags = AAZDictType() + nat_gateway.type = AAZStrType( + flags={"read_only": True}, + ) + nat_gateway.zones = AAZListType() + + properties = _schema_public_ip_address_read.properties.nat_gateway.properties + properties.idle_timeout_in_minutes = AAZIntType( + serialized_name="idleTimeoutInMinutes", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_addresses = AAZListType( + serialized_name="publicIpAddresses", + ) + properties.public_ip_addresses_v6 = AAZListType( + serialized_name="publicIpAddressesV6", + ) + properties.public_ip_prefixes = AAZListType( + serialized_name="publicIpPrefixes", + ) + properties.public_ip_prefixes_v6 = AAZListType( + serialized_name="publicIpPrefixesV6", + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.source_virtual_network = AAZObjectType( + serialized_name="sourceVirtualNetwork", + ) + cls._build_schema_sub_resource_read(properties.source_virtual_network) + properties.subnets = AAZListType( + flags={"read_only": True}, + ) + + public_ip_addresses = _schema_public_ip_address_read.properties.nat_gateway.properties.public_ip_addresses + public_ip_addresses.Element = AAZObjectType() + cls._build_schema_sub_resource_read(public_ip_addresses.Element) + + public_ip_addresses_v6 = _schema_public_ip_address_read.properties.nat_gateway.properties.public_ip_addresses_v6 + public_ip_addresses_v6.Element = AAZObjectType() + cls._build_schema_sub_resource_read(public_ip_addresses_v6.Element) + + public_ip_prefixes = _schema_public_ip_address_read.properties.nat_gateway.properties.public_ip_prefixes + public_ip_prefixes.Element = AAZObjectType() + cls._build_schema_sub_resource_read(public_ip_prefixes.Element) + + public_ip_prefixes_v6 = _schema_public_ip_address_read.properties.nat_gateway.properties.public_ip_prefixes_v6 + public_ip_prefixes_v6.Element = AAZObjectType() + cls._build_schema_sub_resource_read(public_ip_prefixes_v6.Element) + + subnets = _schema_public_ip_address_read.properties.nat_gateway.properties.subnets + subnets.Element = AAZObjectType() + cls._build_schema_sub_resource_read(subnets.Element) + + sku = _schema_public_ip_address_read.properties.nat_gateway.sku + sku.name = AAZStrType() + + tags = _schema_public_ip_address_read.properties.nat_gateway.tags + tags.Element = AAZStrType() + + zones = _schema_public_ip_address_read.properties.nat_gateway.zones + zones.Element = AAZStrType() + + sku = _schema_public_ip_address_read.sku + sku.name = AAZStrType() + sku.tier = AAZStrType() + + tags = _schema_public_ip_address_read.tags + tags.Element = AAZStrType() + + zones = _schema_public_ip_address_read.zones + zones.Element = AAZStrType() + + _schema.etag = cls._schema_public_ip_address_read.etag + _schema.extended_location = cls._schema_public_ip_address_read.extended_location + _schema.id = cls._schema_public_ip_address_read.id + _schema.location = cls._schema_public_ip_address_read.location + _schema.name = cls._schema_public_ip_address_read.name + _schema.properties = cls._schema_public_ip_address_read.properties + _schema.sku = cls._schema_public_ip_address_read.sku + _schema.tags = cls._schema_public_ip_address_read.tags + _schema.type = cls._schema_public_ip_address_read.type + _schema.zones = cls._schema_public_ip_address_read.zones + + _schema_security_rule_read = None + + @classmethod + def _build_schema_security_rule_read(cls, _schema): + if cls._schema_security_rule_read is not None: + _schema.etag = cls._schema_security_rule_read.etag + _schema.id = cls._schema_security_rule_read.id + _schema.name = cls._schema_security_rule_read.name + _schema.properties = cls._schema_security_rule_read.properties + _schema.type = cls._schema_security_rule_read.type + return + + cls._schema_security_rule_read = _schema_security_rule_read = AAZObjectType() + + security_rule_read = _schema_security_rule_read + security_rule_read.etag = AAZStrType( + flags={"read_only": True}, + ) + security_rule_read.id = AAZStrType() + security_rule_read.name = AAZStrType() + security_rule_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + security_rule_read.type = AAZStrType() + + properties = _schema_security_rule_read.properties + properties.access = AAZStrType( + flags={"required": True}, + ) + properties.description = AAZStrType() + properties.destination_address_prefix = AAZStrType( + serialized_name="destinationAddressPrefix", + ) + properties.destination_address_prefixes = AAZListType( + serialized_name="destinationAddressPrefixes", + ) + properties.destination_application_security_groups = AAZListType( + serialized_name="destinationApplicationSecurityGroups", + ) + properties.destination_port_range = AAZStrType( + serialized_name="destinationPortRange", + ) + properties.destination_port_ranges = AAZListType( + serialized_name="destinationPortRanges", + ) + properties.direction = AAZStrType( + flags={"required": True}, + ) + properties.priority = AAZIntType( + flags={"required": True}, + ) + properties.protocol = AAZStrType( + flags={"required": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.source_address_prefix = AAZStrType( + serialized_name="sourceAddressPrefix", + ) + properties.source_address_prefixes = AAZListType( + serialized_name="sourceAddressPrefixes", + ) + properties.source_application_security_groups = AAZListType( + serialized_name="sourceApplicationSecurityGroups", + ) + properties.source_port_range = AAZStrType( + serialized_name="sourcePortRange", + ) + properties.source_port_ranges = AAZListType( + serialized_name="sourcePortRanges", + ) + + destination_address_prefixes = _schema_security_rule_read.properties.destination_address_prefixes + destination_address_prefixes.Element = AAZStrType() + + destination_application_security_groups = _schema_security_rule_read.properties.destination_application_security_groups + destination_application_security_groups.Element = AAZObjectType() + cls._build_schema_application_security_group_read(destination_application_security_groups.Element) + + destination_port_ranges = _schema_security_rule_read.properties.destination_port_ranges + destination_port_ranges.Element = AAZStrType() + + source_address_prefixes = _schema_security_rule_read.properties.source_address_prefixes + source_address_prefixes.Element = AAZStrType() + + source_application_security_groups = _schema_security_rule_read.properties.source_application_security_groups + source_application_security_groups.Element = AAZObjectType() + cls._build_schema_application_security_group_read(source_application_security_groups.Element) + + source_port_ranges = _schema_security_rule_read.properties.source_port_ranges + source_port_ranges.Element = AAZStrType() + + _schema.etag = cls._schema_security_rule_read.etag + _schema.id = cls._schema_security_rule_read.id + _schema.name = cls._schema_security_rule_read.name + _schema.properties = cls._schema_security_rule_read.properties + _schema.type = cls._schema_security_rule_read.type + + _schema_sub_resource_read = None + + @classmethod + def _build_schema_sub_resource_read(cls, _schema): + if cls._schema_sub_resource_read is not None: + _schema.id = cls._schema_sub_resource_read.id + return + + cls._schema_sub_resource_read = _schema_sub_resource_read = AAZObjectType() + + sub_resource_read = _schema_sub_resource_read + sub_resource_read.id = AAZStrType() + + _schema.id = cls._schema_sub_resource_read.id + + _schema_subnet_read = None + + @classmethod + def _build_schema_subnet_read(cls, _schema): + if cls._schema_subnet_read is not None: + _schema.etag = cls._schema_subnet_read.etag + _schema.id = cls._schema_subnet_read.id + _schema.name = cls._schema_subnet_read.name + _schema.properties = cls._schema_subnet_read.properties + _schema.type = cls._schema_subnet_read.type + return + + cls._schema_subnet_read = _schema_subnet_read = AAZObjectType() + + subnet_read = _schema_subnet_read + subnet_read.etag = AAZStrType( + flags={"read_only": True}, + ) + subnet_read.id = AAZStrType() + subnet_read.name = AAZStrType() + subnet_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + subnet_read.type = AAZStrType() + + properties = _schema_subnet_read.properties + properties.address_prefix = AAZStrType( + serialized_name="addressPrefix", + ) + properties.address_prefixes = AAZListType( + serialized_name="addressPrefixes", + ) + properties.application_gateway_ip_configurations = AAZListType( + serialized_name="applicationGatewayIPConfigurations", + ) + properties.default_outbound_access = AAZBoolType( + serialized_name="defaultOutboundAccess", + ) + properties.delegations = AAZListType() + properties.ip_allocations = AAZListType( + serialized_name="ipAllocations", + ) + properties.ip_configuration_profiles = AAZListType( + serialized_name="ipConfigurationProfiles", + flags={"read_only": True}, + ) + properties.ip_configurations = AAZListType( + serialized_name="ipConfigurations", + flags={"read_only": True}, + ) + properties.ipam_pool_prefix_allocations = AAZListType( + serialized_name="ipamPoolPrefixAllocations", + ) + properties.nat_gateway = AAZObjectType( + serialized_name="natGateway", + ) + cls._build_schema_sub_resource_read(properties.nat_gateway) + properties.network_security_group = AAZObjectType( + serialized_name="networkSecurityGroup", + ) + cls._build_schema_network_security_group_read(properties.network_security_group) + properties.private_endpoint_network_policies = AAZStrType( + serialized_name="privateEndpointNetworkPolicies", + ) + properties.private_endpoints = AAZListType( + serialized_name="privateEndpoints", + flags={"read_only": True}, + ) + properties.private_link_service_network_policies = AAZStrType( + serialized_name="privateLinkServiceNetworkPolicies", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.purpose = AAZStrType( + flags={"read_only": True}, + ) + properties.resource_navigation_links = AAZListType( + serialized_name="resourceNavigationLinks", + flags={"read_only": True}, + ) + properties.route_table = AAZObjectType( + serialized_name="routeTable", + ) + properties.service_association_links = AAZListType( + serialized_name="serviceAssociationLinks", + flags={"read_only": True}, + ) + properties.service_endpoint_policies = AAZListType( + serialized_name="serviceEndpointPolicies", + ) + properties.service_endpoints = AAZListType( + serialized_name="serviceEndpoints", + ) + properties.sharing_scope = AAZStrType( + serialized_name="sharingScope", + ) + + address_prefixes = _schema_subnet_read.properties.address_prefixes + address_prefixes.Element = AAZStrType() + + application_gateway_ip_configurations = _schema_subnet_read.properties.application_gateway_ip_configurations + application_gateway_ip_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_ip_configuration_read(application_gateway_ip_configurations.Element) + + delegations = _schema_subnet_read.properties.delegations + delegations.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.delegations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType() + + properties = _schema_subnet_read.properties.delegations.Element.properties + properties.actions = AAZListType( + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.service_name = AAZStrType( + serialized_name="serviceName", + ) + + actions = _schema_subnet_read.properties.delegations.Element.properties.actions + actions.Element = AAZStrType() + + ip_allocations = _schema_subnet_read.properties.ip_allocations + ip_allocations.Element = AAZObjectType() + cls._build_schema_sub_resource_read(ip_allocations.Element) + + ip_configuration_profiles = _schema_subnet_read.properties.ip_configuration_profiles + ip_configuration_profiles.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.ip_configuration_profiles.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_subnet_read.properties.ip_configuration_profiles.Element.properties + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.subnet = AAZObjectType() + cls._build_schema_subnet_read(properties.subnet) + + ip_configurations = _schema_subnet_read.properties.ip_configurations + ip_configurations.Element = AAZObjectType() + cls._build_schema_ip_configuration_read(ip_configurations.Element) + + ipam_pool_prefix_allocations = _schema_subnet_read.properties.ipam_pool_prefix_allocations + ipam_pool_prefix_allocations.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.ipam_pool_prefix_allocations.Element + _element.allocated_address_prefixes = AAZListType( + serialized_name="allocatedAddressPrefixes", + flags={"read_only": True}, + ) + _element.number_of_ip_addresses = AAZStrType( + serialized_name="numberOfIpAddresses", + ) + _element.pool = AAZObjectType( + flags={"client_flatten": True}, + ) + + allocated_address_prefixes = _schema_subnet_read.properties.ipam_pool_prefix_allocations.Element.allocated_address_prefixes + allocated_address_prefixes.Element = AAZStrType() + + pool = _schema_subnet_read.properties.ipam_pool_prefix_allocations.Element.pool + pool.id = AAZStrType() + + private_endpoints = _schema_subnet_read.properties.private_endpoints + private_endpoints.Element = AAZObjectType() + cls._build_schema_private_endpoint_read(private_endpoints.Element) + + resource_navigation_links = _schema_subnet_read.properties.resource_navigation_links + resource_navigation_links.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.resource_navigation_links.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType( + flags={"read_only": True}, + ) + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_subnet_read.properties.resource_navigation_links.Element.properties + properties.link = AAZStrType() + properties.linked_resource_type = AAZStrType( + serialized_name="linkedResourceType", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + route_table = _schema_subnet_read.properties.route_table + route_table.etag = AAZStrType( + flags={"read_only": True}, + ) + route_table.id = AAZStrType() + route_table.location = AAZStrType() + route_table.name = AAZStrType( + flags={"read_only": True}, + ) + route_table.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + route_table.tags = AAZDictType() + route_table.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_subnet_read.properties.route_table.properties + properties.disable_bgp_route_propagation = AAZBoolType( + serialized_name="disableBgpRoutePropagation", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.routes = AAZListType() + properties.subnets = AAZListType( + flags={"read_only": True}, + ) + + routes = _schema_subnet_read.properties.route_table.properties.routes + routes.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.route_table.properties.routes.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType() + + properties = _schema_subnet_read.properties.route_table.properties.routes.Element.properties + properties.address_prefix = AAZStrType( + serialized_name="addressPrefix", + ) + properties.has_bgp_override = AAZBoolType( + serialized_name="hasBgpOverride", + flags={"read_only": True}, + ) + properties.next_hop_ip_address = AAZStrType( + serialized_name="nextHopIpAddress", + ) + properties.next_hop_type = AAZStrType( + serialized_name="nextHopType", + flags={"required": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + subnets = _schema_subnet_read.properties.route_table.properties.subnets + subnets.Element = AAZObjectType() + cls._build_schema_subnet_read(subnets.Element) + + tags = _schema_subnet_read.properties.route_table.tags + tags.Element = AAZStrType() + + service_association_links = _schema_subnet_read.properties.service_association_links + service_association_links.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.service_association_links.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_subnet_read.properties.service_association_links.Element.properties + properties.allow_delete = AAZBoolType( + serialized_name="allowDelete", + ) + properties.link = AAZStrType() + properties.linked_resource_type = AAZStrType( + serialized_name="linkedResourceType", + ) + properties.locations = AAZListType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + locations = _schema_subnet_read.properties.service_association_links.Element.properties.locations + locations.Element = AAZStrType() + + service_endpoint_policies = _schema_subnet_read.properties.service_endpoint_policies + service_endpoint_policies.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.service_endpoint_policies.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.kind = AAZStrType( + flags={"read_only": True}, + ) + _element.location = AAZStrType() + _element.name = AAZStrType( + flags={"read_only": True}, + ) + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.tags = AAZDictType() + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_subnet_read.properties.service_endpoint_policies.Element.properties + properties.contextual_service_endpoint_policies = AAZListType( + serialized_name="contextualServiceEndpointPolicies", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.service_alias = AAZStrType( + serialized_name="serviceAlias", + ) + properties.service_endpoint_policy_definitions = AAZListType( + serialized_name="serviceEndpointPolicyDefinitions", + ) + properties.subnets = AAZListType( + flags={"read_only": True}, + ) + + contextual_service_endpoint_policies = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.contextual_service_endpoint_policies + contextual_service_endpoint_policies.Element = AAZStrType() + + service_endpoint_policy_definitions = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.service_endpoint_policy_definitions + service_endpoint_policy_definitions.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.service_endpoint_policy_definitions.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType() + + properties = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.service_endpoint_policy_definitions.Element.properties + properties.description = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.service = AAZStrType() + properties.service_resources = AAZListType( + serialized_name="serviceResources", + ) + + service_resources = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.service_endpoint_policy_definitions.Element.properties.service_resources + service_resources.Element = AAZStrType() + + subnets = _schema_subnet_read.properties.service_endpoint_policies.Element.properties.subnets + subnets.Element = AAZObjectType() + cls._build_schema_subnet_read(subnets.Element) + + tags = _schema_subnet_read.properties.service_endpoint_policies.Element.tags + tags.Element = AAZStrType() + + service_endpoints = _schema_subnet_read.properties.service_endpoints + service_endpoints.Element = AAZObjectType() + + _element = _schema_subnet_read.properties.service_endpoints.Element + _element.locations = AAZListType() + _element.network_identifier = AAZObjectType( + serialized_name="networkIdentifier", + ) + cls._build_schema_sub_resource_read(_element.network_identifier) + _element.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + _element.service = AAZStrType() + + locations = _schema_subnet_read.properties.service_endpoints.Element.locations + locations.Element = AAZStrType() + + _schema.etag = cls._schema_subnet_read.etag + _schema.id = cls._schema_subnet_read.id + _schema.name = cls._schema_subnet_read.name + _schema.properties = cls._schema_subnet_read.properties + _schema.type = cls._schema_subnet_read.type + + _schema_virtual_network_tap_read = None + + @classmethod + def _build_schema_virtual_network_tap_read(cls, _schema): + if cls._schema_virtual_network_tap_read is not None: + _schema.etag = cls._schema_virtual_network_tap_read.etag + _schema.id = cls._schema_virtual_network_tap_read.id + _schema.location = cls._schema_virtual_network_tap_read.location + _schema.name = cls._schema_virtual_network_tap_read.name + _schema.properties = cls._schema_virtual_network_tap_read.properties + _schema.tags = cls._schema_virtual_network_tap_read.tags + _schema.type = cls._schema_virtual_network_tap_read.type + return + + cls._schema_virtual_network_tap_read = _schema_virtual_network_tap_read = AAZObjectType() + + virtual_network_tap_read = _schema_virtual_network_tap_read + virtual_network_tap_read.etag = AAZStrType( + flags={"read_only": True}, + ) + virtual_network_tap_read.id = AAZStrType() + virtual_network_tap_read.location = AAZStrType() + virtual_network_tap_read.name = AAZStrType( + flags={"read_only": True}, + ) + virtual_network_tap_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + virtual_network_tap_read.tags = AAZDictType() + virtual_network_tap_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_virtual_network_tap_read.properties + properties.destination_load_balancer_front_end_ip_configuration = AAZObjectType( + serialized_name="destinationLoadBalancerFrontEndIPConfiguration", + ) + cls._build_schema_frontend_ip_configuration_read(properties.destination_load_balancer_front_end_ip_configuration) + properties.destination_network_interface_ip_configuration = AAZObjectType( + serialized_name="destinationNetworkInterfaceIPConfiguration", + ) + cls._build_schema_network_interface_ip_configuration_read(properties.destination_network_interface_ip_configuration) + properties.destination_port = AAZIntType( + serialized_name="destinationPort", + ) + properties.network_interface_tap_configurations = AAZListType( + serialized_name="networkInterfaceTapConfigurations", + flags={"read_only": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + + network_interface_tap_configurations = _schema_virtual_network_tap_read.properties.network_interface_tap_configurations + network_interface_tap_configurations.Element = AAZObjectType() + cls._build_schema_network_interface_tap_configuration_read(network_interface_tap_configurations.Element) + + tags = _schema_virtual_network_tap_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_virtual_network_tap_read.etag + _schema.id = cls._schema_virtual_network_tap_read.id + _schema.location = cls._schema_virtual_network_tap_read.location + _schema.name = cls._schema_virtual_network_tap_read.name + _schema.properties = cls._schema_virtual_network_tap_read.properties + _schema.tags = cls._schema_virtual_network_tap_read.tags + _schema.type = cls._schema_virtual_network_tap_read.type + + _schema_web_application_firewall_policy_read = None + + @classmethod + def _build_schema_web_application_firewall_policy_read(cls, _schema): + if cls._schema_web_application_firewall_policy_read is not None: + _schema.etag = cls._schema_web_application_firewall_policy_read.etag + _schema.id = cls._schema_web_application_firewall_policy_read.id + _schema.location = cls._schema_web_application_firewall_policy_read.location + _schema.name = cls._schema_web_application_firewall_policy_read.name + _schema.properties = cls._schema_web_application_firewall_policy_read.properties + _schema.tags = cls._schema_web_application_firewall_policy_read.tags + _schema.type = cls._schema_web_application_firewall_policy_read.type + return + + cls._schema_web_application_firewall_policy_read = _schema_web_application_firewall_policy_read = AAZObjectType() + + web_application_firewall_policy_read = _schema_web_application_firewall_policy_read + web_application_firewall_policy_read.etag = AAZStrType( + flags={"read_only": True}, + ) + web_application_firewall_policy_read.id = AAZStrType() + web_application_firewall_policy_read.location = AAZStrType() + web_application_firewall_policy_read.name = AAZStrType( + flags={"read_only": True}, + ) + web_application_firewall_policy_read.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + web_application_firewall_policy_read.tags = AAZDictType() + web_application_firewall_policy_read.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties + properties.application_gateway_for_containers = AAZListType( + serialized_name="applicationGatewayForContainers", + flags={"read_only": True}, + ) + properties.application_gateways = AAZListType( + serialized_name="applicationGateways", + flags={"read_only": True}, + ) + properties.custom_rules = AAZListType( + serialized_name="customRules", + ) + properties.http_listeners = AAZListType( + serialized_name="httpListeners", + flags={"read_only": True}, + ) + properties.managed_rules = AAZObjectType( + serialized_name="managedRules", + flags={"required": True}, + ) + properties.path_based_rules = AAZListType( + serialized_name="pathBasedRules", + flags={"read_only": True}, + ) + properties.policy_settings = AAZObjectType( + serialized_name="policySettings", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.resource_state = AAZStrType( + serialized_name="resourceState", + flags={"read_only": True}, + ) + + application_gateway_for_containers = _schema_web_application_firewall_policy_read.properties.application_gateway_for_containers + application_gateway_for_containers.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateway_for_containers.Element + _element.id = AAZStrType( + flags={"required": True}, + ) + + application_gateways = _schema_web_application_firewall_policy_read.properties.application_gateways + application_gateways.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.identity = AAZIdentityObjectType() + cls._build_schema_managed_service_identity_read(_element.identity) + _element.location = AAZStrType() + _element.name = AAZStrType( + flags={"read_only": True}, + ) + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.tags = AAZDictType() + _element.type = AAZStrType( + flags={"read_only": True}, + ) + _element.zones = AAZListType() + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties + properties.authentication_certificates = AAZListType( + serialized_name="authenticationCertificates", + ) + properties.autoscale_configuration = AAZObjectType( + serialized_name="autoscaleConfiguration", + ) + properties.backend_address_pools = AAZListType( + serialized_name="backendAddressPools", + ) + properties.backend_http_settings_collection = AAZListType( + serialized_name="backendHttpSettingsCollection", + ) + properties.backend_settings_collection = AAZListType( + serialized_name="backendSettingsCollection", + ) + properties.custom_error_configurations = AAZListType( + serialized_name="customErrorConfigurations", + ) + properties.default_predefined_ssl_policy = AAZStrType( + serialized_name="defaultPredefinedSslPolicy", + flags={"read_only": True}, + ) + properties.enable_fips = AAZBoolType( + serialized_name="enableFips", + ) + properties.enable_http2 = AAZBoolType( + serialized_name="enableHttp2", + ) + properties.firewall_policy = AAZObjectType( + serialized_name="firewallPolicy", + ) + cls._build_schema_sub_resource_read(properties.firewall_policy) + properties.force_firewall_policy_association = AAZBoolType( + serialized_name="forceFirewallPolicyAssociation", + ) + properties.frontend_ip_configurations = AAZListType( + serialized_name="frontendIPConfigurations", + ) + properties.frontend_ports = AAZListType( + serialized_name="frontendPorts", + ) + properties.gateway_ip_configurations = AAZListType( + serialized_name="gatewayIPConfigurations", + ) + properties.global_configuration = AAZObjectType( + serialized_name="globalConfiguration", + ) + properties.http_listeners = AAZListType( + serialized_name="httpListeners", + ) + properties.listeners = AAZListType() + properties.load_distribution_policies = AAZListType( + serialized_name="loadDistributionPolicies", + ) + properties.operational_state = AAZStrType( + serialized_name="operationalState", + flags={"read_only": True}, + ) + properties.private_endpoint_connections = AAZListType( + serialized_name="privateEndpointConnections", + flags={"read_only": True}, + ) + properties.private_link_configurations = AAZListType( + serialized_name="privateLinkConfigurations", + ) + properties.probes = AAZListType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.redirect_configurations = AAZListType( + serialized_name="redirectConfigurations", + ) + properties.request_routing_rules = AAZListType( + serialized_name="requestRoutingRules", + ) + properties.resource_guid = AAZStrType( + serialized_name="resourceGuid", + flags={"read_only": True}, + ) + properties.rewrite_rule_sets = AAZListType( + serialized_name="rewriteRuleSets", + ) + properties.routing_rules = AAZListType( + serialized_name="routingRules", + ) + properties.sku = AAZObjectType() + properties.ssl_certificates = AAZListType( + serialized_name="sslCertificates", + ) + properties.ssl_policy = AAZObjectType( + serialized_name="sslPolicy", + ) + cls._build_schema_application_gateway_ssl_policy_read(properties.ssl_policy) + properties.ssl_profiles = AAZListType( + serialized_name="sslProfiles", + ) + properties.trusted_client_certificates = AAZListType( + serialized_name="trustedClientCertificates", + ) + properties.trusted_root_certificates = AAZListType( + serialized_name="trustedRootCertificates", + ) + properties.url_path_maps = AAZListType( + serialized_name="urlPathMaps", + ) + properties.web_application_firewall_configuration = AAZObjectType( + serialized_name="webApplicationFirewallConfiguration", + ) + + authentication_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.authentication_certificates + authentication_certificates.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.authentication_certificates.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.authentication_certificates.Element.properties + properties.data = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + autoscale_configuration = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.autoscale_configuration + autoscale_configuration.max_capacity = AAZIntType( + serialized_name="maxCapacity", + ) + autoscale_configuration.min_capacity = AAZIntType( + serialized_name="minCapacity", + flags={"required": True}, + ) + + backend_address_pools = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_address_pools + backend_address_pools.Element = AAZObjectType() + cls._build_schema_application_gateway_backend_address_pool_read(backend_address_pools.Element) + + backend_http_settings_collection = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection + backend_http_settings_collection.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection.Element.properties + properties.affinity_cookie_name = AAZStrType( + serialized_name="affinityCookieName", + ) + properties.authentication_certificates = AAZListType( + serialized_name="authenticationCertificates", + ) + properties.connection_draining = AAZObjectType( + serialized_name="connectionDraining", + ) + properties.cookie_based_affinity = AAZStrType( + serialized_name="cookieBasedAffinity", + ) + properties.host_name = AAZStrType( + serialized_name="hostName", + ) + properties.path = AAZStrType() + properties.pick_host_name_from_backend_address = AAZBoolType( + serialized_name="pickHostNameFromBackendAddress", + ) + properties.port = AAZIntType() + properties.probe = AAZObjectType() + cls._build_schema_sub_resource_read(properties.probe) + properties.probe_enabled = AAZBoolType( + serialized_name="probeEnabled", + ) + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.request_timeout = AAZIntType( + serialized_name="requestTimeout", + ) + properties.trusted_root_certificates = AAZListType( + serialized_name="trustedRootCertificates", + ) + + authentication_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection.Element.properties.authentication_certificates + authentication_certificates.Element = AAZObjectType() + cls._build_schema_sub_resource_read(authentication_certificates.Element) + + connection_draining = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection.Element.properties.connection_draining + connection_draining.drain_timeout_in_sec = AAZIntType( + serialized_name="drainTimeoutInSec", + flags={"required": True}, + ) + connection_draining.enabled = AAZBoolType( + flags={"required": True}, + ) + + trusted_root_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_http_settings_collection.Element.properties.trusted_root_certificates + trusted_root_certificates.Element = AAZObjectType() + cls._build_schema_sub_resource_read(trusted_root_certificates.Element) + + backend_settings_collection = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_settings_collection + backend_settings_collection.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_settings_collection.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_settings_collection.Element.properties + properties.host_name = AAZStrType( + serialized_name="hostName", + ) + properties.pick_host_name_from_backend_address = AAZBoolType( + serialized_name="pickHostNameFromBackendAddress", + ) + properties.port = AAZIntType() + properties.probe = AAZObjectType() + cls._build_schema_sub_resource_read(properties.probe) + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.timeout = AAZIntType() + properties.trusted_root_certificates = AAZListType( + serialized_name="trustedRootCertificates", + ) + + trusted_root_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.backend_settings_collection.Element.properties.trusted_root_certificates + trusted_root_certificates.Element = AAZObjectType() + cls._build_schema_sub_resource_read(trusted_root_certificates.Element) + + custom_error_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.custom_error_configurations + custom_error_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_custom_error_read(custom_error_configurations.Element) + + frontend_ip_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ip_configurations + frontend_ip_configurations.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ip_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ip_configurations.Element.properties + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.private_link_configuration = AAZObjectType( + serialized_name="privateLinkConfiguration", + ) + cls._build_schema_sub_resource_read(properties.private_link_configuration) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_ip_address = AAZObjectType( + serialized_name="publicIPAddress", + ) + cls._build_schema_sub_resource_read(properties.public_ip_address) + properties.subnet = AAZObjectType() + cls._build_schema_sub_resource_read(properties.subnet) + + frontend_ports = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ports + frontend_ports.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ports.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.frontend_ports.Element.properties + properties.port = AAZIntType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + gateway_ip_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.gateway_ip_configurations + gateway_ip_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_ip_configuration_read(gateway_ip_configurations.Element) + + global_configuration = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.global_configuration + global_configuration.enable_request_buffering = AAZBoolType( + serialized_name="enableRequestBuffering", + ) + global_configuration.enable_response_buffering = AAZBoolType( + serialized_name="enableResponseBuffering", + ) + + http_listeners = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.http_listeners + http_listeners.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.http_listeners.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.http_listeners.Element.properties + properties.custom_error_configurations = AAZListType( + serialized_name="customErrorConfigurations", + ) + properties.firewall_policy = AAZObjectType( + serialized_name="firewallPolicy", + ) + cls._build_schema_sub_resource_read(properties.firewall_policy) + properties.frontend_ip_configuration = AAZObjectType( + serialized_name="frontendIPConfiguration", + ) + cls._build_schema_sub_resource_read(properties.frontend_ip_configuration) + properties.frontend_port = AAZObjectType( + serialized_name="frontendPort", + ) + cls._build_schema_sub_resource_read(properties.frontend_port) + properties.host_name = AAZStrType( + serialized_name="hostName", + ) + properties.host_names = AAZListType( + serialized_name="hostNames", + ) + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.require_server_name_indication = AAZBoolType( + serialized_name="requireServerNameIndication", + ) + properties.ssl_certificate = AAZObjectType( + serialized_name="sslCertificate", + ) + cls._build_schema_sub_resource_read(properties.ssl_certificate) + properties.ssl_profile = AAZObjectType( + serialized_name="sslProfile", + ) + cls._build_schema_sub_resource_read(properties.ssl_profile) + + custom_error_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.http_listeners.Element.properties.custom_error_configurations + custom_error_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_custom_error_read(custom_error_configurations.Element) + + host_names = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.http_listeners.Element.properties.host_names + host_names.Element = AAZStrType() + + listeners = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.listeners + listeners.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.listeners.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.listeners.Element.properties + properties.frontend_ip_configuration = AAZObjectType( + serialized_name="frontendIPConfiguration", + ) + cls._build_schema_sub_resource_read(properties.frontend_ip_configuration) + properties.frontend_port = AAZObjectType( + serialized_name="frontendPort", + ) + cls._build_schema_sub_resource_read(properties.frontend_port) + properties.host_names = AAZListType( + serialized_name="hostNames", + ) + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.ssl_certificate = AAZObjectType( + serialized_name="sslCertificate", + ) + cls._build_schema_sub_resource_read(properties.ssl_certificate) + properties.ssl_profile = AAZObjectType( + serialized_name="sslProfile", + ) + cls._build_schema_sub_resource_read(properties.ssl_profile) + + host_names = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.listeners.Element.properties.host_names + host_names.Element = AAZStrType() + + load_distribution_policies = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies + load_distribution_policies.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies.Element.properties + properties.load_distribution_algorithm = AAZStrType( + serialized_name="loadDistributionAlgorithm", + ) + properties.load_distribution_targets = AAZListType( + serialized_name="loadDistributionTargets", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + load_distribution_targets = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies.Element.properties.load_distribution_targets + load_distribution_targets.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies.Element.properties.load_distribution_targets.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.load_distribution_policies.Element.properties.load_distribution_targets.Element.properties + properties.backend_address_pool = AAZObjectType( + serialized_name="backendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.backend_address_pool) + properties.weight_per_server = AAZIntType( + serialized_name="weightPerServer", + ) + + private_endpoint_connections = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_endpoint_connections + private_endpoint_connections.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_endpoint_connections.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_endpoint_connections.Element.properties + properties.link_identifier = AAZStrType( + serialized_name="linkIdentifier", + flags={"read_only": True}, + ) + properties.private_endpoint = AAZObjectType( + serialized_name="privateEndpoint", + flags={"read_only": True}, + ) + cls._build_schema_private_endpoint_read(properties.private_endpoint) + properties.private_link_service_connection_state = AAZObjectType( + serialized_name="privateLinkServiceConnectionState", + ) + cls._build_schema_private_link_service_connection_state_read(properties.private_link_service_connection_state) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + private_link_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations + private_link_configurations.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations.Element.properties + properties.ip_configurations = AAZListType( + serialized_name="ipConfigurations", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + ip_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations.Element.properties.ip_configurations + ip_configurations.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations.Element.properties.ip_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.private_link_configurations.Element.properties.ip_configurations.Element.properties + properties.primary = AAZBoolType() + properties.private_ip_address = AAZStrType( + serialized_name="privateIPAddress", + ) + properties.private_ip_allocation_method = AAZStrType( + serialized_name="privateIPAllocationMethod", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.subnet = AAZObjectType() + cls._build_schema_sub_resource_read(properties.subnet) + + probes = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.probes + probes.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.probes.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.probes.Element.properties + properties.host = AAZStrType() + properties.interval = AAZIntType() + properties.match = AAZObjectType() + properties.min_servers = AAZIntType( + serialized_name="minServers", + ) + properties.path = AAZStrType() + properties.pick_host_name_from_backend_http_settings = AAZBoolType( + serialized_name="pickHostNameFromBackendHttpSettings", + ) + properties.pick_host_name_from_backend_settings = AAZBoolType( + serialized_name="pickHostNameFromBackendSettings", + ) + properties.port = AAZIntType() + properties.protocol = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.timeout = AAZIntType() + properties.unhealthy_threshold = AAZIntType( + serialized_name="unhealthyThreshold", + ) + + match = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.probes.Element.properties.match + match.body = AAZStrType() + match.status_codes = AAZListType( + serialized_name="statusCodes", + ) + + status_codes = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.probes.Element.properties.match.status_codes + status_codes.Element = AAZStrType() + + redirect_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations + redirect_configurations.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations.Element.properties + properties.include_path = AAZBoolType( + serialized_name="includePath", + ) + properties.include_query_string = AAZBoolType( + serialized_name="includeQueryString", + ) + properties.path_rules = AAZListType( + serialized_name="pathRules", + ) + properties.redirect_type = AAZStrType( + serialized_name="redirectType", + ) + properties.request_routing_rules = AAZListType( + serialized_name="requestRoutingRules", + ) + properties.target_listener = AAZObjectType( + serialized_name="targetListener", + ) + cls._build_schema_sub_resource_read(properties.target_listener) + properties.target_url = AAZStrType( + serialized_name="targetUrl", + ) + properties.url_path_maps = AAZListType( + serialized_name="urlPathMaps", + ) + + path_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations.Element.properties.path_rules + path_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(path_rules.Element) + + request_routing_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations.Element.properties.request_routing_rules + request_routing_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(request_routing_rules.Element) + + url_path_maps = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.redirect_configurations.Element.properties.url_path_maps + url_path_maps.Element = AAZObjectType() + cls._build_schema_sub_resource_read(url_path_maps.Element) + + request_routing_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.request_routing_rules + request_routing_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.request_routing_rules.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.request_routing_rules.Element.properties + properties.backend_address_pool = AAZObjectType( + serialized_name="backendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.backend_address_pool) + properties.backend_http_settings = AAZObjectType( + serialized_name="backendHttpSettings", + ) + cls._build_schema_sub_resource_read(properties.backend_http_settings) + properties.http_listener = AAZObjectType( + serialized_name="httpListener", + ) + cls._build_schema_sub_resource_read(properties.http_listener) + properties.load_distribution_policy = AAZObjectType( + serialized_name="loadDistributionPolicy", + ) + cls._build_schema_sub_resource_read(properties.load_distribution_policy) + properties.priority = AAZIntType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.redirect_configuration = AAZObjectType( + serialized_name="redirectConfiguration", + ) + cls._build_schema_sub_resource_read(properties.redirect_configuration) + properties.rewrite_rule_set = AAZObjectType( + serialized_name="rewriteRuleSet", + ) + cls._build_schema_sub_resource_read(properties.rewrite_rule_set) + properties.rule_type = AAZStrType( + serialized_name="ruleType", + ) + properties.url_path_map = AAZObjectType( + serialized_name="urlPathMap", + ) + cls._build_schema_sub_resource_read(properties.url_path_map) + + rewrite_rule_sets = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets + rewrite_rule_sets.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.rewrite_rules = AAZListType( + serialized_name="rewriteRules", + ) + + rewrite_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules + rewrite_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element + _element.action_set = AAZObjectType( + serialized_name="actionSet", + ) + _element.conditions = AAZListType() + _element.name = AAZStrType() + _element.rule_sequence = AAZIntType( + serialized_name="ruleSequence", + ) + + action_set = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.action_set + action_set.request_header_configurations = AAZListType( + serialized_name="requestHeaderConfigurations", + ) + action_set.response_header_configurations = AAZListType( + serialized_name="responseHeaderConfigurations", + ) + action_set.url_configuration = AAZObjectType( + serialized_name="urlConfiguration", + ) + + request_header_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.action_set.request_header_configurations + request_header_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_header_configuration_read(request_header_configurations.Element) + + response_header_configurations = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.action_set.response_header_configurations + response_header_configurations.Element = AAZObjectType() + cls._build_schema_application_gateway_header_configuration_read(response_header_configurations.Element) + + url_configuration = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.action_set.url_configuration + url_configuration.modified_path = AAZStrType( + serialized_name="modifiedPath", + ) + url_configuration.modified_query_string = AAZStrType( + serialized_name="modifiedQueryString", + ) + url_configuration.reroute = AAZBoolType() + + conditions = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.conditions + conditions.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.rewrite_rule_sets.Element.properties.rewrite_rules.Element.conditions.Element + _element.ignore_case = AAZBoolType( + serialized_name="ignoreCase", + ) + _element.negate = AAZBoolType() + _element.pattern = AAZStrType() + _element.variable = AAZStrType() + + routing_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.routing_rules + routing_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.routing_rules.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.routing_rules.Element.properties + properties.backend_address_pool = AAZObjectType( + serialized_name="backendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.backend_address_pool) + properties.backend_settings = AAZObjectType( + serialized_name="backendSettings", + ) + cls._build_schema_sub_resource_read(properties.backend_settings) + properties.listener = AAZObjectType() + cls._build_schema_sub_resource_read(properties.listener) + properties.priority = AAZIntType( + flags={"required": True}, + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.rule_type = AAZStrType( + serialized_name="ruleType", + ) + + sku = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.sku + sku.capacity = AAZIntType() + sku.family = AAZStrType() + sku.name = AAZStrType() + sku.tier = AAZStrType() + + ssl_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_certificates + ssl_certificates.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_certificates.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_certificates.Element.properties + properties.data = AAZStrType() + properties.key_vault_secret_id = AAZStrType( + serialized_name="keyVaultSecretId", + ) + properties.password = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.public_cert_data = AAZStrType( + serialized_name="publicCertData", + flags={"read_only": True}, + ) + + ssl_profiles = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_profiles + ssl_profiles.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_profiles.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_profiles.Element.properties + properties.client_auth_configuration = AAZObjectType( + serialized_name="clientAuthConfiguration", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.ssl_policy = AAZObjectType( + serialized_name="sslPolicy", + ) + cls._build_schema_application_gateway_ssl_policy_read(properties.ssl_policy) + properties.trusted_client_certificates = AAZListType( + serialized_name="trustedClientCertificates", + ) + + client_auth_configuration = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_profiles.Element.properties.client_auth_configuration + client_auth_configuration.verify_client_cert_issuer_dn = AAZBoolType( + serialized_name="verifyClientCertIssuerDN", + ) + client_auth_configuration.verify_client_revocation = AAZStrType( + serialized_name="verifyClientRevocation", + ) + + trusted_client_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.ssl_profiles.Element.properties.trusted_client_certificates + trusted_client_certificates.Element = AAZObjectType() + cls._build_schema_sub_resource_read(trusted_client_certificates.Element) + + trusted_client_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_client_certificates + trusted_client_certificates.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_client_certificates.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_client_certificates.Element.properties + properties.client_cert_issuer_dn = AAZStrType( + serialized_name="clientCertIssuerDN", + flags={"read_only": True}, + ) + properties.data = AAZStrType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.validated_cert_data = AAZStrType( + serialized_name="validatedCertData", + flags={"read_only": True}, + ) + + trusted_root_certificates = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_root_certificates + trusted_root_certificates.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_root_certificates.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.trusted_root_certificates.Element.properties + properties.data = AAZStrType() + properties.key_vault_secret_id = AAZStrType( + serialized_name="keyVaultSecretId", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + url_path_maps = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps + url_path_maps.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element.properties + properties.default_backend_address_pool = AAZObjectType( + serialized_name="defaultBackendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.default_backend_address_pool) + properties.default_backend_http_settings = AAZObjectType( + serialized_name="defaultBackendHttpSettings", + ) + cls._build_schema_sub_resource_read(properties.default_backend_http_settings) + properties.default_load_distribution_policy = AAZObjectType( + serialized_name="defaultLoadDistributionPolicy", + ) + cls._build_schema_sub_resource_read(properties.default_load_distribution_policy) + properties.default_redirect_configuration = AAZObjectType( + serialized_name="defaultRedirectConfiguration", + ) + cls._build_schema_sub_resource_read(properties.default_redirect_configuration) + properties.default_rewrite_rule_set = AAZObjectType( + serialized_name="defaultRewriteRuleSet", + ) + cls._build_schema_sub_resource_read(properties.default_rewrite_rule_set) + properties.path_rules = AAZListType( + serialized_name="pathRules", + ) + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + + path_rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element.properties.path_rules + path_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element.properties.path_rules.Element + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.id = AAZStrType() + _element.name = AAZStrType() + _element.properties = AAZObjectType( + flags={"client_flatten": True}, + ) + _element.type = AAZStrType( + flags={"read_only": True}, + ) + + properties = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element.properties.path_rules.Element.properties + properties.backend_address_pool = AAZObjectType( + serialized_name="backendAddressPool", + ) + cls._build_schema_sub_resource_read(properties.backend_address_pool) + properties.backend_http_settings = AAZObjectType( + serialized_name="backendHttpSettings", + ) + cls._build_schema_sub_resource_read(properties.backend_http_settings) + properties.firewall_policy = AAZObjectType( + serialized_name="firewallPolicy", + ) + cls._build_schema_sub_resource_read(properties.firewall_policy) + properties.load_distribution_policy = AAZObjectType( + serialized_name="loadDistributionPolicy", + ) + cls._build_schema_sub_resource_read(properties.load_distribution_policy) + properties.paths = AAZListType() + properties.provisioning_state = AAZStrType( + serialized_name="provisioningState", + flags={"read_only": True}, + ) + properties.redirect_configuration = AAZObjectType( + serialized_name="redirectConfiguration", + ) + cls._build_schema_sub_resource_read(properties.redirect_configuration) + properties.rewrite_rule_set = AAZObjectType( + serialized_name="rewriteRuleSet", + ) + cls._build_schema_sub_resource_read(properties.rewrite_rule_set) + + paths = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.url_path_maps.Element.properties.path_rules.Element.properties.paths + paths.Element = AAZStrType() + + web_application_firewall_configuration = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration + web_application_firewall_configuration.disabled_rule_groups = AAZListType( + serialized_name="disabledRuleGroups", + ) + web_application_firewall_configuration.enabled = AAZBoolType( + flags={"required": True}, + ) + web_application_firewall_configuration.exclusions = AAZListType() + web_application_firewall_configuration.file_upload_limit_in_mb = AAZIntType( + serialized_name="fileUploadLimitInMb", + ) + web_application_firewall_configuration.firewall_mode = AAZStrType( + serialized_name="firewallMode", + flags={"required": True}, + ) + web_application_firewall_configuration.max_request_body_size = AAZIntType( + serialized_name="maxRequestBodySize", + ) + web_application_firewall_configuration.max_request_body_size_in_kb = AAZIntType( + serialized_name="maxRequestBodySizeInKb", + ) + web_application_firewall_configuration.request_body_check = AAZBoolType( + serialized_name="requestBodyCheck", + ) + web_application_firewall_configuration.rule_set_type = AAZStrType( + serialized_name="ruleSetType", + flags={"required": True}, + ) + web_application_firewall_configuration.rule_set_version = AAZStrType( + serialized_name="ruleSetVersion", + flags={"required": True}, + ) + + disabled_rule_groups = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration.disabled_rule_groups + disabled_rule_groups.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration.disabled_rule_groups.Element + _element.rule_group_name = AAZStrType( + serialized_name="ruleGroupName", + flags={"required": True}, + ) + _element.rules = AAZListType() + + rules = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration.disabled_rule_groups.Element.rules + rules.Element = AAZIntType() + + exclusions = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration.exclusions + exclusions.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.properties.web_application_firewall_configuration.exclusions.Element + _element.match_variable = AAZStrType( + serialized_name="matchVariable", + flags={"required": True}, + ) + _element.selector = AAZStrType( + flags={"required": True}, + ) + _element.selector_match_operator = AAZStrType( + serialized_name="selectorMatchOperator", + flags={"required": True}, + ) + + tags = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.tags + tags.Element = AAZStrType() + + zones = _schema_web_application_firewall_policy_read.properties.application_gateways.Element.zones + zones.Element = AAZStrType() + + custom_rules = _schema_web_application_firewall_policy_read.properties.custom_rules + custom_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.custom_rules.Element + _element.action = AAZStrType( + flags={"required": True}, + ) + _element.etag = AAZStrType( + flags={"read_only": True}, + ) + _element.group_by_user_session = AAZListType( + serialized_name="groupByUserSession", + ) + _element.match_conditions = AAZListType( + serialized_name="matchConditions", + flags={"required": True}, + ) + _element.name = AAZStrType() + _element.priority = AAZIntType( + flags={"required": True}, + ) + _element.rate_limit_duration = AAZStrType( + serialized_name="rateLimitDuration", + ) + _element.rate_limit_threshold = AAZIntType( + serialized_name="rateLimitThreshold", + ) + _element.rule_type = AAZStrType( + serialized_name="ruleType", + flags={"required": True}, + ) + _element.state = AAZStrType() + + group_by_user_session = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.group_by_user_session + group_by_user_session.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.group_by_user_session.Element + _element.group_by_variables = AAZListType( + serialized_name="groupByVariables", + flags={"required": True}, + ) + + group_by_variables = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.group_by_user_session.Element.group_by_variables + group_by_variables.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.group_by_user_session.Element.group_by_variables.Element + _element.variable_name = AAZStrType( + serialized_name="variableName", + flags={"required": True}, + ) + + match_conditions = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions + match_conditions.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions.Element + _element.match_values = AAZListType( + serialized_name="matchValues", + flags={"required": True}, + ) + _element.match_variables = AAZListType( + serialized_name="matchVariables", + flags={"required": True}, + ) + _element.negation_conditon = AAZBoolType( + serialized_name="negationConditon", + ) + _element.operator = AAZStrType( + flags={"required": True}, + ) + _element.transforms = AAZListType() + + match_values = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions.Element.match_values + match_values.Element = AAZStrType() + + match_variables = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions.Element.match_variables + match_variables.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions.Element.match_variables.Element + _element.selector = AAZStrType() + _element.variable_name = AAZStrType( + serialized_name="variableName", + flags={"required": True}, + ) + + transforms = _schema_web_application_firewall_policy_read.properties.custom_rules.Element.match_conditions.Element.transforms + transforms.Element = AAZStrType() + + http_listeners = _schema_web_application_firewall_policy_read.properties.http_listeners + http_listeners.Element = AAZObjectType() + cls._build_schema_sub_resource_read(http_listeners.Element) + + managed_rules = _schema_web_application_firewall_policy_read.properties.managed_rules + managed_rules.exceptions = AAZListType() + managed_rules.exclusions = AAZListType() + managed_rules.managed_rule_sets = AAZListType( + serialized_name="managedRuleSets", + flags={"required": True}, + ) + + exceptions = _schema_web_application_firewall_policy_read.properties.managed_rules.exceptions + exceptions.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.exceptions.Element + _element.exception_managed_rule_sets = AAZListType( + serialized_name="exceptionManagedRuleSets", + ) + _element.match_variable = AAZStrType( + serialized_name="matchVariable", + flags={"required": True}, + ) + _element.selector = AAZStrType() + _element.selector_match_operator = AAZStrType( + serialized_name="selectorMatchOperator", + ) + _element.value_match_operator = AAZStrType( + serialized_name="valueMatchOperator", + flags={"required": True}, + ) + _element.values = AAZListType() + + exception_managed_rule_sets = _schema_web_application_firewall_policy_read.properties.managed_rules.exceptions.Element.exception_managed_rule_sets + exception_managed_rule_sets.Element = AAZObjectType() + cls._build_schema_exclusion_managed_rule_set_read(exception_managed_rule_sets.Element) + + values = _schema_web_application_firewall_policy_read.properties.managed_rules.exceptions.Element.values + values.Element = AAZStrType() + + exclusions = _schema_web_application_firewall_policy_read.properties.managed_rules.exclusions + exclusions.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.exclusions.Element + _element.exclusion_managed_rule_sets = AAZListType( + serialized_name="exclusionManagedRuleSets", + ) + _element.match_variable = AAZStrType( + serialized_name="matchVariable", + flags={"required": True}, + ) + _element.selector = AAZStrType( + flags={"required": True}, + ) + _element.selector_match_operator = AAZStrType( + serialized_name="selectorMatchOperator", + flags={"required": True}, + ) + + exclusion_managed_rule_sets = _schema_web_application_firewall_policy_read.properties.managed_rules.exclusions.Element.exclusion_managed_rule_sets + exclusion_managed_rule_sets.Element = AAZObjectType() + cls._build_schema_exclusion_managed_rule_set_read(exclusion_managed_rule_sets.Element) + + managed_rule_sets = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets + managed_rule_sets.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element + _element.computed_disabled_rules = AAZListType( + serialized_name="computedDisabledRules", + flags={"read_only": True}, + ) + _element.rule_group_overrides = AAZListType( + serialized_name="ruleGroupOverrides", + ) + _element.rule_set_type = AAZStrType( + serialized_name="ruleSetType", + flags={"required": True}, + ) + _element.rule_set_version = AAZStrType( + serialized_name="ruleSetVersion", + flags={"required": True}, + ) + + computed_disabled_rules = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.computed_disabled_rules + computed_disabled_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.computed_disabled_rules.Element + _element.rule_group_name = AAZStrType( + serialized_name="ruleGroupName", + flags={"required": True}, + ) + _element.rules = AAZListType() + + rules = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.computed_disabled_rules.Element.rules + rules.Element = AAZStrType() + + rule_group_overrides = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.rule_group_overrides + rule_group_overrides.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.rule_group_overrides.Element + _element.rule_group_name = AAZStrType( + serialized_name="ruleGroupName", + flags={"required": True}, + ) + _element.rules = AAZListType() + + rules = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.rule_group_overrides.Element.rules + rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.managed_rules.managed_rule_sets.Element.rule_group_overrides.Element.rules.Element + _element.action = AAZStrType() + _element.rule_id = AAZStrType( + serialized_name="ruleId", + flags={"required": True}, + ) + _element.sensitivity = AAZStrType() + _element.state = AAZStrType() + + path_based_rules = _schema_web_application_firewall_policy_read.properties.path_based_rules + path_based_rules.Element = AAZObjectType() + cls._build_schema_sub_resource_read(path_based_rules.Element) + + policy_settings = _schema_web_application_firewall_policy_read.properties.policy_settings + policy_settings.custom_block_response_body = AAZStrType( + serialized_name="customBlockResponseBody", + ) + policy_settings.custom_block_response_status_code = AAZIntType( + serialized_name="customBlockResponseStatusCode", + ) + policy_settings.file_upload_enforcement = AAZBoolType( + serialized_name="fileUploadEnforcement", + ) + policy_settings.file_upload_limit_in_mb = AAZIntType( + serialized_name="fileUploadLimitInMb", + ) + policy_settings.js_challenge_cookie_expiration_in_mins = AAZIntType( + serialized_name="jsChallengeCookieExpirationInMins", + ) + policy_settings.log_scrubbing = AAZObjectType( + serialized_name="logScrubbing", + ) + policy_settings.max_request_body_size_in_kb = AAZIntType( + serialized_name="maxRequestBodySizeInKb", + ) + policy_settings.mode = AAZStrType() + policy_settings.request_body_check = AAZBoolType( + serialized_name="requestBodyCheck", + ) + policy_settings.request_body_enforcement = AAZBoolType( + serialized_name="requestBodyEnforcement", + ) + policy_settings.request_body_inspect_limit_in_kb = AAZIntType( + serialized_name="requestBodyInspectLimitInKB", + ) + policy_settings.state = AAZStrType() + + log_scrubbing = _schema_web_application_firewall_policy_read.properties.policy_settings.log_scrubbing + log_scrubbing.scrubbing_rules = AAZListType( + serialized_name="scrubbingRules", + ) + log_scrubbing.state = AAZStrType() + + scrubbing_rules = _schema_web_application_firewall_policy_read.properties.policy_settings.log_scrubbing.scrubbing_rules + scrubbing_rules.Element = AAZObjectType() + + _element = _schema_web_application_firewall_policy_read.properties.policy_settings.log_scrubbing.scrubbing_rules.Element + _element.match_variable = AAZStrType( + serialized_name="matchVariable", + flags={"required": True}, + ) + _element.selector = AAZStrType() + _element.selector_match_operator = AAZStrType( + serialized_name="selectorMatchOperator", + flags={"required": True}, + ) + _element.state = AAZStrType() + + tags = _schema_web_application_firewall_policy_read.tags + tags.Element = AAZStrType() + + _schema.etag = cls._schema_web_application_firewall_policy_read.etag + _schema.id = cls._schema_web_application_firewall_policy_read.id + _schema.location = cls._schema_web_application_firewall_policy_read.location + _schema.name = cls._schema_web_application_firewall_policy_read.name + _schema.properties = cls._schema_web_application_firewall_policy_read.properties + _schema.tags = cls._schema_web_application_firewall_policy_read.tags + _schema.type = cls._schema_web_application_firewall_policy_read.type + + +__all__ = ["Add"] diff --git a/src/azure-cli/azure/cli/command_modules/network/commands.py b/src/azure-cli/azure/cli/command_modules/network/commands.py index c58461f2471..912c415cdfd 100644 --- a/src/azure-cli/azure/cli/command_modules/network/commands.py +++ b/src/azure-cli/azure/cli/command_modules/network/commands.py @@ -162,6 +162,10 @@ def load_command_table(self, _): from .custom import WAFCustomRuleMatchConditionAdd self.command_table["network application-gateway waf-policy custom-rule match-condition add"] = WAFCustomRuleMatchConditionAdd(loader=self) + with self.command_group("network application-gateway waf-policy managed-rule exception") as g: + g.custom_command("remove", "remove_waf_managed_rule_exception") + g.custom_command("list", "list_waf_managed_rules") + with self.command_group("network application-gateway waf-policy managed-rule exclusion") as g: g.custom_command("remove", "remove_waf_managed_rule_exclusion") g.custom_command("list", "list_waf_managed_rules") diff --git a/src/azure-cli/azure/cli/command_modules/network/custom.py b/src/azure-cli/azure/cli/command_modules/network/custom.py index 27934e0826d..56aa3b5097d 100644 --- a/src/azure-cli/azure/cli/command_modules/network/custom.py +++ b/src/azure-cli/azure/cli/command_modules/network/custom.py @@ -2192,6 +2192,21 @@ def list_waf_managed_rules(cmd, resource_group_name, policy_name): # endregion +# region ApplicationGatewayWAFPolicy ManagedRule Exception +def remove_waf_managed_rule_exception(cmd, resource_group_name, policy_name): + from .aaz.latest.network.application_gateway.waf_policy import Update + + class WAFExceptionRemove(Update): + def pre_instance_update(self, instance): + instance.properties.managed_rules.exceptions = [] + + return WAFExceptionRemove(cli_ctx=cmd.cli_ctx)(command_args={ + "name": policy_name, + "resource_group": resource_group_name, + }) +# endregion + + # region ApplicationGatewayWAFPolicy ManagedRule OwaspCrsExclusionEntry # pylint: disable=too-many-nested-blocks def remove_waf_managed_rule_exclusion(cmd, resource_group_name, policy_name): From 5ca36454c53aaf389f395bfc08d818935f91e064 Mon Sep 17 00:00:00 2001 From: "RuiJun Hu (MSFT)" Date: Fri, 6 Jun 2025 10:39:07 +0800 Subject: [PATCH 2/3] add scenario test --- ...work_app_gateway_waf_policy_exception.yaml | 443 ++++++++++++++++++ .../tests/latest/test_network_commands.py | 24 + 2 files changed, 467 insertions(+) create mode 100644 src/azure-cli/azure/cli/command_modules/network/tests/latest/recordings/test_network_app_gateway_waf_policy_exception.yaml diff --git a/src/azure-cli/azure/cli/command_modules/network/tests/latest/recordings/test_network_app_gateway_waf_policy_exception.yaml b/src/azure-cli/azure/cli/command_modules/network/tests/latest/recordings/test_network_app_gateway_waf_policy_exception.yaml new file mode 100644 index 00000000000..8f46b0be3ac --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/network/tests/latest/recordings/test_network_app_gateway_waf_policy_exception.yaml @@ -0,0 +1,443 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy create + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_app_gateway_waf_policy_exception_000001?api-version=2024-11-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001","name":"cli_test_app_gateway_waf_policy_exception_000001","type":"Microsoft.Resources/resourceGroups","location":"eastus2","tags":{"product":"azurecli","cause":"automation","test":"test_network_app_gateway_waf_policy_exception","date":"2025-06-05T13:42:08Z","module":"network"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '449' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:17 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-global-reads: + - '3749' + x-msedge-ref: + - 'Ref A: 5ED2E8FE003C4984AEE5899CA9452451 Ref B: MAA201060513027 Ref C: 2025-06-05T13:42:17Z' + status: + code: 200 + message: OK +- request: + body: '{"location": "eastus2", "properties": {"managedRules": {"managedRuleSets": + [{"ruleSetType": "Microsoft_DefaultRuleSet", "ruleSetVersion": "2.1"}]}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy create + Connection: + - keep-alive + Content-Length: + - '148' + Content-Type: + - application/json + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-03-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"d8aef3fb-e35b-4f01-89b0-d613d77f8831\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Updating","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[]}}}' + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/eastus2/operations/c5a09ae6-d39d-4f5e-a3fe-218f367aa4b9?api-version=2024-03-01&t=638847277425196005&c=MIIHhzCCBm-gAwIBAgITfAeDEnPW_KxJbq8EjgAAB4MSczANBgkqhkiG9w0BAQsFADBEMRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYDQU1FMRgwFgYDVQQDEw9BTUUgSW5mcmEgQ0EgMDUwHhcNMjUwNDIwMTUyMDI3WhcNMjUxMDE3MTUyMDI3WjBAMT4wPAYDVQQDEzVhc3luY29wZXJhdGlvbnNpZ25pbmdjZXJ0aWZpY2F0ZS5tYW5hZ2VtZW50LmF6dXJlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALO1SAvt4DI7FxxBmZBcfoKDLiXpS8U5adZbRlRvVm-EcAWqGNnVo1AxaXu3ghKMY95LxffhvcYAZ56WhgOxA_gpAUzm4t0yW0aVzv7vAOWZHIG1fvTcWY_sHCkuTyCNAcRbNbaqbidaK9ZOTQ19baUQ26kVkP7tjTi6DWWRlM25d4YQcGaWJoBwUtol-hgB5Z_rVMljRF5Q1T9_3YpRBw57SpHvmb30JNQSpndyeu--Ip8pMwpNaiIRF70G8WfbTBoJhRqNqNAKBLU3CAVV4H6lYrXtSK-gkZC0EzjZ4ze_XVDGBd1sOPsbMx4aQgZEiuDJuuk9eqTzzur3IDUdrP0CAwEAAaOCBHQwggRwMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUHAwIwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhpDjDYTVtHiE8Ys-hZvdFs6dEoFghfmRS4WsmTQCAWQCAQcwggHLBggrBgEFBQcBAQSCAb0wggG5MGMGCCsGAQUFBzAChldodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpaW5mcmEvQ2VydHMvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MFMGCCsGAQUFBzAChkdodHRwOi8vY3JsMi5hbWUuZ2JsL2FpYS9DTzFQS0lJTlRDQTAxLkFNRS5HQkxfQU1FJTIwSW5mcmElMjBDQSUyMDA1LmNydDBTBggrBgEFBQcwAoZHaHR0cDovL2NybDMuYW1lLmdibC9haWEvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MB0GA1UdDgQWBBSRrAa71kVppeoZonY7QPy_R7XWQzAOBgNVHQ8BAf8EBAMCBaAwggEmBgNVHR8EggEdMIIBGTCCARWgggERoIIBDYY_aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NSTC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMS5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JsMIGdBgNVHSAEgZUwgZIwDAYKKwYBBAGCN3sBATBmBgorBgEEAYI3ewICMFgwVgYIKwYBBQUHAgIwSh5IADMAMwBlADAAMQA5ADIAMQAtADQAZAA2ADQALQA0AGYAOABjAC0AYQAwADUANQAtADUAYgBkAGEAZgBmAGQANQBlADMAMwBkMAwGCisGAQQBgjd7AwIwDAYKKwYBBAGCN3sEAjAfBgNVHSMEGDAWgBR61hmFKHlscXYeYPjzS--iBUIWHTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAChQXwS0_EaMb7G3BWGDeoNhAAEaoKkJVUy5HVGyWKADFm6Tp2WidwOIMoOu-IuoA634ORJ7bIwsC2WhUA0Z8-c2AAD956dAtCkn5pEBXSqwuKMM3l9KOClAY1RiAQcP-GWtmb_mqZspO78GHaq-mwiyIDUICM-uZl-qR6UVt6rLn5xPqHNkenxrslS_G3IJ9yCV1sflxhz93B7VR9H7BtOxd_nqZOD5uSV3OpPnATTRO0KB3VBbZ0KqvdtWoHjNywLqMuhJUufHw2zmlQ-Yj3ndha_yTvOQlT-85ikSoyWI0P4_GeEwX9RdkiVHVzx3gR8HzFKkJXOwRvxQE_9Ov_0&s=Quv0pHC6kE9FwFusd7RYq-QolCpO4B1LWdwx9JBZPlgbq__X27nAus4C8e1ynCfdomrIYzbuFq-gAFvD0P_KifUOZl5bXfy6x91mZMJJm8ZyNJ9LIWUJ5323XA2M904r9jwU-RvJYqbmcgg2bIw3f2ma7rDM0DTyMPEU4cMo7SZsvbwMaV-d0zl_hCGG5UDLRWF5PZ8VC76f9yPjImH4tEaTmtJlPTREVe3B_Fa7nCz0HdLF1TlzcBDVcPQLBSyd0uVfkQOdPfuotla9FUWsSAV8jOaQxFx8dsb8CUew1IZjSW1Jee9GHjG_c5kJsye2-6AqHwKI0TH0V7yl-WjLGw&h=__LyOAEWMpSATqHer3r_UJ3jlFV1D5-fAaK3-YzziWY + cache-control: + - no-cache + content-length: + - '804' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:21 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 8e44a405-fe0b-44a6-b90b-447d8f643323 + x-ms-operation-identifier: + - tenantId=b5ee6c06-c2c2-4e3c-8606-5f170cee077a,objectId=192e3e2b-8cd9-4e68-aa85-5d89980e81ce/southeastasia/275cfb48-db9f-430e-b0d2-8f44808efb8e + x-ms-ratelimit-remaining-subscription-global-writes: + - '2999' + x-ms-ratelimit-remaining-subscription-writes: + - '199' + x-msedge-ref: + - 'Ref A: 6C0E03CADB93495C8BF7866B33AB0E03 Ref B: MAA201060514045 Ref C: 2025-06-05T13:42:18Z' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception add + Connection: + - keep-alive + ParameterSetName: + - -g --policy-name --match-variable --value-match-operator --values --rule-sets + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-07-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"3c1e96e5-013a-4a38-929a-7a485acc2d0b\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Succeeded","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[]}}}' + headers: + cache-control: + - no-cache + content-length: + - '805' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:24 GMT + etag: + - W/"3c1e96e5-013a-4a38-929a-7a485acc2d0b" + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - afcac9c3-0556-4e36-a535-3de3027bcf38 + x-ms-ratelimit-remaining-subscription-global-reads: + - '3749' + x-msedge-ref: + - 'Ref A: 7D5C9BD03A3A4CD49B5FF9EEC24F6D02 Ref B: MAA201060515009 Ref C: 2025-06-05T13:42:23Z' + status: + code: 200 + message: OK +- request: + body: '{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1", + "location": "eastus2", "properties": {"customRules": [], "managedRules": {"exceptions": + [{"exceptionManagedRuleSets": [{"ruleSetType": "OWASP", "ruleSetVersion": "3.2"}], + "matchVariable": "RequestURI", "valueMatchOperator": "Contains", "values": ["health", + "account/images", "default.aspx"]}], "exclusions": [], "managedRuleSets": [{"ruleGroupOverrides": + [], "ruleSetType": "Microsoft_DefaultRuleSet", "ruleSetVersion": "2.1"}]}, "policySettings": + {"fileUploadEnforcement": true, "fileUploadLimitInMb": 100, "maxRequestBodySizeInKb": + 128, "mode": "Detection", "requestBodyCheck": true, "requestBodyEnforcement": + true, "requestBodyInspectLimitInKB": 128, "state": "Disabled"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception add + Connection: + - keep-alive + Content-Length: + - '884' + Content-Type: + - application/json + ParameterSetName: + - -g --policy-name --match-variable --value-match-operator --values --rule-sets + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-07-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"00b72b9c-e287-4dc2-b9b3-3c7089146d83\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Updating","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[],"exceptions":[{"matchVariable":"RequestURI","selectorMatchOperator":null,"valueMatchOperator":"Contains","values":["health","account/images","default.aspx"],"exceptionManagedRuleSets":[{"ruleSetType":"OWASP","ruleSetVersion":"3.2","ruleGroups":[]}]}]}}}' + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/eastus2/operations/50af13c2-f5ca-452c-aec0-4cade62e83ed?api-version=2024-07-01&t=638847277464822471&c=MIIHhzCCBm-gAwIBAgITfAeDEnPW_KxJbq8EjgAAB4MSczANBgkqhkiG9w0BAQsFADBEMRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYDQU1FMRgwFgYDVQQDEw9BTUUgSW5mcmEgQ0EgMDUwHhcNMjUwNDIwMTUyMDI3WhcNMjUxMDE3MTUyMDI3WjBAMT4wPAYDVQQDEzVhc3luY29wZXJhdGlvbnNpZ25pbmdjZXJ0aWZpY2F0ZS5tYW5hZ2VtZW50LmF6dXJlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALO1SAvt4DI7FxxBmZBcfoKDLiXpS8U5adZbRlRvVm-EcAWqGNnVo1AxaXu3ghKMY95LxffhvcYAZ56WhgOxA_gpAUzm4t0yW0aVzv7vAOWZHIG1fvTcWY_sHCkuTyCNAcRbNbaqbidaK9ZOTQ19baUQ26kVkP7tjTi6DWWRlM25d4YQcGaWJoBwUtol-hgB5Z_rVMljRF5Q1T9_3YpRBw57SpHvmb30JNQSpndyeu--Ip8pMwpNaiIRF70G8WfbTBoJhRqNqNAKBLU3CAVV4H6lYrXtSK-gkZC0EzjZ4ze_XVDGBd1sOPsbMx4aQgZEiuDJuuk9eqTzzur3IDUdrP0CAwEAAaOCBHQwggRwMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUHAwIwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhpDjDYTVtHiE8Ys-hZvdFs6dEoFghfmRS4WsmTQCAWQCAQcwggHLBggrBgEFBQcBAQSCAb0wggG5MGMGCCsGAQUFBzAChldodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpaW5mcmEvQ2VydHMvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MFMGCCsGAQUFBzAChkdodHRwOi8vY3JsMi5hbWUuZ2JsL2FpYS9DTzFQS0lJTlRDQTAxLkFNRS5HQkxfQU1FJTIwSW5mcmElMjBDQSUyMDA1LmNydDBTBggrBgEFBQcwAoZHaHR0cDovL2NybDMuYW1lLmdibC9haWEvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MB0GA1UdDgQWBBSRrAa71kVppeoZonY7QPy_R7XWQzAOBgNVHQ8BAf8EBAMCBaAwggEmBgNVHR8EggEdMIIBGTCCARWgggERoIIBDYY_aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NSTC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMS5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JsMIGdBgNVHSAEgZUwgZIwDAYKKwYBBAGCN3sBATBmBgorBgEEAYI3ewICMFgwVgYIKwYBBQUHAgIwSh5IADMAMwBlADAAMQA5ADIAMQAtADQAZAA2ADQALQA0AGYAOABjAC0AYQAwADUANQAtADUAYgBkAGEAZgBmAGQANQBlADMAMwBkMAwGCisGAQQBgjd7AwIwDAYKKwYBBAGCN3sEAjAfBgNVHSMEGDAWgBR61hmFKHlscXYeYPjzS--iBUIWHTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAChQXwS0_EaMb7G3BWGDeoNhAAEaoKkJVUy5HVGyWKADFm6Tp2WidwOIMoOu-IuoA634ORJ7bIwsC2WhUA0Z8-c2AAD956dAtCkn5pEBXSqwuKMM3l9KOClAY1RiAQcP-GWtmb_mqZspO78GHaq-mwiyIDUICM-uZl-qR6UVt6rLn5xPqHNkenxrslS_G3IJ9yCV1sflxhz93B7VR9H7BtOxd_nqZOD5uSV3OpPnATTRO0KB3VBbZ0KqvdtWoHjNywLqMuhJUufHw2zmlQ-Yj3ndha_yTvOQlT-85ikSoyWI0P4_GeEwX9RdkiVHVzx3gR8HzFKkJXOwRvxQE_9Ov_0&s=HzzIl70xS3eBSmOjZRnAZvDzhLDCUSBK91GEKGoJaXUIwdliF5w8j79LQ-8vLpPDMbnLDIDbHNaGrmq3TSOWWLjv_lp7ezpAkFxs90SUuNDyF_fP-i0dygq1P9fiF4-GIAYPFdHynuey5bv-y_o3qPhPTubmOXO8KVOwzajfjnPqaVEopOlS6sFOI2oaDbQ63sv9wqCrjUEKGVr9_pGM8wyxgHKhTwIuosw44AQx-CUbWtcuhN52sIQ9sxIu8N3Be6EHSHU-buv1bemEEm72ERJHDWm3_OzVN33xytZVuJYqnVnuq6a9ytHE_OdIWD7b44ZG21x4XRutXOnwjA5nWg&h=g4DipifpxmHElyWkXCdnUrrMRbUsok1eVDMnFisIsv0 + cache-control: + - no-cache + content-length: + - '1055' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:26 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 2c05d4f2-93ea-428d-a75a-e57904b27720 + x-ms-operation-identifier: + - tenantId=b5ee6c06-c2c2-4e3c-8606-5f170cee077a,objectId=192e3e2b-8cd9-4e68-aa85-5d89980e81ce/southeastasia/8550fc77-f79b-4e29-b07c-32d3a2730e59 + x-ms-ratelimit-remaining-subscription-global-writes: + - '2999' + x-ms-ratelimit-remaining-subscription-writes: + - '199' + x-msedge-ref: + - 'Ref A: 71B97B8CAE054F67BD40DBFF89ED8D3A Ref B: MAA201060515009 Ref C: 2025-06-05T13:42:24Z' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception list + Connection: + - keep-alive + ParameterSetName: + - -g --policy-name + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-03-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"dc2be00b-e249-4803-961a-246c34c1bc05\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Succeeded","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[],"exceptions":[{"matchVariable":"RequestURI","selectorMatchOperator":null,"valueMatchOperator":"Contains","values":["health","account/images","default.aspx"],"exceptionManagedRuleSets":[{"ruleSetType":"OWASP","ruleSetVersion":"3.2","ruleGroups":[]}]}]}}}' + headers: + cache-control: + - no-cache + content-length: + - '1056' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:28 GMT + etag: + - W/"dc2be00b-e249-4803-961a-246c34c1bc05" + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - fff7109f-b295-45fa-9405-7adcc1b9595b + x-ms-ratelimit-remaining-subscription-global-reads: + - '3749' + x-msedge-ref: + - 'Ref A: 322DC1691B3640CE800FE31E392F94F7 Ref B: MAA201060513053 Ref C: 2025-06-05T13:42:27Z' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception remove + Connection: + - keep-alive + ParameterSetName: + - -g --policy-name + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-03-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"dc2be00b-e249-4803-961a-246c34c1bc05\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Succeeded","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[],"exceptions":[{"matchVariable":"RequestURI","selectorMatchOperator":null,"valueMatchOperator":"Contains","values":["health","account/images","default.aspx"],"exceptionManagedRuleSets":[{"ruleSetType":"OWASP","ruleSetVersion":"3.2","ruleGroups":[]}]}]}}}' + headers: + cache-control: + - no-cache + content-length: + - '1056' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:29 GMT + etag: + - W/"dc2be00b-e249-4803-961a-246c34c1bc05" + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 990ed79a-4360-4c2c-b7ea-b7202cb74113 + x-ms-ratelimit-remaining-subscription-global-reads: + - '3749' + x-msedge-ref: + - 'Ref A: 4BEA269726F74F338B089D2724F0B330 Ref B: MAA201060515039 Ref C: 2025-06-05T13:42:28Z' + status: + code: 200 + message: OK +- request: + body: '{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1", + "location": "eastus2", "properties": {"customRules": [], "managedRules": {"exceptions": + [], "exclusions": [], "managedRuleSets": [{"ruleGroupOverrides": [], "ruleSetType": + "Microsoft_DefaultRuleSet", "ruleSetVersion": "2.1"}]}, "policySettings": {"fileUploadEnforcement": + true, "fileUploadLimitInMb": 100, "maxRequestBodySizeInKb": 128, "mode": "Detection", + "requestBodyCheck": true, "requestBodyEnforcement": true, "requestBodyInspectLimitInKB": + 128, "state": "Disabled"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception remove + Connection: + - keep-alive + Content-Length: + - '682' + Content-Type: + - application/json + ParameterSetName: + - -g --policy-name + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-03-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"033ed127-98d0-415a-82f5-340cbe9d4d1c\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Updating","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[]}}}' + headers: + azure-asyncnotification: + - Enabled + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Network/locations/eastus2/operations/4ffba302-8fcf-4fb7-be1c-91c932acc982?api-version=2024-03-01&t=638847277517638617&c=MIIHhzCCBm-gAwIBAgITfAeDEnPW_KxJbq8EjgAAB4MSczANBgkqhkiG9w0BAQsFADBEMRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYDQU1FMRgwFgYDVQQDEw9BTUUgSW5mcmEgQ0EgMDUwHhcNMjUwNDIwMTUyMDI3WhcNMjUxMDE3MTUyMDI3WjBAMT4wPAYDVQQDEzVhc3luY29wZXJhdGlvbnNpZ25pbmdjZXJ0aWZpY2F0ZS5tYW5hZ2VtZW50LmF6dXJlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALO1SAvt4DI7FxxBmZBcfoKDLiXpS8U5adZbRlRvVm-EcAWqGNnVo1AxaXu3ghKMY95LxffhvcYAZ56WhgOxA_gpAUzm4t0yW0aVzv7vAOWZHIG1fvTcWY_sHCkuTyCNAcRbNbaqbidaK9ZOTQ19baUQ26kVkP7tjTi6DWWRlM25d4YQcGaWJoBwUtol-hgB5Z_rVMljRF5Q1T9_3YpRBw57SpHvmb30JNQSpndyeu--Ip8pMwpNaiIRF70G8WfbTBoJhRqNqNAKBLU3CAVV4H6lYrXtSK-gkZC0EzjZ4ze_XVDGBd1sOPsbMx4aQgZEiuDJuuk9eqTzzur3IDUdrP0CAwEAAaOCBHQwggRwMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUHAwIwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhpDjDYTVtHiE8Ys-hZvdFs6dEoFghfmRS4WsmTQCAWQCAQcwggHLBggrBgEFBQcBAQSCAb0wggG5MGMGCCsGAQUFBzAChldodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpaW5mcmEvQ2VydHMvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MFMGCCsGAQUFBzAChkdodHRwOi8vY3JsMi5hbWUuZ2JsL2FpYS9DTzFQS0lJTlRDQTAxLkFNRS5HQkxfQU1FJTIwSW5mcmElMjBDQSUyMDA1LmNydDBTBggrBgEFBQcwAoZHaHR0cDovL2NybDMuYW1lLmdibC9haWEvQ08xUEtJSU5UQ0EwMS5BTUUuR0JMX0FNRSUyMEluZnJhJTIwQ0ElMjAwNS5jcnQwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0NPMVBLSUlOVENBMDEuQU1FLkdCTF9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3J0MB0GA1UdDgQWBBSRrAa71kVppeoZonY7QPy_R7XWQzAOBgNVHQ8BAf8EBAMCBaAwggEmBgNVHR8EggEdMIIBGTCCARWgggERoIIBDYY_aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NSTC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMS5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JshjFodHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBJbmZyYSUyMENBJTIwMDUuY3JsMIGdBgNVHSAEgZUwgZIwDAYKKwYBBAGCN3sBATBmBgorBgEEAYI3ewICMFgwVgYIKwYBBQUHAgIwSh5IADMAMwBlADAAMQA5ADIAMQAtADQAZAA2ADQALQA0AGYAOABjAC0AYQAwADUANQAtADUAYgBkAGEAZgBmAGQANQBlADMAMwBkMAwGCisGAQQBgjd7AwIwDAYKKwYBBAGCN3sEAjAfBgNVHSMEGDAWgBR61hmFKHlscXYeYPjzS--iBUIWHTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAChQXwS0_EaMb7G3BWGDeoNhAAEaoKkJVUy5HVGyWKADFm6Tp2WidwOIMoOu-IuoA634ORJ7bIwsC2WhUA0Z8-c2AAD956dAtCkn5pEBXSqwuKMM3l9KOClAY1RiAQcP-GWtmb_mqZspO78GHaq-mwiyIDUICM-uZl-qR6UVt6rLn5xPqHNkenxrslS_G3IJ9yCV1sflxhz93B7VR9H7BtOxd_nqZOD5uSV3OpPnATTRO0KB3VBbZ0KqvdtWoHjNywLqMuhJUufHw2zmlQ-Yj3ndha_yTvOQlT-85ikSoyWI0P4_GeEwX9RdkiVHVzx3gR8HzFKkJXOwRvxQE_9Ov_0&s=ZGUFbYvwERBR968gSdAbUAXeHkNn2tdKMScozgFlnNhAdwvR5pQhT6EF15q-hmGus-0acY3VmpqMZXMUdwxECrSaRxLaQK1PJjTJg44jom2PlLt3-znFHmctuo5RM4dHW_MuYzHOm0QwRQihzNu2VE1fJXsemtosB0LGi2VkYbr3geh7rP9kcm2ozKTIW9qHE6bdzs9JuT4oKc9vCwDJ0585evTd0QLb3eTGWB6s72SBdDyAHVXSSBz1cHTyNZF3DhZCgJ-LxQIcAvs-OISxppsnFoozBQrIAt2KE1toea2FWxP-wySojXD21Dy2dvFAdy1u-Rv_mUx6S39uLXk1eQ&h=zuCpwpaerZZBDmlN9ynEGRkdC0NiLG_3gQIA-I9M87E + cache-control: + - no-cache + content-length: + - '804' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:31 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 8b5f59d8-a0b4-4e24-828b-f504927d0472 + x-ms-operation-identifier: + - tenantId=b5ee6c06-c2c2-4e3c-8606-5f170cee077a,objectId=192e3e2b-8cd9-4e68-aa85-5d89980e81ce/southeastasia/dbbb185b-5a20-4a9c-b091-ac26edb403c5 + x-ms-ratelimit-remaining-subscription-global-writes: + - '2999' + x-ms-ratelimit-remaining-subscription-writes: + - '199' + x-msedge-ref: + - 'Ref A: ADC61F049FD14338A535B08FACD15E4E Ref B: MAA201060515039 Ref C: 2025-06-05T13:42:30Z' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - network application-gateway waf-policy managed-rule exception list + Connection: + - keep-alive + ParameterSetName: + - -g --policy-name + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.31.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1?api-version=2024-03-01 + response: + body: + string: '{"name":"agp1","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_app_gateway_waf_policy_exception_000001/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/agp1","etag":"W/\"57776bce-0cfd-4367-afc8-e7dc91b647b0\"","type":"Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies","location":"eastus2","properties":{"provisioningState":"Succeeded","customRules":[],"policySettings":{"requestBodyCheck":true,"maxRequestBodySizeInKb":128,"fileUploadLimitInMb":100,"state":"Disabled","mode":"Detection","requestBodyInspectLimitInKB":128,"fileUploadEnforcement":true,"requestBodyEnforcement":true},"managedRules":{"managedRuleSets":[{"ruleSetType":"Microsoft_DefaultRuleSet","ruleSetVersion":"2.1","ruleGroupOverrides":[]}],"exclusions":[]}}}' + headers: + cache-control: + - no-cache + content-length: + - '805' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 05 Jun 2025 13:42:32 GMT + etag: + - W/"57776bce-0cfd-4367-afc8-e7dc91b647b0" + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 473ab15d-e9c9-4dc8-8842-b85a9daf37d2 + x-ms-ratelimit-remaining-subscription-global-reads: + - '3749' + x-msedge-ref: + - 'Ref A: 9F32473309AE4913BE290A4ADBD61E6A Ref B: MAA201060513035 Ref C: 2025-06-05T13:42:32Z' + status: + code: 200 + message: OK +version: 1 diff --git a/src/azure-cli/azure/cli/command_modules/network/tests/latest/test_network_commands.py b/src/azure-cli/azure/cli/command_modules/network/tests/latest/test_network_commands.py index a11e2879af4..705457b7a3a 100644 --- a/src/azure-cli/azure/cli/command_modules/network/tests/latest/test_network_commands.py +++ b/src/azure-cli/azure/cli/command_modules/network/tests/latest/test_network_commands.py @@ -2989,6 +2989,30 @@ def test_network_app_gateway_waf_policy_exclusion_rule_set(self, resource_group) ] ) + @ResourceGroupPreparer(name_prefix='cli_test_app_gateway_waf_policy_exception_', location='eastus2') + def test_network_app_gateway_waf_policy_exception(self, resource_group): + self.kwargs.update({ + 'waf': 'agp1', + 'ip': 'pip1', + 'ag': 'ag1', + 'rg': resource_group + }) + + self.cmd('network application-gateway waf-policy create -g {rg} -n {waf}') + + self.cmd('network application-gateway waf-policy managed-rule exception add -g {rg} --policy-name {waf} ' + '--match-variable "RequestURI" --value-match-operator "Contains" --values "health" "account/images" "default.aspx" ' + '--rule-sets [0].rule-set-type=OWASP [0].rule-set-version=3.2') + self.cmd('network application-gateway waf-policy managed-rule exception list -g {rg} --policy-name {waf}', + checks=[ + self.check('exceptions | length(@)', 1) + ]) + self.cmd('network application-gateway waf-policy managed-rule exception remove -g {rg} --policy-name {waf}') + self.cmd('network application-gateway waf-policy managed-rule exception list -g {rg} --policy-name {waf}', + checks=[ + self.not_exists('exceptions') + ]) + class NetworkDdosProtectionScenarioTest(LiveScenarioTest): From ff4c1e2dec4d8aca86005867f72e12479e6e4068 Mon Sep 17 00:00:00 2001 From: "RuiJun Hu (MSFT)" Date: Fri, 6 Jun 2025 10:41:53 +0800 Subject: [PATCH 3/3] update command example --- .../waf_policy/managed_rule/exception/_add.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py index 413c6cfbff3..0da5a7ccb69 100644 --- a/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py +++ b/src/azure-cli/azure/cli/command_modules/network/aaz/latest/network/application_gateway/waf_policy/managed_rule/exception/_add.py @@ -18,7 +18,7 @@ class Add(AAZCommand): """Allows traffic that met configured criteria to skip the configured managed rules. :example: Add and exception rule to the WAF policy managed rules. - az network application-gateway waf-policy managed-rule exception add -g myResourceGroup --policy-name myWAF --match-variable "RequestURI" --value-operator Contains --values "health" "default.aspx" "account/images" + az network application-gateway waf-policy managed-rule exception add -g myResourceGroup --policy-name myWAF --match-variable "RequestURI" --value-operator Contains --values "health" "default.aspx" "account/images" --rule-sets [0].rule-set-type=OWASP [0].rule-set-version=3.2 """ _aaz_info = {