feat(firewall) : add firewall feature to support route table egress + to enable udr #947
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 13 commits
November 26, 2025 20:04
vittoriasalim
requested review from
alyssa1303,
anson627,
sumanthreddy29,
wonderyl and
xinWeiWei24
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds Azure Firewall support to the Terraform Azure modules, enabling users to configure firewalls with NAT, network, and application rule collections. The implementation includes a new firewall submodule with comprehensive rule configuration options and proper integration with the existing network module infrastructure.
Key Changes
- Added new firewall submodule under
modules/terraform/azure/network/firewall/with support for NAT, network, and application rule collections - Extended variable definitions at both the top-level (
modules/terraform/azure/variables.tf) and network module (modules/terraform/azure/network/variables.tf) to include firewall configuration - Added public IP address output to support firewall IP tracking
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| modules/terraform/azure/variables.tf | Added firewall configuration object to network_config_list with support for SKU, DNS, and rule collections |
| modules/terraform/azure/public-ip/output.tf | Added pip_addresses output to map public IP names to their addresses |
| modules/terraform/azure/network/variables.tf | Added firewall configuration to network_config with inline comments documenting valid values |
| modules/terraform/azure/network/output.tf | Added firewalls output to expose private IP addresses of deployed firewalls |
| modules/terraform/azure/network/main.tf | Integrated firewall module with for_each loop over firewall configurations |
| modules/terraform/azure/network/firewall/variables.tf | Defined firewall_config variable with comprehensive rule collection schemas |
| modules/terraform/azure/network/firewall/output.tf | Defined private_ip_address output for firewall instances |
| modules/terraform/azure/network/firewall/main.tf | Implemented azurerm_firewall resource with NAT, network, and application rule collections |
| modules/terraform/azure/network/firewall/README.md | Added documentation for the firewall module with usage examples |
added 2 commits
November 27, 2025 23:44
vittoriasalim
force-pushed
the
vitto/firewalls_feat
branch
2 times, most recently
from
daa33f2 to
df33e96
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
as title