-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaz-firewall-stop.azcli
38 lines (30 loc) · 1.34 KB
/
az-firewall-stop.azcli
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Begin Variables
firewall_name=<Your Azure Firewall Resource Name here>
firewall_resource_group=<Your Azure Firewall's Resource Group here>
## EXAMPLE VARIABLES
#firewall_name=demo-azfw
#firewall_resource_group=AzureFirewall-StartStop-demo
##
# End Variables
# Begin Script
# Make sure az network firewall extension is installed, and upgrade to latest if needed
az extension add --upgrade --name azure-firewall
# Find exact firewall
read firewall_id firewall_sku <<< $(az network firewall show --name $firewall_name --resource-group $firewall_resource_group -o tsv --query "{id:id,sku:sku.name}")
err=$?
# Confirm command success
if [ $err != 0 ]; then
echo -e "Could not find firewall!"
exit 1
# Deallocate VWan Hub firewall
elif [ "$firewall_sku" == "AZFW_Hub" ]; then
echo "Deallocating firewall \"$firewall_name\" in resource group \"$firewall_resource_group\" from VWAN Hub..."
az network firewall update --ids $firewall_id --vhub ''
# Deallocate VNet firewall
else
# Removing all IP configurations and a management IP configuration, if it
# exists, needs to be done in a single operation
echo "Deallocating firewall \"$firewall_name\" in resource group \"$firewall_resource_group\" from VNet..."
az network firewall update --ids $firewall_id --remove ipConfigurations --remove managementIpConfiguration
fi
# End Script