Azure · cxznmhdcxz · Jun 3, 2025 · Copilot · Jun 3, 2025
@@ -134,6 +134,11 @@
 helps['network firewall network-rule create'] = """
     type: command
     short-summary: Create an Azure Firewall network rule.
+    examples:
+    - name: Create a network rule
+      text: |
+        az network firewall network-rule create -g myrg -n network-rule -c collection --priority --action Allow -f af1 \
+--source-addresses 10.0.0.0 111.1.0.0/24 --protocols UDP TCP ICMP --destination-fqdns www.bing.com --destination-ports 80
 """
 
 helps['network firewall network-rule delete'] = """
@@ -182,6 +187,11 @@
 helps['network firewall nat-rule create'] = """
     type: command
     short-summary: Create an Azure Firewall NAT rule.
+    examples:
+    - name: Create a NAT rule
+      text: |
+        az network firewall nat-rule create -g myrg -n natrule -c collection --priority --action Dnat -f af1 \
+--source-addresses 10.0.0.0 111.1.0.0/24 --protocols UDP TCP --translated-fqdn server.test.com --destination-ports 96 --destination-addresses 12.36.22.14 --translated-port 95
 """
 
 helps['network firewall nat-rule delete'] = """

@@ -16,6 +16,9 @@
 )
 class Create(AAZCommand):
     """Create an Azure firewall policy.
+
+    :example: Create a Firewall Policy
+        az network firewall policy create -g MyResourceGroup -n MyFirewallPolicy --sql true
     """
 
     _aaz_info = {

@@ -18,6 +18,9 @@
 
 class Create(AAZCommand):
     """Create a draft Firewall Policy.
+
+    :example:   Create a draft Firewall Policy.
+        az network firewall policy draft create --policy-name MyFirewallPolicy --resource-group MyResourceGroup
     """
 
     _aaz_info = {

@@ -17,6 +17,9 @@
 )
 class Create(AAZCommand):
     """Create an Azure firewall policy rule collection group.
+
+    :example:
+        az network firewall policy rule-collection-group create -g MyResourceGroup --priority 100 --policy-name MyFirewallPolicy -n MyRuleCollectionGroup
     """
 
     _aaz_info = {

@@ -17,6 +17,9 @@
 )
 class Create(AAZCommand):
     """Create an Azure firewall policy rule collection group draft.
+
+    :example:   Create a firewall policy rule collection group draft.
+        az network firewall policy rule-collection-group draft create -g MyResourceGroup --rule-collection-group-name MyRuleCollectionGroup --priority 150 --policy-name MyFirewallPolicy
     """
 
     _aaz_info = {

@@ -922,9 +922,15 @@ def pre_operations(self):
             args.user_assigned_identities = None
 
 
+@register_command(
+    "network firewall policy intrusion-detection add",
+)
 class AzureFirewallPolicyIntrusionDetectionAdd(_AzureFirewallPoliciesUpdate):
     """
     Add override for intrusion signature or a bypass rule or private ranges list for intrusion detection
+
+    :example: Add an override for private ranges
+        az network firewall policy intrusion-detection add -g MyResourceGroup --policy-name MyPolicy --mode Deny --signature-id id --private-ranges 167.220.204.0/24 167.221.205.101/32
     """
 
     @classmethod
@@ -1132,9 +1138,15 @@ def _build_arguments_schema(cls, *args, **kwargs):
         return args_schema
 
 
+@register_command(
+    "network firewall policy draft intrusion-detection add",
+)
 class AzureFirewallPolicyDraftIntrusionDetectionAdd(_AzureFirewallPolicyDraftsUpdate):
     """
     Add overrided intrusion signature or a bypass rule or private ranges list for intrusion detection
+
+    :example: Add an overrided intrusion signature
+        az network firewall policy draft intrusion-detection add -g MyResourceGroup --policy-name MyPolicy --mode Deny --signature-id id --private-ranges 167.220.204.0/24 167.221.205.101/32
     """
 
     @classmethod
@@ -1817,6 +1829,11 @@ def _output(self, *args, **kwargs):
 class RuleCollectionGroupFilterRuleAdd(_RuleCollectionGroupUpdate):
     """
     Add a rule into an Azure firewall policy rule collection.
+
+    :example: Add a rule into the filter collection
+        az network firewall policy rule-collection-group collection rule add -g rg --policy-name policy --rule-collection-group-name mycg \
+--collection-name mycollection --name myrule --rule-type ApplicationRule --description "test" --source-addresses 202.120.36.13 202.120.36.14 \
+--destination-addresses 10.120.36.15 10.120.36.16 --target-urls microsoft.com
     """
 
     @classmethod
@@ -2780,6 +2797,11 @@ def _output(self, *args, **kwargs):
 class RuleCollectionGroupDraftFilterRuleAdd(_RuleCollectionGroupDraftUpdate):
     """
     Add a rule into an Azure firewall policy draft rule collection.
+
+    :example: Add a rule into the rule collection group draft        
+        az network firewall policy rule-collection-group draft collection rule add -g rg --policy-name mypolicy --rule-collection-group-name mycg \
+--collection-name mycollection --name myrule --rule-type ApplicationRule --description "test" --source-addresses 202.120.36.13 202.120.36.14 \
+--destination-addresses 202.120.36.15 202.120.36.16 --protocols Http= Https= --target-fqdns www.bing.com
     """
 
     @classmethod