JupiterOne · ndowmon · May 17, 2021 · May 18, 2021 · mknoedel · May 17, 2021
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@ and this project adheres to
 
 ## [Unreleased]
 
+- Added the `FirewallRule` class.
 - Stop requiring `ipAddress` on `NetworkEndpoint` class. Azure private endpoints
   actually relate to a `NetworkInterface` entity, where the IP address lives.
 

diff --git a/src/IntegrationSchema.ts b/src/IntegrationSchema.ts
@@ -251,6 +251,10 @@ import FrameworkJson from './schemas/Framework.json';
 export const Framework = FrameworkJson;
 IntegrationSchema.addSchema(Framework);
 
+import FirewallRuleJson from './schemas/FirewallRule.json';
+export const FirewallRule = FirewallRuleJson;
+IntegrationSchema.addSchema(FirewallRule);
+
 import FirewallJson from './schemas/Firewall.json';
 export const Firewall = FirewallJson;
 IntegrationSchema.addSchema(Firewall);

diff --git a/src/schemas/FirewallRule.json b/src/schemas/FirewallRule.json
@@ -0,0 +1,59 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "#FirewallRule",
+  "description": "A network rule defined on a Firewall or host.",
+  "type": "object",
+  "allOf": [
+    { "$ref": "#Entity" },
+    {
+      "properties": {
+        "priority": {
+          "description": "Priority of the firewall rule. Typically, a number between 0 and 65535.",
+          "type": "integer"
+        },
+        "source": {
+          "description": "Source of the firewall rule. Can be IP address, CIDR range, '*', or other firewall-defined options.",
+          "type": "string"
+        },
+        "sourceIp": {
+          "description": "Source IP of the firewall rule.",
+          "type": "string",
+          "format": "ip"
+        },
+        "sourcePort": {
+          "description": "Source port of the firewall rule. Typically an integer between 0 and 65535, but could also be '*' or range of ports.",
+          "type": ["integer", "string"]
+        },
+        "destination": {
+          "description": "Destination of the firewall rule. Can be IP address, CIDR range, '*', or other firewall-defined options.",
+          "type": "string"
+        },
+        "destinationIp": {
+          "description": "Destination IP of the firewall rule.",
+          "type": "string",
+          "format": "ip"
+        },
+        "destinationPort": {
+          "description": "Destination port of the firewall rule. Typically an integer between 0 and 65535, but could also be 'Any', '*', or range of ports.",
+          "type": ["integer", "string"]
+        },
+        "protocol": {
+          "description": "The protocol of the firewall rule.",
+          "type": "string",
+          "examples": ["TCP", "UDP", "*"]
+        },
+        "direction": {
+          "description": "The direction defined by the firewall rule, typically 'ingress' or 'egress'",
+          "type": "string",
+          "examples": ["ingress", "egress"]
+        },
+        "action": {
+          "description": "The action defined by the firewall rule, typically 'Allow' or 'Deny'",
+          "type": "string",
+          "examples": ["allow", "deny"]
+        }
+      },
+      "required": []
+    }
+  ]
+}