Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
azure - update firewall-rules filter to use effective rule set #4756
We didn't consider Default action previously. That way, if all rules were properly configured, but Firewall was disabled, we won't be able to find resources with violation without extra filters in c7n.
This change updates the behavior to consider Default action by appending 0.0.0.0/0 CIDR if default action is Allow (since Azure resources can't explicitly block certain IPs).
Update tests to verify changed behavior for