Azure
Support for DDoS Per IP SKU Feature + Public Preview
Related command
az network public-ip az network ddos-protection
New-Commands: az network public-ip ddos-protection-status az network vnet ddos-protection-status
Resource Provider
Microsoft.Network
Description of Feature or Work Requested
Feature request (2 Parts)
- We want customer to be able to set DDoS Protection Mode on public IP as well as linking it to a ddos plan only if ProtectionMode = Enabled
- We allow getting the ddos-protection-status on a PIP or a VNet (if called on VNet, we return a paginated list under it)
For little more specifics:
az network public-ip Add Protection Mode enum param (--ddos-protection-mode) Add DDoS Protection Plan param (--ddos-protection-plan)
az network ddos-protection Add Public Ip Addresses param (--publicIpAddresses)
az network public-ip ddos-protection-status - New Command az network vnet ddos-protection-status - New Command
These are self-explanatory - you pass in either a PIP or VNet respectively and an object containing details about the protection status is returned
Minimum API Version Required
2022-05-01
Swagger PR link / SDK link
https://github.com/Azure/azure-rest-api-specs/pull/19985
Request Example
For examples of responses on the new commands (az network public-ip ddos-protection-status & az network vnet ddos-protection-status)
(az network vnet ddos-protection-status) https://github.com/Azure/azure-rest-api-specs/blob/main/specification/network/resource-manager/Microsoft.Network/stable/2022-05-01/examples/VirtualNetworkGetDdosProtectionStatus.json
(az network public-ip ddos-protection-status) https://github.com/Azure/azure-rest-api-specs/blob/main/specification/network/resource-manager/Microsoft.Network/stable/2022-05-01/examples/PublicIpAddressGetDdosProtectionStatus.json
Target Date
We are targeting it for Ignite so by Oct 12-14th
Additional context
No response
Can we get this into the earlier sprint? Seems like the Oct 2022 sprint will not be in time for Ignite and we really really need this in by Ignite. Thanks :)
Can we get this into the earlier sprint? Seems like the Oct 2022 sprint will not be in time for Ignite and we really really need this in by Ignite. Thanks :)
We're evaluating the feasibility of the solution, as you can see the API Version you mentioned (2022-05-01) is higher than the latest public Python SDK (https://pypi.org/project/azure-mgmt-network/). It means we have to bypass the SDK to implement it at that moment.
We'll keep you updated about the evaluation result.
@necusjz Hi - so I was reviewing the changes for the PR and as testing the changes
The parameter that was added to the public ip is called "--protection-mode", I asked for it to be "--ddos-protection-mode"
Can we make this fix asap as a hotfix?
@necusjz Hi - so I was reviewing the changes for the PR and as testing the changes
The parameter that was added to the public ip is called "--protection-mode", I asked for it to be "--ddos-protection-mode"
Can we make this fix asap as a hotfix?
Our team do has some criteria for hotfix (https://eng.ms/docs/cloud-ai-platform/azure-core/azure-management-and-platforms/control-plane-bburns/azure-cli-tools-azure-cli-powershell-and-terraform/azure-cli-tools/teams_docs/azcli_docs/hotfix_release), it seems that this requirement is not qualified.
We'll deliver it within Azure 2.42.0 in 11/01.
Hi @necusjz and @ZengTaoxu hope you guys are doing well.
We have fixed the issues with the --ddos-protection-plan property, can we finish the work related to adding this property on the public ip resource
Please let us know if you have any questions with implementing the property on CLI :) we would like to have this done by our GA date which is by end of month in Jan.
Hi @necusjz and @ZengTaoxu hope you guys are doing well.
We have fixed the issues with the --ddos-protection-plan property, can we finish the work related to adding this property on the public ip resource
Please let us know if you have any questions with implementing the property on CLI :) we would like to have this done by our GA date which is by end of month in Jan.
@mchakka As it's been a long time, could you open a new feature request for our better planning and tracking? Thanks.