az network firewall policy rule-collection-group collection add-filter-collection returns a 'Bad Request'

[plynch66]

Hi,

I can create an empty Network Rule Collection within a Rule Collection Group using the Azure Portal but if I try the same action using the Azure CLI the command fails .

The detailed error message is :

"statusMessage": "{"Message":"The request is invalid.","ModelState":{"resource":["{\"Status\":\"Failed\",\"Error\":{\"Code\":\"FirewallPolicyRuleIpAddressesAndPortsMustBeSpecified\",\"Message\":\"Firewall Policy Rule should have IP addresses and ports specified. * is used to match all.\",\"Target\":null}}"]}}"

The documentation states that the only required parameters are :
--collection-priority
--name
--policy-name
--rule-collection-group-name
--resource-group

However, the Azure Portal requires you to specify an action (either Allow or Deny) when completing this task. The Portal also allows you to create an empty rule collection without adding any rules at creation time but I am unable to do this using the AZ CLI.

---

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: 6638413c-945b-bcfb-faf9-902dc792fbcb
• Version Independent ID: 852c0d17-43b9-4fdc-0d6f-bc34355ab586
• Content: az network firewall policy rule-collection-group collection
• Content Source: latest/docs-ref-autogen/network/firewall/policy/rule-collection-group/collection.yml
• Service: virtual-network
• GitHub Login: @rloutlaw
• Microsoft Alias: routlaw

[yonzhan]

@necusjz for awareness