Azure · tjprescott · Aug 22, 2018 · Aug 17, 2018 · Aug 20, 2018 · Aug 21, 2018
diff --git a/src/command_modules/azure-cli-network/HISTORY.rst b/src/command_modules/azure-cli-network/HISTORY.rst
@@ -7,6 +7,8 @@ Release History
 +++++
 * Add `network public-ip prefix` commands to support public IP prefixes features.
 * Add `network service-endpoint` commands to support service endpoint policy features.
+* Add `network lb outbound-rule` commands to support creation of Standard Load Balancer outbound rules.
+* Add `--public-ip-prefix` to `network lb frontend-ip create/update` to support frontend IP configurations using public IP prefixes.
 
 2.2.4
 +++++

diff --git a/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_help.py b/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_help.py
@@ -2211,6 +2211,38 @@
 """
 # endregion
 
+# region Load Balancer outbound rule
+helps['network lb outbound-rule'] = """
+    type: group
+    short-summary: Manage outbound rules of a load balancer.
+"""
+
+helps['network lb outbound-rule create'] = """
+    type: command
+    short-summary: Create an outbound-rule.
+"""
+
+helps['network lb outbound-rule delete'] = """
+    type: command
+    short-summary: Delete an outbound-rule.
+"""
+
+helps['network lb outbound-rule list'] = """
+    type: command
+    short-summary: List outbound rules.
+"""
+
+helps['network lb outbound-rule show'] = """
+    type: command
+    short-summary: Get the details of an outbound rule.
+"""
+
+helps['network lb outbound-rule update'] = """
+    type: command
+    short-summary: Update an outbound-rule.
+"""
+# endregion
+
 # region Load Balancer probe
 helps['network lb probe'] = """
     type: group

diff --git a/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_params.py b/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_params.py
@@ -465,6 +465,7 @@ def load_arguments(self, _):
         {'name': 'inbound-nat-pool', 'display': 'inbound NAT pool', 'ref': 'inbound_nat_pools'},
         {'name': 'rule', 'display': 'load balancing rule', 'ref': 'load_balancing_rules'},
         {'name': 'probe', 'display': 'probe', 'ref': 'probes'},
+        {'name': 'outbound-rule', 'display': 'outbound rule', 'ref': 'outbound_rules'},
     ]
     for item in lb_subresources:
         with self.argument_context('network lb {}'.format(item['name'])) as c:
@@ -524,6 +525,13 @@ def load_arguments(self, _):
         c.argument('protocol', help='The protocol to probe.', arg_type=get_enum_type(ProbeProtocol))
         c.argument('threshold', help='The number of consecutive probe failures before an instance is deemed unhealthy.')
 
+    with self.argument_context('network lb outbound-rule') as c:
+        c.argument('backend_address_pool', options_list='--address-pool', help='Name or ID of the backend address pool.')
+        c.argument('frontend_ip_configurations', options_list='--frontend-ip-configs', help='Space-separated list of frontend IP configuration names or IDs.', nargs='+')
+        c.argument('enable_tcp_reset', arg_type=get_three_state_flag(), help='Receive bidirectional TCP reset on TCP flow idle timeout or unexpected connection termination. Only used when protocol is set to TCP.')
+        c.argument('protocol', arg_type=get_enum_type(TransportProtocol), help='Network transport protocol.')
+        c.argument('outbound_ports', type=int, help='The number of outbound ports to be used for NAT.')
+
     with self.argument_context('network lb rule') as c:
         c.argument('load_distribution', help='Affinity rule settings.', arg_type=get_enum_type(LoadDistribution))
         c.argument('probe_name', help='Name of an existing probe to associate with this rule.')
@@ -762,6 +770,10 @@ def load_arguments(self, _):
             c.argument('sku', min_api='2017-08-01', help='Public IP SKU', default=PublicIPAddressSkuName.basic.value if PublicIPAddressSkuName is not None and item == 'create' else None, arg_type=get_enum_type(PublicIPAddressSkuName))
             c.argument('version', min_api='2016-09-01', help='IP address type.', arg_type=get_enum_type(IPVersion, 'ipv4'))
 
+    for scope in ['public-ip', 'lb frontend-ip']:
+        with self.argument_context('network {}'.format(scope), min_api='2018-07-01') as c:
+            c.argument('public_ip_prefix', help='Name or ID of a public IP prefix.')
+
     with self.argument_context('network public-ip prefix') as c:
         c.argument('public_ip_prefix_name', name_arg_type, completer=get_resource_name_completion_list('Microsoft.Network/publicIPPrefixes'), id_part='name', help='The name of the public IP prefix.')
         c.argument('location', get_location_type(self.cli_ctx), validator=get_default_location_from_resource_group)

diff --git a/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_validators.py b/src/command_modules/azure-cli-network/azure/cli/command_modules/network/_validators.py
@@ -250,6 +250,19 @@ def validate_ip_tags(cmd, namespace):
         namespace.ip_tags = ip_tags
 
 
+def validate_frontend_ip_configs(cmd, namespace):
+    from msrestazure.tools import is_valid_resource_id
+    if namespace.frontend_ip_configurations:
+        config_ids = []
+        for item in namespace.frontend_ip_configurations:
+            if not is_valid_resource_id(item):
+                config_ids.append(_generate_lb_subproperty_id(
+                    cmd.cli_ctx, namespace, 'frontendIpConfigurations', item))
+            else:
+                config_ids.append(item)
+        namespace.frontend_ip_configurations = config_ids
+
+
 def validate_metadata(namespace):
     if namespace.metadata:
         namespace.metadata = dict(x.split('=', 1) for x in namespace.metadata)
@@ -606,11 +619,21 @@ def process_lb_create_namespace(cmd, namespace):
 
 
 def process_lb_frontend_ip_namespace(cmd, namespace):
+    from msrestazure.tools import is_valid_resource_id, resource_id
     if namespace.subnet and namespace.public_ip_address:
         raise ValueError(
             'incorrect usage: --subnet NAME --vnet-name NAME | '
             '--subnet ID | --public-ip NAME_OR_ID')
 
+    if namespace.public_ip_prefix:
+        if not is_valid_resource_id(namespace.public_ip_prefix):
+            namespace.public_ip_prefix = resource_id(
+                subscription=get_subscription_id(cmd.cli_ctx),
+                resource_group=namespace.resource_group_name,
+                namespace='Microsoft.Network',
+                type='publicIpPrefixes',
+                name=namespace.public_ip_prefix)
+
     if namespace.subnet:
         get_subnet_validator()(cmd, namespace)
     else:
@@ -1095,3 +1118,14 @@ def process_nw_troubleshooting_show_namespace(cmd, namespace):
             raise resource_usage
 
     get_network_watcher_from_resource(cmd, namespace)
+
+
+def process_lb_outbound_rule_namespace(cmd, namespace):
+    from msrestazure.tools import is_valid_resource_id
+
+    validate_frontend_ip_configs(cmd, namespace)
+
+    if namespace.backend_address_pool:
+        if not is_valid_resource_id(namespace.backend_address_pool):
+            namespace.backend_address_pool = _generate_lb_subproperty_id(
+                cmd.cli_ctx, namespace, 'backendAddressPools', namespace.backend_address_pool)
diff --git a/src/command_modules/azure-cli-network/azure/cli/command_modules/network/commands.py b/src/command_modules/azure-cli-network/azure/cli/command_modules/network/commands.py
@@ -46,7 +46,8 @@
     process_nw_troubleshooting_start_namespace, process_nw_troubleshooting_show_namespace,
     process_public_ip_create_namespace, process_tm_endpoint_create_namespace,
     process_vnet_create_namespace, process_vnet_gateway_create_namespace, process_vnet_gateway_update_namespace,
-    process_vpn_connection_create_namespace, process_route_table_create_namespace)
+    process_vpn_connection_create_namespace, process_route_table_create_namespace,
+    process_lb_outbound_rule_namespace)
 
 
 # pylint: disable=too-many-locals, too-many-statements
@@ -425,7 +426,7 @@ def _make_singular(value):
         'inbound_nat_pools': 'inbound-nat-pool',
         'backend_address_pools': 'address-pool',
         'load_balancing_rules': 'rule',
-        'probes': 'probe'
+        'probes': 'probe',
     }
     for subresource, alias in property_map.items():
         with self.command_group('network lb {}'.format(alias), network_util) as g:
@@ -462,6 +463,15 @@ def _make_singular(value):
         g.generic_update_command('update', child_collection_prop_name='probes',
                                  custom_func_name='set_lb_probe')
 
+    with self.command_group('network lb outbound-rule', network_lb_sdk, min_api='2018-07-01') as g:
+        g.custom_command('create', 'create_lb_outbound_rule', validator=process_lb_outbound_rule_namespace)
+        g.generic_update_command('update', child_collection_prop_name='outbound_rules',
+                                 custom_func_name='set_lb_outbound_rule', validator=process_lb_outbound_rule_namespace)
+
+    with self.command_group('network lb outbound-rule', network_util, min_api='2018-07-01') as g:
+        g.command('list', list_network_resource_property('load_balancers', 'outbound_rules'))
+        g.show_command('show', get_network_resource_property_entry('load_balancers', 'outbound_rules'))
+        g.command('delete', delete_network_resource_property_entry('load_balancers', 'outbound_rules'))
     # endregion
 
     # region LocalGateways

diff --git a/src/command_modules/azure-cli-network/azure/cli/command_modules/network/custom.py b/src/command_modules/azure-cli-network/azure/cli/command_modules/network/custom.py
@@ -1759,17 +1759,18 @@ def set_lb_inbound_nat_pool(
 
 def create_lb_frontend_ip_configuration(
         cmd, resource_group_name, load_balancer_name, item_name, public_ip_address=None,
-        subnet=None, virtual_network_name=None, private_ip_address=None,
+        public_ip_prefix=None, subnet=None, virtual_network_name=None, private_ip_address=None,
         private_ip_address_allocation='dynamic', zone=None):
-    FrontendIPConfiguration, PublicIPAddress, Subnet = cmd.get_models(
-        'FrontendIPConfiguration', 'PublicIPAddress', 'Subnet')
+    FrontendIPConfiguration, SubResource, Subnet = cmd.get_models(
+        'FrontendIPConfiguration', 'SubResource', 'Subnet')
     ncf = network_client_factory(cmd.cli_ctx)
     lb = ncf.load_balancers.get(resource_group_name, load_balancer_name)
     new_config = FrontendIPConfiguration(
         name=item_name,
         private_ip_address=private_ip_address,
         private_ip_allocation_method=private_ip_address_allocation,
-        public_ip_address=PublicIPAddress(id=public_ip_address) if public_ip_address else None,
+        public_ip_address=SubResource(id=public_ip_address) if public_ip_address else None,
+        public_ip_prefix=SubResource(id=public_ip_prefix) if public_ip_prefix else None,
         subnet=Subnet(id=subnet) if subnet else None)
 
     if zone and cmd.supported_api_version(min_api='2017-06-01'):
@@ -1815,6 +1816,39 @@ def create_lb_backend_address_pool(cmd, resource_group_name, load_balancer_name,
     return _get_property(poller.result().backend_address_pools, item_name)
 
 
+def create_lb_outbound_rule(cmd, resource_group_name, load_balancer_name, item_name,
+                            backend_address_pool, frontend_ip_configurations, outbound_ports=None,
+                            protocol=None, enable_tcp_reset=None, idle_timeout=None):
+    OutboundRule, SubResource = cmd.get_models('OutboundRule', 'SubResource')
+    client = network_client_factory(cmd.cli_ctx).load_balancers
+    lb = client.get(resource_group_name, load_balancer_name)
+    rule = OutboundRule(
+        protocol=protocol, enable_tcp_reset=enable_tcp_reset, idle_timeout_in_minutes=idle_timeout,
+        backend_address_pool=SubResource(id=backend_address_pool),
+        frontend_ip_configurations=[SubResource(id=x) for x in frontend_ip_configurations] \
+            if frontend_ip_configurations else None,
+        allocated_outbound_ports=outbound_ports, name=item_name)
+    _upsert(lb, 'outbound_rules', rule, 'name')
+    poller = client.create_or_update(resource_group_name, load_balancer_name, lb)
+    return _get_property(poller.result().outbound_rules, item_name)
+
+
+def set_lb_outbound_rule(instance, cmd, parent, item_name, protocol=None, outbound_ports=None,
+                         idle_timeout=None, frontend_ip_configurations=None, enable_tcp_reset=None,
+                         backend_address_pool=None):
+    SubResource = cmd.get_models('SubResource')
+    _set_param(instance, 'protocol', protocol)
+    _set_param(instance, 'allocated_outbound_ports', outbound_ports)
+    _set_param(instance, 'idle_timeout_in_minutes', idle_timeout)
+    _set_param(instance, 'enable_tcp_reset', enable_tcp_reset)
+    _set_param(instance, 'backend_address_pool', SubResource(id=backend_address_pool) \
+        if backend_address_pool else None)
+    _set_param(instance, 'frontend_ip_configurations', \
+        [SubResource(x) for x in frontend_ip_configurations] if frontend_ip_configurations else None)
+
+    return parent
+
+
 def create_lb_probe(cmd, resource_group_name, load_balancer_name, item_name, protocol, port,
                     path=None, interval=None, threshold=None):
     Probe = cmd.get_models('Probe')