Allow * in azurerm_firewall_policy_rule_collection_group.network_rule…

…_collection.destination_ports (#11326)

Fixes #10918

azurerm/internal/services/firewall/firewall_policy_rule_collection_group_resource.go

@@ -257,8 +257,11 @@ func resourceFirewallPolicyRuleCollectionGroup() *schema.Resource {
 										Type:     schema.TypeSet,
 										Required: true,
 										Elem: &schema.Schema{
-											Type:         schema.TypeString,
-											ValidateFunc: azValidate.PortOrPortRangeWithin(1, 65535),
+											Type: schema.TypeString,
+											ValidateFunc: validation.Any(
+												azValidate.PortOrPortRangeWithin(1, 65535),
+												validation.StringInSlice([]string{`*`}, false),
+											),
 										},
 									},
 								},

azurerm/internal/services/firewall/firewall_policy_rule_collection_group_resource_test.go

@@ -239,6 +239,13 @@ resource "azurerm_firewall_policy_rule_collection_group" "test" {
       destination_ip_groups = [azurerm_ip_group.test_destination.id]
       destination_ports     = ["80", "1000-2000"]
     }
+    rule {
+      name                  = "network_rule_collection1_rule4"
+      protocols             = ["ICMP"]
+      source_ip_groups      = [azurerm_ip_group.test_source.id]
+      destination_ip_groups = [azurerm_ip_group.test_destination.id]
+      destination_ports     = ["*"]
+    }
   }
 
   nat_rule_collection {
@@ -373,6 +380,13 @@ resource "azurerm_firewall_policy_rule_collection_group" "test" {
       destination_ip_groups = [azurerm_ip_group.test_destination.id]
       destination_ports     = ["80", "1-65535"]
     }
+    rule {
+      name                  = "network_rule_collection1_rule4"
+      protocols             = ["ICMP"]
+      source_ip_groups      = [azurerm_ip_group.test_source.id]
+      destination_ip_groups = [azurerm_ip_group.test_destination.id]
+      destination_ports     = ["*"]
+    }
   }
 
   nat_rule_collection {