functions/Update-FMFirewallPolicy.ps1

function Update-FMFirewallPolicy {
    <#
    .SYNOPSIS
    Adds new firewall policies to the given ADOM and policy package.
 
    .DESCRIPTION
    Adds new firewall policies to the given ADOM and policy package.
 
    .PARAMETER Connection
    The API connection object.
 
    .PARAMETER ADOM
    The (non-default) ADOM for the requests.
 
    .PARAMETER Package
    The name of the policy package
 
    .PARAMETER Policy
    The new policy, generated e.g. by using New-FMObjAddress
 
    .PARAMETER Overwrite
    If used and an policy with the given name already exists the data will be overwritten.
 
      .PARAMETER EnableException
    Should Exceptions been thrown?
 
    .EXAMPLE
    #To Be Provided
 
    Later
    .NOTES
    General notes
    #>

    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
    param (
        [parameter(Mandatory=$false)]
        $Connection = (Get-FMLastConnection),
        [string]$ADOM,
        [parameter(mandatory = $true, ParameterSetName = "default")]
        [string]$Package,
        [parameter(mandatory = $true, ValueFromPipeline = $true, ParameterSetName = "default")]
        [object[]]$Policy,
        [bool]$EnableException = $true
    )
    begin {
        $policyList = @()
        $explicitADOM = Resolve-FMAdom -Connection $Connection -Adom $ADOM
        Write-PSFMessage "`$explicitADOM=$explicitADOM"
    }
    process {
        $Policy | ForEach-Object {
            $policyList += $_ | ConvertTo-PSFHashtable -Include @(
                # "_policy_block"
                "action"
                "anti-replay"
                "application-list"
                "auth-cert"
                "auth-path"
                "auth-redirect-addr"
                "auto-asic-offload"
                "av-profile"
                "block-notification"
                "captive-portal-exempt"
                "capture-packet"
                "cifs-profile"
                "comments"
                "custom-log-fields"
                "decrypted-traffic-mirror"
                "delay-tcp-npu-session"
                "diffserv-forward"
                "diffserv-reverse"
                "diffservcode-forward"
                "diffservcode-rev"
                "disclaimer"
                "dlp-profile"
                "dnsfilter-profile"
                "dsri"
                "dstaddr"
                "dstaddr-negate"
                "dstaddr6"
                "dstintf"
                "dynamic-shaping"
                "email-collect"
                "emailfilter-profile"
                "fec"
                "file-filter-profile"
                "firewall-session-dirty"
                "fixedport"
                "fsso-agent-for-ntlm"
                "fsso-groups"
                "geoip-anycast"
                "geoip-match"
                "global-label"
                "groups"
                "gtp-profile"
                "http-policy-redirect"
                "icap-profile"
                "identity-based-route"
                "inbound"
                "inspection-mode"
                "internet-service"
                "internet-service-custom"
                "internet-service-custom-group"
                "internet-service-group"
                "internet-service-name"
                "internet-service-negate"
                "internet-service-src"
                "internet-service-src-custom"
                "internet-service-src-custom-group"
                "internet-service-src-group"
                "internet-service-src-name"
                "internet-service-src-negate"
                "ippool"
                "ips-sensor"
                "label"
                "logtraffic"
                "logtraffic-start"
                "match-vip"
                "match-vip-only"
                "name"
                "nat"
                "nat46"
                "nat64"
                "natinbound"
                "natip"
                "natoutbound"
                "np-acceleration"
                "ntlm"
                "ntlm-enabled-browsers"
                "ntlm-guest"
                "outbound"
                "passive-wan-health-measurement"
                "per-ip-shaper"
                "permit-any-host"
                "permit-stun-host"
                "pfcp-profile"
                "policy-expiry"
                "policy-expiry-date"
                "policyid"
                "poolname"
                "poolname6"
                "profile-group"
                "profile-protocol-options"
                "profile-type"
                "radius-mac-auth-bypass"
                "redirect-url"
                "replacemsg-override-group"
                "reputation-direction"
                "reputation-minimum"
                "rtp-addr"
                "rtp-nat"
                "schedule"
                "schedule-timeout"
                "sctp-filter-profile"
                "scope member"
                "send-deny-packet"
                "service"
                "service-negate"
                "session-ttl"
                "sgt"
                "sgt-check"
                "src-vendor-mac"
                "srcaddr"
                "srcaddr-negate"
                "srcaddr6"
                "srcintf"
                "ssh-filter-profile"
                "ssh-policy-redirect"
                "ssl-ssh-profile"
                "status"
                "tcp-mss-receiver"
                "tcp-mss-sender"
                "tcp-session-without-syn"
                "timeout-send-rst"
                "tos"
                "tos-mask"
                "tos-negate"
                "traffic-shaper"
                "traffic-shaper-reverse"
                "users"
                "utm-status"
                "uuid"
                "videofilter-profile"
                "vlan-cos-fwd"
                "vlan-cos-rev"
                "vlan-filter"
                "voip-profile"
                "vpntunnel"
                "waf-profile"
                "wanopt"
                "wanopt-detection"
                "wanopt-passive-opt"
                "wanopt-peer"
                "wanopt-profile"
                "wccp"
                "webcache"
                "webcache-https"
                "webfilter-profile"
                "webproxy-forward-server"
                "webproxy-profile"
                "ztna-ems-tag"
                "ztna-geo-tag"
                "ztna-status"
            )
        }
    }
    end {
        $apiCallParameter = @{
            EnableException     = $EnableException
            Connection          = $Connection
            LoggingAction       = "Update-FMFirewallPolicy"
            LoggingActionValues = @($policyList.count, $explicitADOM, $Package)
            method              = "update"
            Path                = "/pm/config/adom/$explicitADOM/pkg/$Package/firewall/policy"
            Parameter           = @{
                "data" = $policyList
            }
        }
        $result = Invoke-FMAPI @apiCallParameter
        if (-not $EnableException) {
            return ($null -ne $result)
        }
    }
}