مشاركة عبر


az network nsg

Manage Azure Network Security Groups (NSGs).

You can control network traffic to resources in a virtual network using a network security group. A network security group contains a list of security rules that allow or deny inbound or outbound network traffic based on source or destination IP addresses, Application Security Groups, ports, and protocols. For more information visit https://learn.microsoft.com/azure/virtual-network/virtual-networks-create-nsg-arm-cli.

Commands

Name Description Type Status
az network nsg create

Create a network security group.

Core GA
az network nsg delete

Delete a network security group.

Core GA
az network nsg list

List network security groups.

Core GA
az network nsg rule

Manage network security group rules.

Core GA
az network nsg rule create

Create a network security group rule.

Core GA
az network nsg rule delete

Delete a network security group rule.

Core GA
az network nsg rule list

List all rules in a network security group.

Core GA
az network nsg rule show

Get the details of a network security group rule.

Core GA
az network nsg rule update

Update a network security group rule.

Core GA
az network nsg rule wait

Place the CLI in a waiting state until a condition is met.

Core GA
az network nsg show

Get information about a network security group.

Core GA
az network nsg update

Update a network security group.

Core GA
az network nsg wait

Place the CLI in a waiting state until a condition is met.

Core GA

az network nsg create

Create a network security group.

az network nsg create --name
                      --resource-group
                      [--location]
                      [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                      [--tags]

Examples

Create an NSG in a resource group within a region with tags.

az network nsg create -g MyResourceGroup -n MyNsg --tags foo=bar

Required Parameters

--name -n

Name of the network security group.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network nsg delete

Delete a network security group.

az network nsg delete [--ids]
                      [--name]
                      [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                      [--resource-group]
                      [--subscription]

Examples

Delete an NSG in a resource group.

az network nsg delete -g MyResourceGroup -n MyNsg

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

Name of the network security group.

Property Value
Parameter group: Resource Id Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network nsg list

List network security groups.

az network nsg list [--resource-group]

Examples

List all NSGs in the 'westus' region.

az network nsg list --query "[?location=='westus']"

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network nsg show

Get information about a network security group.

az network nsg show [--expand]
                    [--ids]
                    [--name]
                    [--resource-group]
                    [--subscription]

Examples

Get basic information about an NSG.

az network nsg show -g MyResourceGroup -n MyNsg

Get the default security rules of an NSG and format the output as a table.

az network nsg show -g MyResourceGroup -n MyNsg --query "defaultSecurityRules[]" -o table

Get all default NSG rules with "Allow" access and format the output as a table.

az network nsg show -g MyResourceGroup -n MyNsg --query "defaultSecurityRules[?access=='Allow']" -o table

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--expand

Expands referenced resources. Default value is None.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

Name of the network security group.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network nsg update

Update a network security group.

This command can only be used to update the tags of an NSG. Name and resource group are immutable and cannot be updated.

az network nsg update [--add]
                      [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                      [--ids]
                      [--location]
                      [--name]
                      [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                      [--remove]
                      [--resource-group]
                      [--set]
                      [--subscription]
                      [--tags]

Examples

Remove a tag of an NSG.

az network nsg update -g MyResourceGroup -n MyNsg --remove tags.no_80

Update a network security group. (autogenerated)

az network nsg update --name MyNsg --resource-group MyResourceGroup --set tags.CostCenter=MyBusinessGroup

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

Property Value
Parameter group: Generic Update Arguments
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Property Value
Parameter group: Generic Update Arguments
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--name -n

Name of the network security group.

Property Value
Parameter group: Resource Id Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

Property Value
Parameter group: Generic Update Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Property Value
Parameter group: Generic Update Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network nsg wait

Place the CLI in a waiting state until a condition is met.

az network nsg wait [--created]
                    [--custom]
                    [--deleted]
                    [--exists]
                    [--expand]
                    [--ids]
                    [--interval]
                    [--name]
                    [--resource-group]
                    [--subscription]
                    [--timeout]
                    [--updated]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

Property Value
Parameter group: Wait Condition Arguments
--deleted

Wait until deleted.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--exists

Wait until the resource exists.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--expand

Expands referenced resources. Default value is None.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--interval

Polling interval in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 30
--name -n

Name of the network security group.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--timeout

Maximum wait in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False