Vytvoří nebo aktualizuje pravidlo správce.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityAdminConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}?api-version=2023-09-01
Parametry identifikátoru URI
Name |
V |
Vyžadováno |
Typ |
Description |
configurationName
|
path |
True
|
string
|
Název konfigurace zabezpečení správce sítě.
|
networkManagerName
|
path |
True
|
string
|
Název správce sítě.
|
resourceGroupName
|
path |
True
|
string
|
Název skupiny prostředků.
|
ruleCollectionName
|
path |
True
|
string
|
Název kolekce pravidel konfigurace zabezpečení správce sítě.
|
ruleName
|
path |
True
|
string
|
Název pravidla.
|
subscriptionId
|
path |
True
|
string
|
Přihlašovací údaje předplatného, které jednoznačně identifikují předplatné Microsoft Azure. ID předplatného je součástí identifikátoru URI pro každé volání služby.
|
api-version
|
query |
True
|
string
|
Verze klientského rozhraní API
|
Text požadavku
Text žádosti může tvořit:
AdminRule
Pravidlo správce sítě.
Name |
Vyžadováno |
Typ |
Description |
kind
|
True
|
string:
Custom
|
Určuje, jestli je pravidlo vlastní nebo výchozí.
|
properties.access
|
True
|
SecurityConfigurationRuleAccess
|
Označuje povolený přístup pro toto konkrétní pravidlo.
|
properties.direction
|
True
|
SecurityConfigurationRuleDirection
|
Označuje, jestli se provoz shoduje s pravidlem v příchozím nebo odchozím provozu.
|
properties.priority
|
True
|
integer
|
Priorita pravidla. Hodnota může být mezi 1 a 4096. Číslo priority musí být jedinečné pro každé pravidlo v kolekci. Čím nižší je číslo priority, tím vyšší je priorita pravidla.
|
properties.protocol
|
True
|
SecurityConfigurationRuleProtocol
|
Síťový protokol, na který se toto pravidlo vztahuje.
|
properties.description
|
|
string
|
Popis tohoto pravidla. Omezeno na 140 znaků.
|
properties.destinationPortRanges
|
|
string[]
|
Rozsahy cílových portů.
|
properties.destinations
|
|
AddressPrefixItem[]
|
Předpony cílové adresy. CIDR nebo cílové rozsahy IP adres.
|
properties.sourcePortRanges
|
|
string[]
|
Rozsahy zdrojových portů
|
properties.sources
|
|
AddressPrefixItem[]
|
Rozsahy CIDR nebo zdrojových IP adres.
|
DefaultAdminRule
Výchozí pravidlo správce sítě
Name |
Vyžadováno |
Typ |
Description |
kind
|
True
|
string:
Default
|
Určuje, jestli je pravidlo vlastní nebo výchozí.
|
properties.flag
|
|
string
|
Výchozí příznak pravidla.
|
Odpovědi
Name |
Typ |
Description |
200 OK
|
BaseAdminRule:
|
Aktualizované pravidlo
|
201 Created
|
BaseAdminRule:
|
Vytvořené pravidlo
|
Other Status Codes
|
CloudError
|
Chybová odpověď popisující, proč operace selhala.
|
Zabezpečení
azure_auth
Tok Azure Active Directory OAuth2
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
zosobnění uživatelského účtu
|
Příklady
Create a default admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule?api-version=2023-09-01
{
"kind": "Default",
"properties": {
"flag": "AllowVnetInbound"
}
}
import com.azure.resourcemanager.network.models.DefaultAdminRule;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/
* NetworkManagerDefaultAdminRulePut.json
*/
/**
* Sample code: Create a default admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createADefaultAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule",
new DefaultAdminRule().withFlag("AllowVnetInbound"), com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_default_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleDefaultAdminRule",
admin_rule={"kind": "Default", "properties": {"flag": "AllowVnetInbound"}},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createADefaultAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule", &armnetwork.DefaultAdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
Properties: &armnetwork.DefaultAdminPropertiesFormat{
Flag: to.Ptr("AllowVnetInbound"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.DefaultAdminRule{
// Name: to.Ptr("SampleDefaultAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.DefaultAdminPropertiesFormat{
// Description: to.Ptr("This is Sample Default Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Flag: to.Ptr("AllowVnetInbound"),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
*/
async function createADefaultAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleDefaultAdminRule";
const adminRule = {
flag: "AllowVnetInbound",
kind: "Default",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleDefaultAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkDefaultAdminRule()
{
Flag = "AllowVnetInbound",
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Create an admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule?api-version=2023-09-01
{
"kind": "Custom",
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound"
}
}
import com.azure.resourcemanager.network.models.AddressPrefixItem;
import com.azure.resourcemanager.network.models.AddressPrefixType;
import com.azure.resourcemanager.network.models.AdminRule;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleAccess;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleDirection;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleProtocol;
import java.util.Arrays;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.
* json
*/
/**
* Sample code: Create an admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createAnAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule",
new AdminRule().withDescription("This is Sample Admin Rule")
.withProtocol(SecurityConfigurationRuleProtocol.TCP)
.withSources(Arrays.asList(new AddressPrefixItem().withAddressPrefix("Internet")
.withAddressPrefixType(AddressPrefixType.SERVICE_TAG)))
.withDestinations(Arrays.asList(
new AddressPrefixItem().withAddressPrefix("*").withAddressPrefixType(AddressPrefixType.IPPREFIX)))
.withSourcePortRanges(Arrays.asList("0-65535")).withDestinationPortRanges(Arrays.asList("22"))
.withAccess(SecurityConfigurationRuleAccess.DENY).withPriority(1)
.withDirection(SecurityConfigurationRuleDirection.INBOUND),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleAdminRule",
admin_rule={
"kind": "Custom",
"properties": {
"access": "Deny",
"description": "This is Sample Admin Rule",
"destinationPortRanges": ["22"],
"destinations": [{"addressPrefix": "*", "addressPrefixType": "IPPrefix"}],
"direction": "Inbound",
"priority": 1,
"protocol": "Tcp",
"sourcePortRanges": ["0-65535"],
"sources": [{"addressPrefix": "Internet", "addressPrefixType": "ServiceTag"}],
},
},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createAnAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule", &armnetwork.AdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
Properties: &armnetwork.AdminPropertiesFormat{
Description: to.Ptr("This is Sample Admin Rule"),
Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
DestinationPortRanges: []*string{
to.Ptr("22")},
Destinations: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("*"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
}},
Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
Priority: to.Ptr[int32](1),
SourcePortRanges: []*string{
to.Ptr("0-65535")},
Sources: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("Internet"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
}},
Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.AdminRule{
// Name: to.Ptr("SampleAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.AdminPropertiesFormat{
// Description: to.Ptr("This is Sample Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
*/
async function createAnAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleAdminRule";
const adminRule = {
description: "This is Sample Admin Rule",
access: "Deny",
destinationPortRanges: ["22"],
destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }],
direction: "Inbound",
kind: "Custom",
priority: 1,
sourcePortRanges: ["0-65535"],
sources: [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }],
protocol: "Tcp",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkAdminRule()
{
Description = "This is Sample Admin Rule",
Protocol = SecurityConfigurationRuleProtocol.Tcp,
Sources =
{
new AddressPrefixItem()
{
AddressPrefix = "Internet",
AddressPrefixType = AddressPrefixType.ServiceTag,
}
},
Destinations =
{
new AddressPrefixItem()
{
AddressPrefix = "*",
AddressPrefixType = AddressPrefixType.IPPrefix,
}
},
SourcePortRanges =
{
"0-65535"
},
DestinationPortRanges =
{
"22"
},
Access = SecurityConfigurationRuleAccess.Deny,
Priority = 1,
Direction = SecurityConfigurationRuleDirection.Inbound,
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Definice
AddressPrefixItem
Položka předpony adresy.
Name |
Typ |
Description |
addressPrefix
|
string
|
Předpona adresy.
|
addressPrefixType
|
AddressPrefixType
|
Typ předpony adresy.
|
AddressPrefixType
Typ předpony adresy.
Name |
Typ |
Description |
IPPrefix
|
string
|
|
ServiceTag
|
string
|
|
AdminRule
Pravidlo správce sítě.
Name |
Typ |
Description |
etag
|
string
|
Jedinečný řetězec jen pro čtení, který se mění při každé aktualizaci prostředku.
|
id
|
string
|
ID prostředku.
|
kind
|
string:
Custom
|
Určuje, jestli je pravidlo vlastní nebo výchozí.
|
name
|
string
|
Název prostředku.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Označuje povolený přístup pro toto konkrétní pravidlo.
|
properties.description
|
string
|
Popis tohoto pravidla. Omezeno na 140 znaků.
|
properties.destinationPortRanges
|
string[]
|
Rozsahy cílových portů.
|
properties.destinations
|
AddressPrefixItem[]
|
Předpony cílové adresy. CIDR nebo cílové rozsahy IP adres.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Označuje, jestli se provoz shoduje s pravidlem v příchozím nebo odchozím provozu.
|
properties.priority
|
integer
|
Priorita pravidla. Hodnota může být mezi 1 a 4096. Číslo priority musí být jedinečné pro každé pravidlo v kolekci. Čím nižší je číslo priority, tím vyšší je priorita pravidla.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Síťový protokol, na který se toto pravidlo vztahuje.
|
properties.provisioningState
|
ProvisioningState
|
Stav zřizování prostředku.
|
properties.resourceGuid
|
string
|
Jedinečný identifikátor tohoto prostředku.
|
properties.sourcePortRanges
|
string[]
|
Rozsahy zdrojových portů
|
properties.sources
|
AddressPrefixItem[]
|
Rozsahy CIDR nebo zdrojových IP adres.
|
systemData
|
SystemData
|
Systémová metadata související s tímto prostředkem.
|
type
|
string
|
Typ prostředku.
|
CloudError
Chybová odpověď ze služby.
CloudErrorBody
Chybová odpověď ze služby.
Name |
Typ |
Description |
code
|
string
|
Identifikátor chyby. Kódy jsou invariantní a mají být využívány programově.
|
details
|
CloudErrorBody[]
|
Seznam dalších podrobností o chybě
|
message
|
string
|
Zpráva popisující chybu, která má být vhodná pro zobrazení v uživatelském rozhraní.
|
target
|
string
|
Cíl konkrétní chyby. Například název vlastnosti v chybě.
|
createdByType
Typ identity, která vytvořila prostředek.
Name |
Typ |
Description |
Application
|
string
|
|
Key
|
string
|
|
ManagedIdentity
|
string
|
|
User
|
string
|
|
DefaultAdminRule
Výchozí pravidlo správce sítě
Name |
Typ |
Description |
etag
|
string
|
Jedinečný řetězec jen pro čtení, který se mění při každé aktualizaci prostředku.
|
id
|
string
|
ID prostředku.
|
kind
|
string:
Default
|
Určuje, jestli je pravidlo vlastní nebo výchozí.
|
name
|
string
|
Název prostředku.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Označuje povolený přístup pro toto konkrétní pravidlo.
|
properties.description
|
string
|
Popis tohoto pravidla. Omezeno na 140 znaků.
|
properties.destinationPortRanges
|
string[]
|
Rozsahy cílových portů.
|
properties.destinations
|
AddressPrefixItem[]
|
Předpony cílové adresy. CIDR nebo cílové rozsahy IP adres.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Označuje, jestli se provoz shoduje s pravidlem v příchozím nebo odchozím provozu.
|
properties.flag
|
string
|
Výchozí příznak pravidla.
|
properties.priority
|
integer
|
Priorita pravidla. Hodnota může být mezi 1 a 4096. Číslo priority musí být jedinečné pro každé pravidlo v kolekci. Čím nižší je číslo priority, tím vyšší je priorita pravidla.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Síťový protokol, na který se toto pravidlo vztahuje.
|
properties.provisioningState
|
ProvisioningState
|
Stav zřizování prostředku.
|
properties.resourceGuid
|
string
|
Jedinečný identifikátor tohoto prostředku.
|
properties.sourcePortRanges
|
string[]
|
Rozsahy zdrojových portů
|
properties.sources
|
AddressPrefixItem[]
|
Rozsahy CIDR nebo zdrojových IP adres.
|
systemData
|
SystemData
|
Systémová metadata související s tímto prostředkem.
|
type
|
string
|
Typ prostředku.
|
ProvisioningState
Aktuální stav zřizování.
Name |
Typ |
Description |
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
Updating
|
string
|
|
SecurityConfigurationRuleAccess
Určuje, jestli je síťový provoz povolený nebo zakázaný.
Name |
Typ |
Description |
Allow
|
string
|
|
AlwaysAllow
|
string
|
|
Deny
|
string
|
|
SecurityConfigurationRuleDirection
Směr pravidla. Směr určuje, jestli bude pravidlo vyhodnoceno při příchozím nebo odchozím provozu.
Name |
Typ |
Description |
Inbound
|
string
|
|
Outbound
|
string
|
|
SecurityConfigurationRuleProtocol
Síťový protokol, na který se toto pravidlo vztahuje.
Name |
Typ |
Description |
Ah
|
string
|
|
Any
|
string
|
|
Esp
|
string
|
|
Icmp
|
string
|
|
Tcp
|
string
|
|
Udp
|
string
|
|
SystemData
Metadata týkající se vytvoření a poslední změny prostředku
Name |
Typ |
Description |
createdAt
|
string
|
Časové razítko vytvoření prostředku (UTC)
|
createdBy
|
string
|
Identita, která prostředek vytvořila.
|
createdByType
|
createdByType
|
Typ identity, která vytvořila prostředek.
|
lastModifiedAt
|
string
|
Typ identity, která naposledy změnila prostředek.
|
lastModifiedBy
|
string
|
Identita, která naposledy změnila prostředek.
|
lastModifiedByType
|
createdByType
|
Typ identity, která naposledy změnila prostředek.
|