az stack-hci-vm network nsg rule
Note
This reference is part of the stack-hci-vm extension for the Azure CLI (version 2.15.0 or higher). The extension will automatically install the first time you run an az stack-hci-vm network nsg rule command. Learn more about extensions.
Manage network security group rules.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az stack-hci-vm network nsg rule create |
Create a network security group rule. |
Extension | GA |
| az stack-hci-vm network nsg rule delete |
Delete a network security group rule. |
Extension | GA |
| az stack-hci-vm network nsg rule list |
List all rules in a network security group. |
Extension | GA |
| az stack-hci-vm network nsg rule show |
Get the details of a network security group rule. |
Extension | GA |
| az stack-hci-vm network nsg rule update |
Update a network security group rule. |
Extension | GA |
az stack-hci-vm network nsg rule create
Create a network security group rule.
az stack-hci-vm network nsg rule create --custom-location
--name
--nsg-name
--priority
--resource-group
[--access {Allow, Deny}]
[--description]
[--destination-address-prefixes]
[--destination-port-ranges]
[--direction {Inbound, Outbound}]
[--location]
[--polling-interval]
[--protocol {*, Icmp, Tcp, Udp}]
[--source-address-prefixes]
[--source-port-ranges]Examples
Create a basic "Allow" NSG rule with the highest priority.
az stack-hci-vm network nsg rule create -g MyResourceGroup --nsg-name MyNsg -n MyNsgRule --priority 100 --custom-location $customLocationIdRequired Parameters
The ID of the extended location.
Name of the network security group rule.
Name of the network security group.
Priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Network traffic is allowed or denied.
Description for this rule. Restricted to 140 chars.
The destination address prefixes. CIDR or destination IP ranges.
The destination port ranges. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
Direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
If location is not specified, the location of the resource group is used.
ARM polling interval for long running operations.
Network protocol this rule applies to.
The CIDR or source IP ranges.
The source port ranges. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az stack-hci-vm network nsg rule delete
Delete a network security group rule.
az stack-hci-vm network nsg rule delete --name
--nsg-name
--resource-group
[--polling-interval]
[--yes]Examples
Delete a network security group rule
az stack-hci-vm network nsg rule delete -g MyResourceGroup --nsg-name MyNsg -n MyNsgRuleRequired Parameters
Name of the network security group rule.
Name of the network security group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
ARM polling interval for long running operations.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az stack-hci-vm network nsg rule list
List all rules in a network security group.
az stack-hci-vm network nsg rule list --nsg-name
--resource-groupExamples
List all rules in a network security group
az stack-hci-vm network nsg rule list -g MyResourceGroup --nsg-name MyNsgRequired Parameters
Name of the network security group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az stack-hci-vm network nsg rule show
Get the details of a network security group rule.
az stack-hci-vm network nsg rule show --nsg-name
[--ids]
[--name]
[--resource-group]
[--subscription]Examples
Get the details of a network security group rule
az stack-hci-vm network nsg rule show -g MyResourceGroup --nsg-name MyNsg -n MyNsgRuleRequired Parameters
Name of the network security group.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the network security group rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az stack-hci-vm network nsg rule update
Update a network security group rule.
az stack-hci-vm network nsg rule update --name
--nsg-name
--resource-group
[--access {Allow, Deny}]
[--add]
[--description]
[--destination-address-prefixes]
[--destination-port-ranges]
[--direction {Inbound, Outbound}]
[--force-string]
[--polling-interval]
[--priority]
[--protocol {*, Icmp, Tcp, Udp}]
[--remove]
[--set]
[--source-address-prefixes]
[--source-port-ranges]Examples
Update an NSG rule with a new wildcard destination address prefix
az stack-hci-vm network nsg rule update -g MyResourceGroup --nsg-name MyNsg -n MyNsgRule --destination-address-prefix '*'Update a network security group rule
az stack-hci-vm network nsg rule update --name MyNsgRule --nsg-name MyNsg --resource-group MyResourceGroup --source-address-prefixes 208.130.28/24Required Parameters
Name of the network security group rule.
Name of the network security group.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Network traffic is allowed or denied.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Description for this rule. Restricted to 140 chars.
The destination address prefixes. CIDR or destination IP ranges.
The destination port ranges. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
Direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
ARM polling interval for long running operations.
Priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
Network protocol this rule applies to.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
The CIDR or source IP ranges.
The source port ranges. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
