Share via


az sf managed-cluster network-security-rule

Network security rule of a managed cluster.

Commands

Name Description Type Status
az sf managed-cluster network-security-rule add

Add a network security rule to a managed cluster.

Core GA
az sf managed-cluster network-security-rule delete

Delete a network security rule to a managed cluster.

Core GA
az sf managed-cluster network-security-rule get

Get a network security rule to a managed cluster.

Core GA
az sf managed-cluster network-security-rule list

List of network security rules in a cluster.

Core GA
az sf managed-cluster network-security-rule update

Update a network security rule to a managed cluster.

Core GA

az sf managed-cluster network-security-rule add

Add a network security rule to a managed cluster.

az sf managed-cluster network-security-rule add --cluster-name
                                                --resource-group
                                                [--access {allow, deny}]
                                                [--description]
                                                [--dest-addr-prefixes]
                                                [--dest-port-ranges]
                                                [--direction {inbound, outbound}]
                                                [--name]
                                                [--priority]
                                                [--protocol {ah, any, esp, http, https, icmp, tcp, udp}]
                                                [--source-addr-prefixes]
                                                [--source-port-ranges]

Examples

Add network security rule.

az sf managed-cluster network-security-rule add -g testRG -c testCluster --name 'network security rule name' --access allow --description 'network security rule description' --direction inbound --protocol tcp --priority 1200           --source-port-ranges 1-1000 --dest-port-ranges 1-65535 --source-addr-prefixes 167.220.242.0/27 167.220.0.0/23 131.107.132.16/28 167.220.81.128/26 --dest-addr-prefixes 194.69.104.0/25 194.69.119.64/26 167.220.249.128/26 255.255.255.255/32

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--access

Allows or denies network traffic.

Accepted values: allow, deny
--description

Network security rule description.

--dest-addr-prefixes

CIDR or destination IP ranges. A single or space separated list of destination address prefixes.

--dest-port-ranges

A single or space separated list of destination port ranges.

--direction

Network security rule direction.

Accepted values: inbound, outbound
--name

Network security rule name.

--priority

Integer that shows priority for rule.

--protocol

Network protocol.

Accepted values: ah, any, esp, http, https, icmp, tcp, udp
--source-addr-prefixes

The CIDR or source IP ranges. A single or space separated list of source address prefixes.

--source-port-ranges

A single or space separated list of source port ranges.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sf managed-cluster network-security-rule delete

Delete a network security rule to a managed cluster.

az sf managed-cluster network-security-rule delete --cluster-name
                                                   --name
                                                   --resource-group

Examples

Delete network security rule.

az sf managed-cluster network-security-rule delete -g testRG -c testCluster --name 'network security rule name'

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name

Network security rule name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sf managed-cluster network-security-rule get

Get a network security rule to a managed cluster.

az sf managed-cluster network-security-rule get --cluster-name
                                                --name
                                                --resource-group

Examples

Get network security rule.

az sf managed-cluster network-security-rule get -g testRG -c testCluster --name 'network security rule name'

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name

Network security rule name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sf managed-cluster network-security-rule list

List of network security rules in a cluster.

az sf managed-cluster network-security-rule list --cluster-name
                                                 --resource-group

Examples

list network security rules.

az sf managed-cluster network-security-rule list -g testRG -c testCluster

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sf managed-cluster network-security-rule update

Update a network security rule to a managed cluster.

az sf managed-cluster network-security-rule update --cluster-name
                                                   --name
                                                   --resource-group
                                                   [--access {allow, deny}]
                                                   [--description]
                                                   [--dest-addr-prefixes]
                                                   [--dest-port-ranges]
                                                   [--direction {inbound, outbound}]
                                                   [--priority]
                                                   [--protocol {ah, any, esp, http, https, icmp, tcp, udp}]
                                                   [--source-addr-prefixes]
                                                   [--source-port-ranges]

Examples

Update network security rule.

az sf managed-cluster network-security-rule update -g testRG -c testCluster --name 'network security rule name' --access allow --description 'network security rule description' --direction inbound --protocol tcp --priority 1200           --source-port-ranges 1-1000 --dest-port-ranges 1-65535 --source-addr-prefixes 167.220.242.0/27 167.220.0.0/23 131.107.132.16/28 167.220.81.128/26 --dest-addr-prefixes 194.69.104.0/25 194.69.119.64/26 167.220.249.128/26 255.255.255.255/32

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--name

Network security rule name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--access

Allows or denies network traffic.

Accepted values: allow, deny
--description

Network security rule description.

--dest-addr-prefixes

CIDR or destination IP ranges. A single or space separated list of destination address prefixes.

--dest-port-ranges

A single or space separated list of destination port ranges.

--direction

Network security rule direction.

Accepted values: inbound, outbound
--priority

Integer that shows priority for rule.

--protocol

Network protocol.

Accepted values: ah, any, esp, http, https, icmp, tcp, udp
--source-addr-prefixes

The CIDR or source IP ranges. A single or space separated list of source address prefixes.

--source-port-ranges

A single or space separated list of source port ranges.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.