New-AzNetworkSecurityRuleConfig
Creates a network security rule configuration.
Syntax
SetByResource (Default)
New-AzNetworkSecurityRuleConfig
-Name <String>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-DestinationApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
SetByResourceId
New-AzNetworkSecurityRuleConfig
-Name <String>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroupId <String[]>]
[-DestinationApplicationSecurityGroupId <String[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The New-AzNetworkSecurityRuleConfig cmdlet creates an Azure network security rule configuration for a network security group.
Examples
Example 1: Create a network security rule to allow RDP
$rule1 = New-AzNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" `
-Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix `
Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389
This command creates a security rule allowing access from the Internet to port 3389
Example 2: Create a network security rule that allows HTTP
$rule2 = New-AzNetworkSecurityRuleConfig -Name web-rule -Description "Allow HTTP" `
-Access Allow -Protocol Tcp -Direction Inbound -Priority 101 -SourceAddressPrefix `
Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80
This command creates a security rule allowing access from the Internet to port 80
Parameters
-Access
Specifies whether network traffic is allowed or denied.
The acceptable values for this parameter are: Allow and Deny.
Parameter properties
Type: String
Default value: None
Accepted values: Allow, Deny
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Parameter properties
Type: IAzureContextContainer
Default value: None
Supports wildcards: False
DontShow: False
Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-Description
Specifies a description of the network security rule configuration to create.
Parameter properties
Type: String
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-DestinationAddressPrefix
Specifies a destination address prefix.
The acceptable values for this parameter are:
A Classless Interdomain Routing (CIDR) address
A destination IP address range
A wildcard character (*) to match any IP address
You can use tags such as VirtualNetwork, AzureLoadBalancer, and Internet.
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-DestinationApplicationSecurityGroup
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
Parameter properties
Parameter sets
SetByResource
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-DestinationApplicationSecurityGroupId
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
SetByResourceId
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-DestinationPortRange
Specifies a destination port or range.
The acceptable values for this parameter are:
An integer
A range of integers between 0 and 65535
A wildcard character (*) to match any port
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-Direction
Specifies whether a rule is evaluated on incoming or outgoing traffic.
The acceptable values for this parameter are: Inbound and Outbound.
Parameter properties
Type: String
Default value: None
Accepted values: Inbound, Outbound
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-Name
Specifies the name of the network security rule configuration that this cmdlet creates.
Parameter properties
Type: String
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: True
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-Priority
Specifies the priority of a rule configuration.
The acceptable values for this parameter are: An integer between 100 and 4096.
The priority number must be unique for each rule in the collection.
The lower the priority number, the higher the priority of the rule.
Parameter properties
Type: Int32
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-Protocol
Specifies the network protocol that a new rule configuration applies to.
The acceptable values for this parameter are:
Tcp
Udp
wildcard character (*) to match both.
Parameter properties
Type: String
Default value: None
Accepted values: Tcp, Udp, Icmp, Esp, Ah, *
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-SourceAddressPrefix
Specifies a source address prefix.
The acceptable values for this parameter are:
A CIDR
A source IP range
A wildcard character (*) to match any IP address.
You can also use tags such as VirtualNetwork, AzureLoadBalancer and Internet.
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-SourceApplicationSecurityGroup
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
Parameter properties
Parameter sets
SetByResource
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-SourceApplicationSecurityGroupId
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
SetByResourceId
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
-SourcePortRange
Specifies the source port or range.
The acceptable values for this parameter are:
An integer
A range of integers between 0 and 65535
A wildcard character (*) to match any port
Parameter properties
Type: String [ ]
Default value: None
Supports wildcards: False
DontShow: False
Parameter sets
(All)
Position: Named
Mandatory: False
Value from pipeline: False
Value from pipeline by property name: False
Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
None
Outputs