Set-AzNetworkSecurityRuleConfig
Updates a network security rule configuration for a network security group.
Set-AzNetworkSecurityRuleConfig
-Name <String>
-NetworkSecurityGroup <PSNetworkSecurityGroup>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-DestinationApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Set-AzNetworkSecurityRuleConfig
-Name <String>
-NetworkSecurityGroup <PSNetworkSecurityGroup>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroupId <String[]>]
[-DestinationApplicationSecurityGroupId <String[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
The Set-AzNetworkSecurityRuleConfig cmdlet updates a network security rule configuration for a network security group.
$nsg = Get-AzNetworkSecurityGroup -Name "NSG-FrontEnd" -ResourceGroupName "TestRG"
$nsg | Get-AzNetworkSecurityRuleConfig -Name "rdp-rule"
Set-AzNetworkSecurityRuleConfig -Name "rdp-rule" -NetworkSecurityGroup $nsg -Access "Deny"
The first command gets the network security group named NSG-FrontEnd, and then stores it in the variable $nsg. The second command uses the pipeline operator to pass the security group in $nsg to Get-AzNetworkSecurityRuleConfig, which gets the security rule configuration named rdp-rule. The third command changes the access configuration of rdp-rule to Deny. However, this overwrites the rule and only sets the parameters that are passed to the Set-AzNetworkSecurityRuleConfig function. NOTE: There is no way to change a single attribute
Updates a network security rule configuration for a network security group. (autogenerated)
Set-AzNetworkSecurityRuleConfig -Access Allow -DestinationAddressPrefix * -DestinationPortRange 3389 -Direction Inbound -Name 'rdp-rule' -NetworkSecurityGroup <PSNetworkSecurityGroup> -Priority 1 -Protocol Tcp -SourceAddressPrefix 'Internet' -SourcePortRange *
Updates a network security rule configuration for a network security group. (autogenerated)
Set-AzNetworkSecurityRuleConfig -Access Allow -Description 'Allow RDP' -DestinationAddressPrefix * -DestinationPortRange 3389 -Direction Inbound -Name 'rdp-rule' -NetworkSecurityGroup <PSNetworkSecurityGroup> -Priority 1 -Protocol Tcp -SourceAddressPrefix 'Internet' -SourcePortRange *
Updates a network security rule configuration for a network security group (Source IP address)
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName "MyResource" -Name "MyNsg"
($nsg.SecurityRules | Where-Object {$_.Name -eq "RuleName"}).SourceAddressPrefix = ([System.String[]] @("xxx.xxx.xxx.xxx"))
$nsg | Set-AzNetworkSecurityGroup | Get-AzNetworkSecurityRuleConfig -Name "RuleName"
Specifies whether network traffic is allowed or denied. The acceptable values for this parameter are: Allow and Deny.
Type: | String |
Accepted values: | Allow, Deny |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies a description for a rule configuration. The maximum size is 140 characters.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies a destination address prefix. The acceptable values for this parameter are:
- A Classless Interdomain Routing (CIDR) address
- A destination IP address range
- A wildcard character (*) to match any IP address. You can use tags such as VirtualNetwork, AzureLoadBalancer, and Internet.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
Type: | PSApplicationSecurityGroup[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies a destination port or range. The acceptable values for this parameter are:
- An integer
- A range of integers between 0 and 65535
- A wildcard character (*) to match any port
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies whether a rule is evaluated for incoming or outgoing traffic. The acceptable values for this parameter are: Inbound and Outbound.
Type: | String |
Accepted values: | Inbound, Outbound |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the name of the network security rule configuration that this cmdlet sets.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the NetworkSecurityGroup object that contains the network security rule configuration to set.
Type: | PSNetworkSecurityGroup |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Specifies the priority of a rule configuration. The acceptable values for this parameter are:An integer between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the network protocol that a rule configuration applies to. The acceptable values for this parameter are:
- Tcp
- Udp
- Icmp
- Esp
- Ah
- Wildcard character (*) to match all
Type: | String |
Accepted values: | Tcp, Udp, Icmp, Esp, Ah, * |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies a source address prefix. The acceptable values for this parameter are:
- A CIDR
- A source IP range
- A wildcard character (*) to match any IP address. You can also use tags such as VirtualNetwork, AzureLoadBalancer and Internet.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
Type: | PSApplicationSecurityGroup[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the source port or range. The acceptable values for this parameter are:
- An integer
- A range of integers between 0 and 65535
- A wildcard character (*) to match any port
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Azure PowerShell feedback
Azure PowerShell is an open source project. Select a link to provide feedback: