Network Security Perimeter Configurations - List By Service
Gets a list of network security perimeter configurations for a search service.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Search/searchServices/{searchServiceName}/networkSecurityPerimeterConfigurations?api-version=2025-05-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string |
The name of the resource group within the current subscription. You can obtain this value from the Azure Resource Manager API or the portal. |
|
search
|
path | True |
string pattern: ^(?=.{2,60}$)[a-z0-9][a-z0-9]+(-[a-z0-9]+)*$ |
The name of the Azure AI Search service associated with the specified resource group. |
|
subscription
|
path | True |
string |
The unique identifier for a Microsoft Azure subscription. You can obtain this value from the Azure Resource Manager API or the portal. |
|
api-version
|
query | True |
string |
The API version to use for each request. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Successfully retrieved the list of configurations. |
|
| Other Status Codes |
An unexpected error occurred during the operation. |
Security
azure_auth
Specifies an implicit grant flow, as supported on the Microsoft Identity platform.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
List NSP configs by search service
Sample request
GET https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Search/searchServices/mysearchservice/networkSecurityPerimeterConfigurations?api-version=2025-05-01
Sample response
{
"value": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Search/searchServices/mysearchservice/networkSecurityPerimeterConfigurations/00000001-2222-3333-4444-111144444444.assoc1",
"name": "00000001-2222-3333-4444-111144444444.assoc1",
"type": "Microsoft.Search/searchServices/networkSecurityPerimeterConfigurations",
"properties": {
"provisioningState": "Accepted",
"networkSecurityPerimeter": {
"id": "/subscriptions/subid/resourceGroups/networkRG/providers/Microsoft.Network/networkSecurityPerimeters/perimeter1",
"location": "westus"
},
"resourceAssociation": {
"name": "assoc1",
"accessMode": "Enforced"
},
"profile": {
"name": "profile1",
"accessRulesVersion": 0,
"accessRules": [
{
"name": "rule1",
"properties": {
"direction": "Inbound",
"addressPrefixes": [
"148.0.0.0/8",
"152.4.6.0/24"
]
}
}
]
}
}
}
],
"nextLink": null
}Definitions
| Name | Description |
|---|---|
|
Access |
Access rule in a network security perimeter configuration profile |
|
Access |
Direction of Access Rule |
|
Access |
Properties of Access Rule |
|
Cloud |
Contains information about an API error. |
|
Cloud |
Describes a particular API error with an error code and a message. |
|
created |
The type of identity that created the resource. |
|
Issue |
Type of issue |
|
Network |
Information about a network security perimeter (NSP) |
|
Network |
Network security perimeter (NSP) configuration resource |
|
Network |
Result of a list NSP (network security perimeter) configurations request. |
|
Network |
Network security configuration properties. |
|
Network |
Provisioning state of a network security perimeter configuration that is being created or updated. |
|
Network |
Network security perimeter configuration profile |
|
Provisioning |
Describes a provisioning issue for a network security perimeter configuration |
|
Provisioning |
Details of a provisioning issue for a network security perimeter (NSP) configuration. Resource providers should generate separate provisioning issue elements for each separate issue detected, and include a meaningful and distinctive description, as well as any appropriate suggestedResourceIds and suggestedAccessRules |
|
Resource |
Information about resource association |
|
Resource |
Access mode of the resource association |
| Severity |
Severity of the issue. |
| Subscriptions |
Subscriptions for inbound rules |
|
system |
Metadata pertaining to creation and last modification of the resource. |
AccessRule
Access rule in a network security perimeter configuration profile
| Name | Type | Description |
|---|---|---|
| name |
string |
Name of the access rule |
| properties |
Properties of Access Rule |
AccessRuleDirection
Direction of Access Rule
| Value | Description |
|---|---|
| Inbound |
Applies to inbound network traffic to the secured resources. |
| Outbound |
Applies to outbound network traffic from the secured resources |
AccessRuleProperties
Properties of Access Rule
| Name | Type | Description |
|---|---|---|
| addressPrefixes |
string[] |
Address prefixes in the CIDR format for inbound rules |
| direction |
Direction of Access Rule |
|
| emailAddresses |
string[] |
Email addresses for outbound rules |
| fullyQualifiedDomainNames |
string[] |
Fully qualified domain names (FQDN) for outbound rules |
| networkSecurityPerimeters |
Network security perimeters for inbound rules |
|
| phoneNumbers |
string[] |
Phone numbers for outbound rules |
| subscriptions |
Subscriptions for inbound rules |
CloudError
Contains information about an API error.
| Name | Type | Description |
|---|---|---|
| error |
Describes a particular API error with an error code and a message. |
|
| message |
string |
A brief description of the error that hints at what went wrong (for details/debugging information refer to the 'error.message' property). |
CloudErrorBody
Describes a particular API error with an error code and a message.
| Name | Type | Description |
|---|---|---|
| code |
string |
An error code that describes the error condition more precisely than an HTTP status code. Can be used to programmatically handle specific error cases. |
| details |
Contains nested errors that are related to this error. |
|
| message |
string |
A message that describes the error in detail and provides debugging information. |
| target |
string |
The target of the particular error (for example, the name of the property in error). |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
IssueType
Type of issue
| Value | Description |
|---|---|
| Unknown |
Unknown issue type |
| ConfigurationPropagationFailure |
An error occurred while applying the network security perimeter (NSP) configuration. |
| MissingPerimeterConfiguration |
A network connectivity issue is happening on the resource which could be addressed either by adding new resources to the network security perimeter (NSP) or by modifying access rules. |
| MissingIdentityConfiguration |
An managed identity hasn't been associated with the resource. The resource will still be able to validate inbound traffic from the network security perimeter (NSP) or matching inbound access rules, but it won't be able to perform outbound access as a member of the NSP. |
NetworkSecurityPerimeter
Information about a network security perimeter (NSP)
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified Azure resource ID of the NSP resource |
| location |
string |
Location of the network security perimeter |
| perimeterGuid |
string (uuid) |
Universal unique ID (UUID) of the network security perimeter |
NetworkSecurityPerimeterConfiguration
Network security perimeter (NSP) configuration resource
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties |
Network security configuration properties. |
|
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
NetworkSecurityPerimeterConfigurationListResult
Result of a list NSP (network security perimeter) configurations request.
| Name | Type | Description |
|---|---|---|
| nextLink |
string (uri) |
The link used to get the next page of results. |
| value |
Array of network security perimeter results. |
NetworkSecurityPerimeterConfigurationProperties
Network security configuration properties.
| Name | Type | Description |
|---|---|---|
| networkSecurityPerimeter |
Information about a network security perimeter (NSP) |
|
| profile |
Network security perimeter configuration profile |
|
| provisioningIssues |
List of provisioning issues, if any |
|
| provisioningState |
Provisioning state of a network security perimeter configuration that is being created or updated. |
|
| resourceAssociation |
Information about resource association |
NetworkSecurityPerimeterConfigurationProvisioningState
Provisioning state of a network security perimeter configuration that is being created or updated.
| Value | Description |
|---|---|
| Succeeded | |
| Creating | |
| Updating | |
| Deleting | |
| Accepted | |
| Failed | |
| Canceled |
NetworkSecurityProfile
Network security perimeter configuration profile
| Name | Type | Description |
|---|---|---|
| accessRules |
List of Access Rules |
|
| accessRulesVersion |
integer (int32) |
Current access rules version |
| diagnosticSettingsVersion |
integer (int32) |
Current diagnostic settings version |
| enabledLogCategories |
string[] |
List of log categories that are enabled |
| name |
string |
Name of the profile |
ProvisioningIssue
Describes a provisioning issue for a network security perimeter configuration
| Name | Type | Description |
|---|---|---|
| name |
string |
Name of the issue |
| properties |
Details of a provisioning issue for a network security perimeter (NSP) configuration. Resource providers should generate separate provisioning issue elements for each separate issue detected, and include a meaningful and distinctive description, as well as any appropriate suggestedResourceIds and suggestedAccessRules |
ProvisioningIssueProperties
Details of a provisioning issue for a network security perimeter (NSP) configuration. Resource providers should generate separate provisioning issue elements for each separate issue detected, and include a meaningful and distinctive description, as well as any appropriate suggestedResourceIds and suggestedAccessRules
| Name | Type | Description |
|---|---|---|
| description |
string |
Description of the issue |
| issueType |
Type of issue |
|
| severity |
Severity of the issue. |
|
| suggestedAccessRules |
Access rules that can be added to the network security profile (NSP) to remediate the issue. |
|
| suggestedResourceIds |
string[] (arm-id) |
Fully qualified resource IDs of suggested resources that can be associated to the network security perimeter (NSP) to remediate the issue. |
ResourceAssociation
Information about resource association
| Name | Type | Description |
|---|---|---|
| accessMode |
Access mode of the resource association |
|
| name |
string |
Name of the resource association |
ResourceAssociationAccessMode
Access mode of the resource association
| Value | Description |
|---|---|
| Enforced |
Enforced access mode - traffic to the resource that failed access checks is blocked |
| Learning |
Learning access mode - traffic to the resource is enabled for analysis but not blocked |
| Audit |
Audit access mode - traffic to the resource that fails access checks is logged but not blocked |
Severity
Severity of the issue.
| Value | Description |
|---|---|
| Warning | |
| Error |
Subscriptions
Subscriptions for inbound rules
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
The fully qualified Azure resource ID of the subscription e.g. ('/subscriptions/00000000-0000-0000-0000-000000000000') |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |