New-AzNetworkSecurityRuleConfig
Creates a network security rule configuration.
Syntax
New-AzNetworkSecurityRuleConfig
-Name <String>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-DestinationApplicationSecurityGroup <PSApplicationSecurityGroup[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] New-AzNetworkSecurityRuleConfig
-Name <String>
[-Description <String>]
[-Protocol <String>]
[-SourcePortRange <String[]>]
[-DestinationPortRange <String[]>]
[-SourceAddressPrefix <String[]>]
[-DestinationAddressPrefix <String[]>]
[-SourceApplicationSecurityGroupId <String[]>]
[-DestinationApplicationSecurityGroupId <String[]>]
[-Access <String>]
[-Priority <Int32>]
[-Direction <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The New-AzNetworkSecurityRuleConfig cmdlet creates an Azure network security rule configuration for a network security group.
Examples
Example 1: Create a network security rule to allow RDP
$rule1 = New-AzNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" `
-Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix `
Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389This command creates a security rule allowing access from the Internet to port 3389
Example 2: Create a network security rule that allows HTTP
$rule2 = New-AzNetworkSecurityRuleConfig -Name web-rule -Description "Allow HTTP" `
-Access Allow -Protocol Tcp -Direction Inbound -Priority 101 -SourceAddressPrefix `
Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80This command creates a security rule allowing access from the Internet to port 80
Parameters
-Access
Specifies whether network traffic is allowed or denied. The acceptable values for this parameter are: Allow and Deny.
| Type: | String |
| Accepted values: | Allow, Deny |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Specifies a description of the network security rule configuration to create.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationAddressPrefix
Specifies a destination address prefix. The acceptable values for this parameter are:
- A Classless Interdomain Routing (CIDR) address
- A destination IP address range
- A wildcard character (*) to match any IP address You can use tags such as VirtualNetwork, AzureLoadBalancer, and Internet.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationApplicationSecurityGroup
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
| Type: | PSApplicationSecurityGroup[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationApplicationSecurityGroupId
The application security group set as destination for the rule. It cannot be used with 'DestinationAddressPrefix' parameter.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationPortRange
Specifies a destination port or range. The acceptable values for this parameter are:
- An integer
- A range of integers between 0 and 65535
- A wildcard character (*) to match any port
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Direction
Specifies whether a rule is evaluated on incoming or outgoing traffic. The acceptable values for this parameter are: Inbound and Outbound.
| Type: | String |
| Accepted values: | Inbound, Outbound |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies the name of the network security rule configuration that this cmdlet creates.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Priority
Specifies the priority of a rule configuration. The acceptable values for this parameter are: An integer between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Protocol
Specifies the network protocol that a new rule configuration applies to. The acceptable values for this parameter are:
- Tcp
- Udp
- wildcard character (*) to match both.
| Type: | String |
| Accepted values: | Tcp, Udp, Icmp, Esp, Ah, * |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourceAddressPrefix
Specifies a source address prefix. The acceptable values for this parameter are:
- A CIDR
- A source IP range
- A wildcard character (*) to match any IP address. You can also use tags such as VirtualNetwork, AzureLoadBalancer and Internet.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourceApplicationSecurityGroup
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
| Type: | PSApplicationSecurityGroup[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourceApplicationSecurityGroupId
The application security group set as source for the rule. It cannot be used with 'SourceAddressPrefix' parameter.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourcePortRange
Specifies the source port or range. The acceptable values for this parameter are:
- An integer
- A range of integers between 0 and 65535
- A wildcard character (*) to match any port
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
