Cria ou atualiza uma regra de administrador.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityAdminConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}?api-version=2023-09-01
Parâmetros de URI
Nome |
Em |
Obrigatório |
Tipo |
Description |
configurationName
|
path |
True
|
string
|
O nome da Configuração de Segurança do gerenciador de rede.
|
networkManagerName
|
path |
True
|
string
|
O nome do gerenciador de rede.
|
resourceGroupName
|
path |
True
|
string
|
O nome do grupo de recursos.
|
ruleCollectionName
|
path |
True
|
string
|
O nome da coleção de regras de configuração de segurança do gerenciador de rede.
|
ruleName
|
path |
True
|
string
|
O nome da regra.
|
subscriptionId
|
path |
True
|
string
|
As credenciais de assinatura que identificam exclusivamente a assinatura do Microsoft Azure. A ID da assinatura faz parte do URI para cada chamada de serviço.
|
api-version
|
query |
True
|
string
|
Versão de API do cliente.
|
Corpo da solicitação
O corpo da solicitação pode ser um dos seguintes:
AdminRule
Regra de administrador de rede.
Nome |
Obrigatório |
Tipo |
Description |
kind
|
True
|
string:
Custom
|
Se a regra é personalizada ou padrão.
|
properties.access
|
True
|
SecurityConfigurationRuleAccess
|
Indica o acesso permitido para essa regra específica
|
properties.direction
|
True
|
SecurityConfigurationRuleDirection
|
Indica se o tráfego correspondeu à regra na entrada ou saída.
|
properties.priority
|
True
|
integer
|
A prioridade da regra. O valor pode estar entre 1 e 4096. O número da prioridade deve ser exclusivo para cada regra na coleção. Quanto menor o número da prioridade, maior será a prioridade da regra.
|
properties.protocol
|
True
|
SecurityConfigurationRuleProtocol
|
O protocolo de rede a que essa regra se aplica.
|
properties.description
|
|
string
|
Uma descrição dessa regra. Restrito a 140 caracteres.
|
properties.destinationPortRanges
|
|
string[]
|
Os intervalos de portas de destino.
|
properties.destinations
|
|
AddressPrefixItem[]
|
Os prefixos de endereço de destino. Intervalos de IP de destino ou CIDR.
|
properties.sourcePortRanges
|
|
string[]
|
Os intervalos de porta de origem.
|
properties.sources
|
|
AddressPrefixItem[]
|
Os intervalos cidr ou ip de origem.
|
DefaultAdminRule
Regra de administrador padrão de rede.
Nome |
Obrigatório |
Tipo |
Description |
kind
|
True
|
string:
Default
|
Se a regra é personalizada ou padrão.
|
properties.flag
|
|
string
|
Sinalizador de regra padrão.
|
Respostas
Nome |
Tipo |
Description |
200 OK
|
BaseAdminRule:
-
AdminRule
-
DefaultAdminRule
|
Regra atualizada
|
201 Created
|
BaseAdminRule:
-
AdminRule
-
DefaultAdminRule
|
Regra criada
|
Other Status Codes
|
CloudError
|
Resposta de erro que descreve por que a operação falhou.
|
Segurança
azure_auth
Fluxo OAuth2 do Azure Active Directory.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Nome |
Description |
user_impersonation
|
representar sua conta de usuário
|
Exemplos
Create a default admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule?api-version=2023-09-01
{
"kind": "Default",
"properties": {
"flag": "AllowVnetInbound"
}
}
import com.azure.resourcemanager.network.models.DefaultAdminRule;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/
* NetworkManagerDefaultAdminRulePut.json
*/
/**
* Sample code: Create a default admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createADefaultAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule",
new DefaultAdminRule().withFlag("AllowVnetInbound"), com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_default_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleDefaultAdminRule",
admin_rule={"kind": "Default", "properties": {"flag": "AllowVnetInbound"}},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createADefaultAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule", &armnetwork.DefaultAdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
Properties: &armnetwork.DefaultAdminPropertiesFormat{
Flag: to.Ptr("AllowVnetInbound"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.DefaultAdminRule{
// Name: to.Ptr("SampleDefaultAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.DefaultAdminPropertiesFormat{
// Description: to.Ptr("This is Sample Default Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Flag: to.Ptr("AllowVnetInbound"),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
*/
async function createADefaultAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleDefaultAdminRule";
const adminRule = {
flag: "AllowVnetInbound",
kind: "Default",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleDefaultAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkDefaultAdminRule()
{
Flag = "AllowVnetInbound",
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Create an admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule?api-version=2023-09-01
{
"kind": "Custom",
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound"
}
}
import com.azure.resourcemanager.network.models.AddressPrefixItem;
import com.azure.resourcemanager.network.models.AddressPrefixType;
import com.azure.resourcemanager.network.models.AdminRule;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleAccess;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleDirection;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleProtocol;
import java.util.Arrays;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.
* json
*/
/**
* Sample code: Create an admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createAnAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule",
new AdminRule().withDescription("This is Sample Admin Rule")
.withProtocol(SecurityConfigurationRuleProtocol.TCP)
.withSources(Arrays.asList(new AddressPrefixItem().withAddressPrefix("Internet")
.withAddressPrefixType(AddressPrefixType.SERVICE_TAG)))
.withDestinations(Arrays.asList(
new AddressPrefixItem().withAddressPrefix("*").withAddressPrefixType(AddressPrefixType.IPPREFIX)))
.withSourcePortRanges(Arrays.asList("0-65535")).withDestinationPortRanges(Arrays.asList("22"))
.withAccess(SecurityConfigurationRuleAccess.DENY).withPriority(1)
.withDirection(SecurityConfigurationRuleDirection.INBOUND),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleAdminRule",
admin_rule={
"kind": "Custom",
"properties": {
"access": "Deny",
"description": "This is Sample Admin Rule",
"destinationPortRanges": ["22"],
"destinations": [{"addressPrefix": "*", "addressPrefixType": "IPPrefix"}],
"direction": "Inbound",
"priority": 1,
"protocol": "Tcp",
"sourcePortRanges": ["0-65535"],
"sources": [{"addressPrefix": "Internet", "addressPrefixType": "ServiceTag"}],
},
},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createAnAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule", &armnetwork.AdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
Properties: &armnetwork.AdminPropertiesFormat{
Description: to.Ptr("This is Sample Admin Rule"),
Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
DestinationPortRanges: []*string{
to.Ptr("22")},
Destinations: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("*"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
}},
Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
Priority: to.Ptr[int32](1),
SourcePortRanges: []*string{
to.Ptr("0-65535")},
Sources: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("Internet"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
}},
Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.AdminRule{
// Name: to.Ptr("SampleAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.AdminPropertiesFormat{
// Description: to.Ptr("This is Sample Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
*/
async function createAnAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleAdminRule";
const adminRule = {
description: "This is Sample Admin Rule",
access: "Deny",
destinationPortRanges: ["22"],
destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }],
direction: "Inbound",
kind: "Custom",
priority: 1,
sourcePortRanges: ["0-65535"],
sources: [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }],
protocol: "Tcp",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkAdminRule()
{
Description = "This is Sample Admin Rule",
Protocol = SecurityConfigurationRuleProtocol.Tcp,
Sources =
{
new AddressPrefixItem()
{
AddressPrefix = "Internet",
AddressPrefixType = AddressPrefixType.ServiceTag,
}
},
Destinations =
{
new AddressPrefixItem()
{
AddressPrefix = "*",
AddressPrefixType = AddressPrefixType.IPPrefix,
}
},
SourcePortRanges =
{
"0-65535"
},
DestinationPortRanges =
{
"22"
},
Access = SecurityConfigurationRuleAccess.Deny,
Priority = 1,
Direction = SecurityConfigurationRuleDirection.Inbound,
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Definições
AddressPrefixItem
Item de prefixo de endereço.
Nome |
Tipo |
Description |
addressPrefix
|
string
|
Prefixo de endereço.
|
addressPrefixType
|
AddressPrefixType
|
Tipo de prefixo de endereço.
|
AddressPrefixType
Tipo de prefixo de endereço.
Nome |
Tipo |
Description |
IPPrefix
|
string
|
|
ServiceTag
|
string
|
|
AdminRule
Regra de administrador de rede.
Nome |
Tipo |
Description |
etag
|
string
|
Uma cadeia de caracteres somente leitura exclusiva que é alterada sempre que o recurso é atualizado.
|
id
|
string
|
ID do recurso.
|
kind
|
string:
Custom
|
Se a regra é personalizada ou padrão.
|
name
|
string
|
Nome do recurso.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Indica o acesso permitido para essa regra específica
|
properties.description
|
string
|
Uma descrição dessa regra. Restrito a 140 caracteres.
|
properties.destinationPortRanges
|
string[]
|
Os intervalos de portas de destino.
|
properties.destinations
|
AddressPrefixItem[]
|
Os prefixos de endereço de destino. Intervalos de IP de destino ou CIDR.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Indica se o tráfego correspondeu à regra na entrada ou saída.
|
properties.priority
|
integer
|
A prioridade da regra. O valor pode estar entre 1 e 4096. O número da prioridade deve ser exclusivo para cada regra na coleção. Quanto menor o número da prioridade, maior será a prioridade da regra.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
O protocolo de rede a que essa regra se aplica.
|
properties.provisioningState
|
ProvisioningState
|
O estado de provisionamento do recurso.
|
properties.resourceGuid
|
string
|
Identificador exclusivo para esse recurso.
|
properties.sourcePortRanges
|
string[]
|
Os intervalos de porta de origem.
|
properties.sources
|
AddressPrefixItem[]
|
Os intervalos cidr ou ip de origem.
|
systemData
|
SystemData
|
Os metadados do sistema relacionados a esse recurso.
|
type
|
string
|
Tipo de recurso.
|
CloudError
Uma resposta de erro do serviço.
Nome |
Tipo |
Description |
error
|
CloudErrorBody
|
Corpo do erro de nuvem.
|
CloudErrorBody
Uma resposta de erro do serviço.
Nome |
Tipo |
Description |
code
|
string
|
Um identificador para o erro. Os códigos são invariáveis e devem ser consumidos programaticamente.
|
details
|
CloudErrorBody[]
|
Uma lista de detalhes adicionais sobre o erro.
|
message
|
string
|
Uma mensagem que descreve o erro, destinada a ser adequada para exibição em uma interface do usuário.
|
target
|
string
|
O destino do erro específico. Por exemplo, o nome da propriedade em erro.
|
createdByType
O tipo de identidade que criou o recurso.
Nome |
Tipo |
Description |
Application
|
string
|
|
Key
|
string
|
|
ManagedIdentity
|
string
|
|
User
|
string
|
|
DefaultAdminRule
Regra de administrador padrão de rede.
Nome |
Tipo |
Description |
etag
|
string
|
Uma cadeia de caracteres somente leitura exclusiva que é alterada sempre que o recurso é atualizado.
|
id
|
string
|
ID do recurso.
|
kind
|
string:
Default
|
Se a regra é personalizada ou padrão.
|
name
|
string
|
Nome do recurso.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Indica o acesso permitido para essa regra específica
|
properties.description
|
string
|
Uma descrição dessa regra. Restrito a 140 caracteres.
|
properties.destinationPortRanges
|
string[]
|
Os intervalos de portas de destino.
|
properties.destinations
|
AddressPrefixItem[]
|
Os prefixos de endereço de destino. Intervalos de IP de destino ou CIDR.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Indica se o tráfego correspondeu à regra na entrada ou saída.
|
properties.flag
|
string
|
Sinalizador de regra padrão.
|
properties.priority
|
integer
|
A prioridade da regra. O valor pode estar entre 1 e 4096. O número da prioridade deve ser exclusivo para cada regra na coleção. Quanto menor o número da prioridade, maior será a prioridade da regra.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
O protocolo de rede a que essa regra se aplica.
|
properties.provisioningState
|
ProvisioningState
|
O estado de provisionamento do recurso.
|
properties.resourceGuid
|
string
|
Identificador exclusivo para esse recurso.
|
properties.sourcePortRanges
|
string[]
|
Os intervalos de porta de origem.
|
properties.sources
|
AddressPrefixItem[]
|
Os intervalos cidr ou ip de origem.
|
systemData
|
SystemData
|
Os metadados do sistema relacionados a esse recurso.
|
type
|
string
|
Tipo de recurso.
|
ProvisioningState
O estado de provisionamento atual.
Nome |
Tipo |
Description |
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
Updating
|
string
|
|
SecurityConfigurationRuleAccess
Se o tráfego de rede é permitido ou negado.
Nome |
Tipo |
Description |
Allow
|
string
|
|
AlwaysAllow
|
string
|
|
Deny
|
string
|
|
SecurityConfigurationRuleDirection
A direção da regra. A direção especifica se a regra será avaliada no tráfego de entrada ou saída.
Nome |
Tipo |
Description |
Inbound
|
string
|
|
Outbound
|
string
|
|
SecurityConfigurationRuleProtocol
O protocolo de rede a que essa regra se aplica.
Nome |
Tipo |
Description |
Ah
|
string
|
|
Any
|
string
|
|
Esp
|
string
|
|
Icmp
|
string
|
|
Tcp
|
string
|
|
Udp
|
string
|
|
SystemData
Metadados relativos à criação e à última modificação do recurso.
Nome |
Tipo |
Description |
createdAt
|
string
|
O carimbo de data/hora da criação de recursos (UTC).
|
createdBy
|
string
|
A identidade que criou o recurso.
|
createdByType
|
createdByType
|
O tipo de identidade que criou o recurso.
|
lastModifiedAt
|
string
|
O tipo de identidade que modificou o recurso pela última vez.
|
lastModifiedBy
|
string
|
A identidade que modificou o recurso pela última vez.
|
lastModifiedByType
|
createdByType
|
O tipo de identidade que modificou o recurso pela última vez.
|