Skapar eller uppdaterar en administratörsregel.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityAdminConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}?api-version=2023-09-01
URI-parametrar
Name |
I |
Obligatorisk |
Typ |
Description |
configurationName
|
path |
True
|
string
|
Namnet på nätverkshanterarens säkerhetskonfiguration.
|
networkManagerName
|
path |
True
|
string
|
Namnet på nätverkshanteraren.
|
resourceGroupName
|
path |
True
|
string
|
Namnet på resursgruppen.
|
ruleCollectionName
|
path |
True
|
string
|
Namnet på nätverkshanterarens säkerhetskonfigurationsregelsamling.
|
ruleName
|
path |
True
|
string
|
Namnet på regeln.
|
subscriptionId
|
path |
True
|
string
|
Autentiseringsuppgifterna för prenumerationen som unikt identifierar Microsoft Azure-prenumerationen. Prenumerations-ID:t utgör en del av URI:n för varje tjänstanrop.
|
api-version
|
query |
True
|
string
|
Klient-API-version.
|
Begärandetext
Brödtexten i begäran kan vara något av följande:
AdminRule
Nätverksadministratörsregel.
Name |
Obligatorisk |
Typ |
Description |
kind
|
True
|
string:
Custom
|
Om regeln är anpassad eller standard.
|
properties.access
|
True
|
SecurityConfigurationRuleAccess
|
Anger vilken åtkomst som tillåts för den här regeln
|
properties.direction
|
True
|
SecurityConfigurationRuleDirection
|
Anger om trafiken matchade mot regeln i inkommande eller utgående trafik.
|
properties.priority
|
True
|
integer
|
Regelns prioritet. Värdet kan vara mellan 1 och 4096. Prioritetsnumret måste vara unikt för varje regel i samlingen. Desto lägre prioritetsnummer, desto högre prioritet för regeln.
|
properties.protocol
|
True
|
SecurityConfigurationRuleProtocol
|
Nätverksprotokoll som den här regeln gäller för.
|
properties.description
|
|
string
|
En beskrivning av den här regeln. Begränsad till 140 tecken.
|
properties.destinationPortRanges
|
|
string[]
|
Målportintervallen.
|
properties.destinations
|
|
AddressPrefixItem[]
|
Måladressprefixen. CIDR- eller mål-IP-intervall.
|
properties.sourcePortRanges
|
|
string[]
|
Källportintervallen.
|
properties.sources
|
|
AddressPrefixItem[]
|
CIDR- eller käll-IP-intervallen.
|
DefaultAdminRule
Nätverksstandardadministratörsregel.
Name |
Obligatorisk |
Typ |
Description |
kind
|
True
|
string:
Default
|
Om regeln är anpassad eller standard.
|
properties.flag
|
|
string
|
Standardregelflagga.
|
Svar
Name |
Typ |
Description |
200 OK
|
BaseAdminRule:
|
Uppdaterad regel
|
201 Created
|
BaseAdminRule:
|
Skapad regel
|
Other Status Codes
|
CloudError
|
Felsvar som beskriver varför åtgärden misslyckades.
|
Säkerhet
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
personifiera ditt användarkonto
|
Exempel
Create a default admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule?api-version=2023-09-01
{
"kind": "Default",
"properties": {
"flag": "AllowVnetInbound"
}
}
import com.azure.resourcemanager.network.models.DefaultAdminRule;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/
* NetworkManagerDefaultAdminRulePut.json
*/
/**
* Sample code: Create a default admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createADefaultAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule",
new DefaultAdminRule().withFlag("AllowVnetInbound"), com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_default_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleDefaultAdminRule",
admin_rule={"kind": "Default", "properties": {"flag": "AllowVnetInbound"}},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createADefaultAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule", &armnetwork.DefaultAdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
Properties: &armnetwork.DefaultAdminPropertiesFormat{
Flag: to.Ptr("AllowVnetInbound"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.DefaultAdminRule{
// Name: to.Ptr("SampleDefaultAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.DefaultAdminPropertiesFormat{
// Description: to.Ptr("This is Sample Default Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Flag: to.Ptr("AllowVnetInbound"),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
*/
async function createADefaultAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleDefaultAdminRule";
const adminRule = {
flag: "AllowVnetInbound",
kind: "Default",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleDefaultAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkDefaultAdminRule()
{
Flag = "AllowVnetInbound",
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Create an admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule?api-version=2023-09-01
{
"kind": "Custom",
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound"
}
}
import com.azure.resourcemanager.network.models.AddressPrefixItem;
import com.azure.resourcemanager.network.models.AddressPrefixType;
import com.azure.resourcemanager.network.models.AdminRule;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleAccess;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleDirection;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleProtocol;
import java.util.Arrays;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.
* json
*/
/**
* Sample code: Create an admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createAnAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule",
new AdminRule().withDescription("This is Sample Admin Rule")
.withProtocol(SecurityConfigurationRuleProtocol.TCP)
.withSources(Arrays.asList(new AddressPrefixItem().withAddressPrefix("Internet")
.withAddressPrefixType(AddressPrefixType.SERVICE_TAG)))
.withDestinations(Arrays.asList(
new AddressPrefixItem().withAddressPrefix("*").withAddressPrefixType(AddressPrefixType.IPPREFIX)))
.withSourcePortRanges(Arrays.asList("0-65535")).withDestinationPortRanges(Arrays.asList("22"))
.withAccess(SecurityConfigurationRuleAccess.DENY).withPriority(1)
.withDirection(SecurityConfigurationRuleDirection.INBOUND),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleAdminRule",
admin_rule={
"kind": "Custom",
"properties": {
"access": "Deny",
"description": "This is Sample Admin Rule",
"destinationPortRanges": ["22"],
"destinations": [{"addressPrefix": "*", "addressPrefixType": "IPPrefix"}],
"direction": "Inbound",
"priority": 1,
"protocol": "Tcp",
"sourcePortRanges": ["0-65535"],
"sources": [{"addressPrefix": "Internet", "addressPrefixType": "ServiceTag"}],
},
},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createAnAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule", &armnetwork.AdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
Properties: &armnetwork.AdminPropertiesFormat{
Description: to.Ptr("This is Sample Admin Rule"),
Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
DestinationPortRanges: []*string{
to.Ptr("22")},
Destinations: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("*"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
}},
Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
Priority: to.Ptr[int32](1),
SourcePortRanges: []*string{
to.Ptr("0-65535")},
Sources: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("Internet"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
}},
Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.AdminRule{
// Name: to.Ptr("SampleAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.AdminPropertiesFormat{
// Description: to.Ptr("This is Sample Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
*/
async function createAnAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleAdminRule";
const adminRule = {
description: "This is Sample Admin Rule",
access: "Deny",
destinationPortRanges: ["22"],
destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }],
direction: "Inbound",
kind: "Custom",
priority: 1,
sourcePortRanges: ["0-65535"],
sources: [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }],
protocol: "Tcp",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkAdminRule()
{
Description = "This is Sample Admin Rule",
Protocol = SecurityConfigurationRuleProtocol.Tcp,
Sources =
{
new AddressPrefixItem()
{
AddressPrefix = "Internet",
AddressPrefixType = AddressPrefixType.ServiceTag,
}
},
Destinations =
{
new AddressPrefixItem()
{
AddressPrefix = "*",
AddressPrefixType = AddressPrefixType.IPPrefix,
}
},
SourcePortRanges =
{
"0-65535"
},
DestinationPortRanges =
{
"22"
},
Access = SecurityConfigurationRuleAccess.Deny,
Priority = 1,
Direction = SecurityConfigurationRuleDirection.Inbound,
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Definitioner
AddressPrefixItem
Adressprefixobjekt.
Name |
Typ |
Description |
addressPrefix
|
string
|
Adressprefix.
|
addressPrefixType
|
AddressPrefixType
|
Adressprefixtyp.
|
AddressPrefixType
Adressprefixtyp.
Name |
Typ |
Description |
IPPrefix
|
string
|
|
ServiceTag
|
string
|
|
AdminRule
Nätverksadministratörsregel.
Name |
Typ |
Description |
etag
|
string
|
En unik skrivskyddad sträng som ändras när resursen uppdateras.
|
id
|
string
|
Resurs-ID.
|
kind
|
string:
Custom
|
Om regeln är anpassad eller standard.
|
name
|
string
|
Resursnamn.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Anger vilken åtkomst som tillåts för den här regeln
|
properties.description
|
string
|
En beskrivning av den här regeln. Begränsad till 140 tecken.
|
properties.destinationPortRanges
|
string[]
|
Målportintervallen.
|
properties.destinations
|
AddressPrefixItem[]
|
Måladressprefixen. CIDR- eller mål-IP-intervall.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Anger om trafiken matchade mot regeln i inkommande eller utgående trafik.
|
properties.priority
|
integer
|
Regelns prioritet. Värdet kan vara mellan 1 och 4096. Prioritetsnumret måste vara unikt för varje regel i samlingen. Desto lägre prioritetsnummer, desto högre prioritet för regeln.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Nätverksprotokoll som den här regeln gäller för.
|
properties.provisioningState
|
ProvisioningState
|
Resursens etableringstillstånd.
|
properties.resourceGuid
|
string
|
Unik identifierare för den här resursen.
|
properties.sourcePortRanges
|
string[]
|
Källportintervallen.
|
properties.sources
|
AddressPrefixItem[]
|
CIDR- eller käll-IP-intervallen.
|
systemData
|
SystemData
|
Systemmetadata som är relaterade till den här resursen.
|
type
|
string
|
Resurstyp.
|
CloudError
Ett felsvar från tjänsten.
CloudErrorBody
Ett felsvar från tjänsten.
Name |
Typ |
Description |
code
|
string
|
En identifierare för felet. Koder är invarianta och är avsedda att användas programmatiskt.
|
details
|
CloudErrorBody[]
|
En lista med ytterligare information om felet.
|
message
|
string
|
Ett meddelande som beskriver felet, avsett att vara lämpligt för visning i ett användargränssnitt.
|
target
|
string
|
Målet för det specifika felet. Till exempel namnet på egenskapen i fel.
|
createdByType
Den typ av identitet som skapade resursen.
Name |
Typ |
Description |
Application
|
string
|
|
Key
|
string
|
|
ManagedIdentity
|
string
|
|
User
|
string
|
|
DefaultAdminRule
Nätverksstandardadministratörsregel.
Name |
Typ |
Description |
etag
|
string
|
En unik skrivskyddad sträng som ändras när resursen uppdateras.
|
id
|
string
|
Resurs-ID.
|
kind
|
string:
Default
|
Om regeln är anpassad eller standard.
|
name
|
string
|
Resursnamn.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Anger vilken åtkomst som tillåts för den här regeln
|
properties.description
|
string
|
En beskrivning av den här regeln. Begränsad till 140 tecken.
|
properties.destinationPortRanges
|
string[]
|
Målportintervallen.
|
properties.destinations
|
AddressPrefixItem[]
|
Måladressprefixen. CIDR- eller mål-IP-intervall.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Anger om trafiken matchade mot regeln i inkommande eller utgående trafik.
|
properties.flag
|
string
|
Standardregelflagga.
|
properties.priority
|
integer
|
Regelns prioritet. Värdet kan vara mellan 1 och 4096. Prioritetsnumret måste vara unikt för varje regel i samlingen. Desto lägre prioritetsnummer, desto högre prioritet för regeln.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Nätverksprotokoll som den här regeln gäller för.
|
properties.provisioningState
|
ProvisioningState
|
Resursens etableringstillstånd.
|
properties.resourceGuid
|
string
|
Unik identifierare för den här resursen.
|
properties.sourcePortRanges
|
string[]
|
Källportintervallen.
|
properties.sources
|
AddressPrefixItem[]
|
CIDR- eller käll-IP-intervallen.
|
systemData
|
SystemData
|
Systemmetadata som är relaterade till den här resursen.
|
type
|
string
|
Resurstyp.
|
ProvisioningState
Det aktuella etableringstillståndet.
Name |
Typ |
Description |
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
Updating
|
string
|
|
SecurityConfigurationRuleAccess
Om nätverkstrafik tillåts eller nekas.
Name |
Typ |
Description |
Allow
|
string
|
|
AlwaysAllow
|
string
|
|
Deny
|
string
|
|
SecurityConfigurationRuleDirection
Riktningen för regeln. Riktningen anger om regeln ska utvärderas för inkommande eller utgående trafik.
Name |
Typ |
Description |
Inbound
|
string
|
|
Outbound
|
string
|
|
SecurityConfigurationRuleProtocol
Nätverksprotokoll som den här regeln gäller för.
Name |
Typ |
Description |
Ah
|
string
|
|
Any
|
string
|
|
Esp
|
string
|
|
Icmp
|
string
|
|
Tcp
|
string
|
|
Udp
|
string
|
|
SystemData
Metadata som rör skapande och senaste ändring av resursen.
Name |
Typ |
Description |
createdAt
|
string
|
Tidsstämpeln för resursskapande (UTC).
|
createdBy
|
string
|
Identiteten som skapade resursen.
|
createdByType
|
createdByType
|
Den typ av identitet som skapade resursen.
|
lastModifiedAt
|
string
|
Den typ av identitet som senast ändrade resursen.
|
lastModifiedBy
|
string
|
Identiteten som senast ändrade resursen.
|
lastModifiedByType
|
createdByType
|
Den typ av identitet som senast ändrade resursen.
|