Bir yönetici kuralı oluşturur veya güncelleştirir.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityAdminConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}?api-version=2023-09-01
URI Parametreleri
Name |
İçinde |
Gerekli |
Tür |
Description |
configurationName
|
path |
True
|
string
|
Ağ yöneticisi Güvenlik Yapılandırması'nın adı.
|
networkManagerName
|
path |
True
|
string
|
Ağ yöneticisinin adı.
|
resourceGroupName
|
path |
True
|
string
|
Kaynak grubunun adı.
|
ruleCollectionName
|
path |
True
|
string
|
Ağ yöneticisi güvenlik Yapılandırma kuralı koleksiyonunun adı.
|
ruleName
|
path |
True
|
string
|
Kuralın adı.
|
subscriptionId
|
path |
True
|
string
|
Microsoft Azure aboneliğini benzersiz olarak tanımlayan abonelik kimlik bilgileri. Abonelik kimliği, her hizmet çağrısı için URI'nin bir parçasını oluşturur.
|
api-version
|
query |
True
|
string
|
İstemci API sürümü.
|
İstek Gövdesi
İstek gövdesi şunlardan biri olabilir:
AdminRule
Ağ yöneticisi kuralı.
Name |
Gerekli |
Tür |
Description |
kind
|
True
|
string:
Custom
|
Kuralın özel mi yoksa varsayılan mı olduğu.
|
properties.access
|
True
|
SecurityConfigurationRuleAccess
|
Bu özel kural için izin verilen erişimi gösterir
|
properties.direction
|
True
|
SecurityConfigurationRuleDirection
|
Trafiğin gelen veya giden kuralla eşleşip eşleşmediğini gösterir.
|
properties.priority
|
True
|
integer
|
Kuralın önceliği. Değer 1 ile 4096 arasında olabilir. Öncelik numarası koleksiyondaki her kural için benzersiz olmalıdır. Öncelik sayısı ne kadar düşük olursa kuralın önceliği de o kadar yüksektir.
|
properties.protocol
|
True
|
SecurityConfigurationRuleProtocol
|
Bu kuralın geçerli olduğu ağ protokolü.
|
properties.description
|
|
string
|
Bu kural için bir açıklama. 140 karakterle sınırlıdır.
|
properties.destinationPortRanges
|
|
string[]
|
Hedef bağlantı noktası aralıkları.
|
properties.destinations
|
|
AddressPrefixItem[]
|
Hedef adres ön ekleri. CIDR veya hedef IP aralıkları.
|
properties.sourcePortRanges
|
|
string[]
|
Kaynak bağlantı noktası aralıkları.
|
properties.sources
|
|
AddressPrefixItem[]
|
CIDR veya kaynak IP aralıkları.
|
DefaultAdminRule
Ağ varsayılan yönetici kuralı.
Name |
Gerekli |
Tür |
Description |
kind
|
True
|
string:
Default
|
Kuralın özel mi yoksa varsayılan mı olduğu.
|
properties.flag
|
|
string
|
Varsayılan kural bayrağı.
|
Yanıtlar
Name |
Tür |
Description |
200 OK
|
BaseAdminRule:
|
Kural güncelleştirildi
|
201 Created
|
BaseAdminRule:
|
Kural oluşturuldu
|
Other Status Codes
|
CloudError
|
İşlemin neden başarısız olduğunu açıklayan hata yanıtı.
|
Güvenlik
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
kullanıcı hesabınızın kimliğine bürünme
|
Örnekler
Create a default admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule?api-version=2023-09-01
{
"kind": "Default",
"properties": {
"flag": "AllowVnetInbound"
}
}
import com.azure.resourcemanager.network.models.DefaultAdminRule;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/
* NetworkManagerDefaultAdminRulePut.json
*/
/**
* Sample code: Create a default admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createADefaultAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule",
new DefaultAdminRule().withFlag("AllowVnetInbound"), com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_default_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleDefaultAdminRule",
admin_rule={"kind": "Default", "properties": {"flag": "AllowVnetInbound"}},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createADefaultAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleDefaultAdminRule", &armnetwork.DefaultAdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
Properties: &armnetwork.DefaultAdminPropertiesFormat{
Flag: to.Ptr("AllowVnetInbound"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.DefaultAdminRule{
// Name: to.Ptr("SampleDefaultAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindDefault),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.DefaultAdminPropertiesFormat{
// Description: to.Ptr("This is Sample Default Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Flag: to.Ptr("AllowVnetInbound"),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
*/
async function createADefaultAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleDefaultAdminRule";
const adminRule = {
flag: "AllowVnetInbound",
kind: "Default",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerDefaultAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleDefaultAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkDefaultAdminRule()
{
Flag = "AllowVnetInbound",
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleDefaultAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleDefaultAdminRule",
"kind": "Default",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"flag": "AllowVnetInbound",
"description": "This is Sample Default Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Create an admin rule
Sample Request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule?api-version=2023-09-01
{
"kind": "Custom",
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound"
}
}
import com.azure.resourcemanager.network.models.AddressPrefixItem;
import com.azure.resourcemanager.network.models.AddressPrefixType;
import com.azure.resourcemanager.network.models.AdminRule;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleAccess;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleDirection;
import com.azure.resourcemanager.network.models.SecurityConfigurationRuleProtocol;
import java.util.Arrays;
/**
* Samples for AdminRules CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.
* json
*/
/**
* Sample code: Create an admin rule.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createAnAdminRule(com.azure.resourcemanager.AzureResourceManager azure) {
azure.networks().manager().serviceClient().getAdminRules().createOrUpdateWithResponse("rg1",
"testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule",
new AdminRule().withDescription("This is Sample Admin Rule")
.withProtocol(SecurityConfigurationRuleProtocol.TCP)
.withSources(Arrays.asList(new AddressPrefixItem().withAddressPrefix("Internet")
.withAddressPrefixType(AddressPrefixType.SERVICE_TAG)))
.withDestinations(Arrays.asList(
new AddressPrefixItem().withAddressPrefix("*").withAddressPrefixType(AddressPrefixType.IPPREFIX)))
.withSourcePortRanges(Arrays.asList("0-65535")).withDestinationPortRanges(Arrays.asList("22"))
.withAccess(SecurityConfigurationRuleAccess.DENY).withPriority(1)
.withDirection(SecurityConfigurationRuleDirection.INBOUND),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-network
# USAGE
python network_manager_admin_rule_put.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = NetworkManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.admin_rules.create_or_update(
resource_group_name="rg1",
network_manager_name="testNetworkManager",
configuration_name="myTestSecurityConfig",
rule_collection_name="testRuleCollection",
rule_name="SampleAdminRule",
admin_rule={
"kind": "Custom",
"properties": {
"access": "Deny",
"description": "This is Sample Admin Rule",
"destinationPortRanges": ["22"],
"destinations": [{"addressPrefix": "*", "addressPrefixType": "IPPrefix"}],
"direction": "Inbound",
"priority": 1,
"protocol": "Tcp",
"sourcePortRanges": ["0-65535"],
"sources": [{"addressPrefix": "Internet", "addressPrefixType": "ServiceTag"}],
},
},
)
print(response)
# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armnetwork_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
func ExampleAdminRulesClient_CreateOrUpdate_createAnAdminRule() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAdminRulesClient().CreateOrUpdate(ctx, "rg1", "testNetworkManager", "myTestSecurityConfig", "testRuleCollection", "SampleAdminRule", &armnetwork.AdminRule{
Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
Properties: &armnetwork.AdminPropertiesFormat{
Description: to.Ptr("This is Sample Admin Rule"),
Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
DestinationPortRanges: []*string{
to.Ptr("22")},
Destinations: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("*"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
}},
Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
Priority: to.Ptr[int32](1),
SourcePortRanges: []*string{
to.Ptr("0-65535")},
Sources: []*armnetwork.AddressPrefixItem{
{
AddressPrefix: to.Ptr("Internet"),
AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
}},
Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armnetwork.AdminRulesClientCreateOrUpdateResponse{
// BaseAdminRuleClassification: &armnetwork.AdminRule{
// Name: to.Ptr("SampleAdminRule"),
// Type: to.Ptr("Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule"),
// Kind: to.Ptr(armnetwork.AdminRuleKindCustom),
// SystemData: &armnetwork.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// CreatedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-11T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef5"),
// LastModifiedByType: to.Ptr(armnetwork.CreatedByTypeUser),
// },
// Properties: &armnetwork.AdminPropertiesFormat{
// Description: to.Ptr("This is Sample Admin Rule"),
// Access: to.Ptr(armnetwork.SecurityConfigurationRuleAccessDeny),
// DestinationPortRanges: []*string{
// to.Ptr("22")},
// Destinations: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("*"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeIPPrefix),
// }},
// Direction: to.Ptr(armnetwork.SecurityConfigurationRuleDirectionInbound),
// Priority: to.Ptr[int32](1),
// ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
// ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
// SourcePortRanges: []*string{
// to.Ptr("0-65535")},
// Sources: []*armnetwork.AddressPrefixItem{
// {
// AddressPrefix: to.Ptr("Internet"),
// AddressPrefixType: to.Ptr(armnetwork.AddressPrefixTypeServiceTag),
// }},
// Protocol: to.Ptr(armnetwork.SecurityConfigurationRuleProtocolTCP),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an admin rule.
*
* @summary Creates or updates an admin rule.
* x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
*/
async function createAnAdminRule() {
const subscriptionId =
process.env["NETWORK_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
const networkManagerName = "testNetworkManager";
const configurationName = "myTestSecurityConfig";
const ruleCollectionName = "testRuleCollection";
const ruleName = "SampleAdminRule";
const adminRule = {
description: "This is Sample Admin Rule",
access: "Deny",
destinationPortRanges: ["22"],
destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }],
direction: "Inbound",
kind: "Custom",
priority: 1,
sourcePortRanges: ["0-65535"],
sources: [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }],
protocol: "Tcp",
};
const credential = new DefaultAzureCredential();
const client = new NetworkManagementClient(credential, subscriptionId);
const result = await client.adminRules.createOrUpdate(
resourceGroupName,
networkManagerName,
configurationName,
ruleCollectionName,
ruleName,
adminRule,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkManagerAdminRulePut.json
// this example is just showing the usage of "AdminRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this BaseAdminRuleResource created on azure
// for more information of creating BaseAdminRuleResource, please refer to the document of BaseAdminRuleResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string networkManagerName = "testNetworkManager";
string configurationName = "myTestSecurityConfig";
string ruleCollectionName = "testRuleCollection";
string ruleName = "SampleAdminRule";
ResourceIdentifier baseAdminRuleResourceId = BaseAdminRuleResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkManagerName, configurationName, ruleCollectionName, ruleName);
BaseAdminRuleResource baseAdminRule = client.GetBaseAdminRuleResource(baseAdminRuleResourceId);
// invoke the operation
BaseAdminRuleData data = new NetworkAdminRule()
{
Description = "This is Sample Admin Rule",
Protocol = SecurityConfigurationRuleProtocol.Tcp,
Sources =
{
new AddressPrefixItem()
{
AddressPrefix = "Internet",
AddressPrefixType = AddressPrefixType.ServiceTag,
}
},
Destinations =
{
new AddressPrefixItem()
{
AddressPrefix = "*",
AddressPrefixType = AddressPrefixType.IPPrefix,
}
},
SourcePortRanges =
{
"0-65535"
},
DestinationPortRanges =
{
"22"
},
Access = SecurityConfigurationRuleAccess.Deny,
Priority = 1,
Direction = SecurityConfigurationRuleDirection.Inbound,
};
ArmOperation<BaseAdminRuleResource> lro = await baseAdminRule.UpdateAsync(WaitUntil.Completed, data);
BaseAdminRuleResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
BaseAdminRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/testRuleCollection/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/securityAdminConfigurations/myTestSecurityConfig/ruleCollections/rules/SampleAdminRule",
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
"name": "SampleAdminRule",
"kind": "Custom",
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"createdByType": "User",
"createdAt": "2021-01-11T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef5",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-11T18:52:27Z"
},
"properties": {
"description": "This is Sample Admin Rule",
"protocol": "Tcp",
"sources": [
{
"addressPrefixType": "ServiceTag",
"addressPrefix": "Internet"
}
],
"destinations": [
{
"addressPrefixType": "IPPrefix",
"addressPrefix": "*"
}
],
"sourcePortRanges": [
"0-65535"
],
"destinationPortRanges": [
"22"
],
"access": "Deny",
"priority": 1,
"direction": "Inbound",
"provisioningState": "Succeeded",
"resourceGuid": "00000000-0000-0000-0000-000000000000"
}
}
Tanımlar
AddressPrefixItem
Adres ön eki öğesi.
Name |
Tür |
Description |
addressPrefix
|
string
|
Adres ön eki.
|
addressPrefixType
|
AddressPrefixType
|
Adres ön eki türü.
|
AddressPrefixType
Adres ön eki türü.
Name |
Tür |
Description |
IPPrefix
|
string
|
|
ServiceTag
|
string
|
|
AdminRule
Ağ yöneticisi kuralı.
Name |
Tür |
Description |
etag
|
string
|
Kaynak her güncelleştirildiğinde değişen benzersiz bir salt okunur dize.
|
id
|
string
|
Kaynak Kimliği.
|
kind
|
string:
Custom
|
Kuralın özel mi yoksa varsayılan mı olduğu.
|
name
|
string
|
Kaynak adı.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Bu özel kural için izin verilen erişimi gösterir
|
properties.description
|
string
|
Bu kural için bir açıklama. 140 karakterle sınırlıdır.
|
properties.destinationPortRanges
|
string[]
|
Hedef bağlantı noktası aralıkları.
|
properties.destinations
|
AddressPrefixItem[]
|
Hedef adres ön ekleri. CIDR veya hedef IP aralıkları.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Trafiğin gelen veya giden kuralla eşleşip eşleşmediğini gösterir.
|
properties.priority
|
integer
|
Kuralın önceliği. Değer 1 ile 4096 arasında olabilir. Öncelik numarası koleksiyondaki her kural için benzersiz olmalıdır. Öncelik sayısı ne kadar düşük olursa kuralın önceliği de o kadar yüksektir.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Bu kuralın geçerli olduğu ağ protokolü.
|
properties.provisioningState
|
ProvisioningState
|
Kaynağın sağlama durumu.
|
properties.resourceGuid
|
string
|
Bu kaynağın benzersiz tanımlayıcısı.
|
properties.sourcePortRanges
|
string[]
|
Kaynak bağlantı noktası aralıkları.
|
properties.sources
|
AddressPrefixItem[]
|
CIDR veya kaynak IP aralıkları.
|
systemData
|
SystemData
|
Bu kaynakla ilgili sistem meta verileri.
|
type
|
string
|
Kaynak türü.
|
CloudError
Hizmetten bir hata yanıtı.
CloudErrorBody
Hizmetten bir hata yanıtı.
Name |
Tür |
Description |
code
|
string
|
Hatanın tanımlayıcısı. Kodlar sabittir ve program aracılığıyla kullanılması amaçlanmıştır.
|
details
|
CloudErrorBody[]
|
Hatayla ilgili ek ayrıntıların listesi.
|
message
|
string
|
Hatayı açıklayan ve kullanıcı arabiriminde görüntülenmeye uygun olması amaçlanan bir ileti.
|
target
|
string
|
Belirli bir hatanın hedefi. Örneğin, özelliğin adı hatalı.
|
createdByType
Kaynağı oluşturan kimliğin türü.
Name |
Tür |
Description |
Application
|
string
|
|
Key
|
string
|
|
ManagedIdentity
|
string
|
|
User
|
string
|
|
DefaultAdminRule
Ağ varsayılan yönetici kuralı.
Name |
Tür |
Description |
etag
|
string
|
Kaynak her güncelleştirildiğinde değişen benzersiz bir salt okunur dize.
|
id
|
string
|
Kaynak Kimliği.
|
kind
|
string:
Default
|
Kuralın özel mi yoksa varsayılan mı olduğu.
|
name
|
string
|
Kaynak adı.
|
properties.access
|
SecurityConfigurationRuleAccess
|
Bu özel kural için izin verilen erişimi gösterir
|
properties.description
|
string
|
Bu kural için bir açıklama. 140 karakterle sınırlıdır.
|
properties.destinationPortRanges
|
string[]
|
Hedef bağlantı noktası aralıkları.
|
properties.destinations
|
AddressPrefixItem[]
|
Hedef adres ön ekleri. CIDR veya hedef IP aralıkları.
|
properties.direction
|
SecurityConfigurationRuleDirection
|
Trafiğin gelen veya giden kuralla eşleşip eşleşmediğini gösterir.
|
properties.flag
|
string
|
Varsayılan kural bayrağı.
|
properties.priority
|
integer
|
Kuralın önceliği. Değer 1 ile 4096 arasında olabilir. Öncelik numarası koleksiyondaki her kural için benzersiz olmalıdır. Öncelik sayısı ne kadar düşük olursa kuralın önceliği de o kadar yüksektir.
|
properties.protocol
|
SecurityConfigurationRuleProtocol
|
Bu kuralın geçerli olduğu ağ protokolü.
|
properties.provisioningState
|
ProvisioningState
|
Kaynağın sağlama durumu.
|
properties.resourceGuid
|
string
|
Bu kaynağın benzersiz tanımlayıcısı.
|
properties.sourcePortRanges
|
string[]
|
Kaynak bağlantı noktası aralıkları.
|
properties.sources
|
AddressPrefixItem[]
|
CIDR veya kaynak IP aralıkları.
|
systemData
|
SystemData
|
Bu kaynakla ilgili sistem meta verileri.
|
type
|
string
|
Kaynak türü.
|
ProvisioningState
Geçerli sağlama durumu.
Name |
Tür |
Description |
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
Updating
|
string
|
|
SecurityConfigurationRuleAccess
Ağ trafiğine izin verilip verilmeyeceği.
Name |
Tür |
Description |
Allow
|
string
|
|
AlwaysAllow
|
string
|
|
Deny
|
string
|
|
SecurityConfigurationRuleDirection
Kuralın yönü. yönü, kuralın gelen veya giden trafikte değerlendirilip değerlendirilmeyeceğini belirtir.
Name |
Tür |
Description |
Inbound
|
string
|
|
Outbound
|
string
|
|
SecurityConfigurationRuleProtocol
Bu kuralın geçerli olduğu ağ protokolü.
Name |
Tür |
Description |
Ah
|
string
|
|
Any
|
string
|
|
Esp
|
string
|
|
Icmp
|
string
|
|
Tcp
|
string
|
|
Udp
|
string
|
|
SystemData
Kaynağın oluşturulması ve son değiştirilmesiyle ilgili meta veriler.
Name |
Tür |
Description |
createdAt
|
string
|
Kaynak oluşturma (UTC) zaman damgası.
|
createdBy
|
string
|
Kaynağı oluşturan kimlik.
|
createdByType
|
createdByType
|
Kaynağı oluşturan kimliğin türü.
|
lastModifiedAt
|
string
|
Kaynağı en son değiştiren kimliğin türü.
|
lastModifiedBy
|
string
|
Kaynağı en son değiştiren kimlik.
|
lastModifiedByType
|
createdByType
|
Kaynağı en son değiştiren kimliğin türü.
|