Add-AzServiceFabricManagedClusterNetworkSecurityRule
將網路安全性規則新增至叢集資源。
Syntax
Add-AzServiceFabricManagedClusterNetworkSecurityRule
[-InputObject] <PSManagedCluster>
-Access <NetworkSecurityAccess>
[-Description <String>]
-DestinationAddressPrefix <String[]>
-DestinationPortRange <String[]>
-Direction <NetworkSecurityDirection>
-Name <String>
-Priority <Int32>
-Protocol <NetworkSecurityProtocol>
-SourceAddressPrefix <String[]>
-SourcePortRange <String[]>
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Add-AzServiceFabricManagedClusterNetworkSecurityRule
[-ResourceGroupName] <String>
[-ClusterName] <String>
-Access <NetworkSecurityAccess>
[-Description <String>]
-DestinationAddressPrefix <String[]>
-DestinationPortRange <String[]>
-Direction <NetworkSecurityDirection>
-Name <String>
-Priority <Int32>
-Protocol <NetworkSecurityProtocol>
-SourceAddressPrefix <String[]>
-SourcePortRange <String[]>
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
將網路安全性規則新增至叢集資源。 這會新增具有指定屬性的網路安全性規則
範例
範例 1
$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule1"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"
$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
-Name $NSRName -Access Allow -Direction Outbound -Protocol tcp -Priority 1200 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose此命令會新增具有上述屬性的網路安全性規則。
範例 2
$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule2"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"
$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
-Name $NSRName -Access Deny -Direction Outbound -Protocol udp -Priority 1300 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose類似於具有不同屬性的Example1。
範例 3
$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule3"
$description = "test network security rule"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"
$cluster = $clusterFromGet | Add-AzServiceFabricManagedClusterNetworkSecurityRule `
-Name $NSRName -Access Allow -Description $description -Direction Outbound -Protocol tcp -Priority 1400 -SourcePortRange $sourcePortRanges -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose此命令會使用叢集物件搭配管線來新增網路安全性規則。
參數
-Access
取得或設定允許或拒絕網路流量。 可能的值包括:允許、拒絕
| Type: | NetworkSecurityAccess |
| Accepted values: | Allow, Deny |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AsJob
在背景執行 Cmdlet,並傳回作業以追蹤進度
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ClusterName
指定叢集的名稱。
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
執行 Cmdlet 之前先提示您確認。
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
用於與 Azure 通訊的認證、帳戶、租用戶和訂用帳戶。
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
取得或設定網路安全性規則描述
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationAddressPrefix
取得或設定目的地位址前置詞。 CIDR 或目的地IP範圍
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DestinationPortRange
取得或設定目的地埠範圍
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Direction
取得或設定網路安全性規則方向。 可能的值包括:輸入、輸出
| Type: | NetworkSecurityDirection |
| Accepted values: | Inbound, Outbound |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
受控叢集資源
| Type: | PSManagedCluster |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
網路安全性規則名稱
| Type: | String |
| Aliases: | NetworkSecurityRuleName |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Priority
取得或設定規則的優先順序。 此值的範圍可以是 1000 到 3000。 超出此範圍的值會保留給 Service Fabric ManagerCluster 資源提供者。 集合中每個規則的優先順序號碼必須是唯一的。 優先順序數位越低,規則的優先順序越高
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Protocol
取得或設定套用此規則的網路通訊協定。 可能的值包括:HTTP、https、tcp、udp、icmp、ah、esp、any
| Type: | NetworkSecurityProtocol |
| Accepted values: | https, http, udp, tcp, esp, icmp, ah, any |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
指定資源群組的名稱。
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SourceAddressPrefix
取得或設定 CIDR 或來源 IP 範圍
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SourcePortRange
在背景執行 Cmdlet,並傳回作業以追蹤進度
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
顯示執行 Cmdlet 後會發生的情況。 未執行 Cmdlet。
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |