Reputation: 1
Azure network security group/security rule - address_prefixes and port_ranges
By the definition of Azure python SDK for SecurityRule class:
SecurityRule(protocol, source_address_prefix, destination_address_prefix, access, direction, id=None, description=None, source_port_range=None, destination_port_range=None, source_address_prefixes=None, destination_address_prefixes=None, source_port_ranges=None, destination_port_ranges=None, priority=None, provisioning_state=None, name=None, etag=None)
With source_address_prefixes and destination_port_ranges, we should be able to configure a list of CIDRS or port_ranges, but I can not find a way to check if the configuration is in.
Both portal and "get" do not show the prefixes or ranges.
Upvotes: 0
Views: 1161
Answers (1)
Reputation: 3546
The two parameters you mentioned were added in 1.4.0 released yesterday, there is no sample yet on how to use them. However, you can achieve the same behavior with the former parameters:
async_security_rule = network_client.security_rules.create_or_update(
self.group_name,
security_group_name,
new_security_rule_name,
{
'access':azure.mgmt.network.models.SecurityRuleAccess.allow,
'description':'New Test security rule',
'destination_address_prefix':'*',
'destination_port_range':'123-3500',
'direction':azure.mgmt.network.models.SecurityRuleDirection.outbound,
'priority':400,
'protocol':azure.mgmt.network.models.SecurityRuleProtocol.tcp,
'source_address_prefix':'*',
'source_port_range':'655',
}
)
security_rule = async_security_rule.result()
security_rule = self.network_client.security_rules.get(
self.group_name,
security_group_name,
security_rule.name
)
self.assertEqual(security_rule.name, new_security_rule_name)
You just have to use a - joined syntax on destination_port_range. You can also test that using the CLI 2.0, that use this SDK and has NSG commands.
An overview of Network client is available here: https://learn.microsoft.com/python/api/overview/azure/network
Feel free to create an issue on the tracker to ask for samples: https://github.com/Azure/azure-sdk-for-python/issues
Upvotes: 1
Related Questions
- Azure Policy Support for Port Ranges
- listing the azure locations that support virtual network
- creating vnet and subnet using python sdk
- How to create Azure Network Security Group via Python SDK
- How to associate subnet to network security group in Azure using Python?
- Azure SDK Python,I want to assign multiple ports to an NSG Security Rule
- Azure: Creating public ip address with Python
- How to Specify Network Security Group When Creating NIC In Azure Python SDK
- Issues with Network security group deployment using python : NetworkSecurityGroup' object has no attribute 'lower'
- Creating NSG using Azure python sdk does not use the security rule