Reputation: 13
Azure REST API: Network Security Group / Network Interface
I am trying to build a proof-of-concept integration with Azure Cloud into another system. I am not an Azure subject matter expert, so I am struggling with the end-to-end integration.
I am having trouble associating a "Network Security Group" to the "Network Interface". I am able to create both, but they do not not associate to each other until I manually go into the Cloud Portal and associate.
I am using the following: API Documentation: https://learn.microsoft.com/en-us/rest/api/compute/virtualmachines
API Explorer: https://resources.azure.com
I am calling the following end-points in order:
publicIPAddresses https://management.azure.com/subscriptions/{subscriptionID}/resourceGroups/{resourceGroup}/providers/Microsoft.Network/publicIPAddresses/{resourceName}?api-version=2018-07-01
networkInterfaces https://management.azure.com/subscriptions/{subscriptionID}/resourceGroups/{resourceGroup}/providers/Microsoft.Network/networkInterfaces/{resourceName}?api-version=2018-07-01
networkSecurityGroups https://management.azure.com/subscriptions/{subscriptionID}/resourceGroups/{resourceGroup}/providers/Microsoft.Network/networkSecurityGroups/{resourceName}?api-version=2018-07-01
virtualMachines : https://management.azure.com/subscriptions/{subscriptionID}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{resourceName}?$expand=instanceView&api-version=2018-06-01
Everything else works except the NSG associating to the NIC.
Within the "networkSecurityGroups" message, I pass in the following parameter under the properties node.
"networkInterfaces": [{
"id": "/subscriptions/" + subscriptionID + "/resourceGroups/" + resourceGroup + "/providers/Microsoft.Network/networkInterfaces/" + networkInterfaces
}
]
I've tried reversing it by referencing the NSG in the Interface REST call, but still doesn't work. Oddly enough, I use the same syntax to associate the Interface to the VM itself, and that works as expected. Variations of the same syntax work with associating the PublicIP to the Interface, disks to VM, ect.
Any thoughts?
Upvotes: 0
Views: 651
Answers (1)
Reputation: 72211
pretty sure you need to add this under NIC properties section:
"networkSecurityGroup": {
"id": "NSG_Resource_Id"
}
Upvotes: 0
Related Questions
- Azure - Associating network interfaces to an Application Security Group
- Access Security Area Azure DevOps Server on-premise via REST
- Azure Rest API Get More Information about Subscriptions, Resource Groups and Resources
- Network Security Group Rule Audit (Azure)
- Azure API Gateways Basic Auth
- How to allow access from certain IP to certain endpoints in Azure?
- Using "Request Access" API of Azure Devops
- Azure REST api security
- How to connect Azure Web Application (App Service/Website) to Network Security Group?
- Connect to rest Api Azure