hashito
Reputation: 23
Azure SDK Python,I want to assign multiple ports to an NSG Security Rule
I'm trying to manipulate Azure security groups in Python. The big picture works.
But,Attempts to add a rule to an existing security group.
network_client.security_rules.create_or_update('resourcesname',"nsg-name","secure-name",SecurityRule(
protocol='Tcp',
source_address_prefix='*',
destination_address_prefix='*',
access='Allow',
direction='Inbound', description=name+' use rules',source_port_range='*',
#destination_port_range="1000,2000",
#destination_port_range=["1000","2000"],
destination_port_range=[1000,2000],
priority=100, name="secure-name"))
I get the following error when I specify multiple ports
msrestazure.azure_exceptions.CloudError: Azure Error: SecurityRuleInvalidPortRange
Message: Security rule has invalid Port range. Value provided: [1000,2000]. Value should be an integer OR integer range with '-' delimiter. Valid range 0-65535.
I've also tried string arrays and simple strings. But it fails. Can anyone solve the problem?
Upvotes: 2
Views: 389
Answers (1)
Ivan Glasenberg
Reputation: 29940
Actually, it's quite simple.
If you want to add a range of ports, you should use the property destination_port_ranges instead of destination_port_range(Note the "s" at the end of the 2 properties).
Here is my code:
from azure.common.credentials import ServicePrincipalCredentials
from azure.mgmt.network import NetworkManagementClient
from azure.mgmt.network.v2020_04_01.models import NetworkSecurityGroup, SecurityRule
subscription_id = 'xxx'
credentials = ServicePrincipalCredentials(
client_id = 'xxx',
secret = 'xxx',
tenant = 'xxx'
)
network_client = NetworkManagementClient(
credentials,
subscription_id
)
network_client.security_rules.create_or_update('xxx',"yysecurityGroup","my_Port_8080",SecurityRule(
protocol='Tcp',
source_address_prefix='*',
destination_address_prefix='*',
access='Allow',
direction='Inbound', description='my_Port_8080 use rules',source_port_range='*',
#destination_port_range="1000,2000",
destination_port_ranges=["1000","1005","2005","2020"],
priority=100, name="my_Port_8080"))
print("**complete**")
The test result:
Upvotes: 1
Related Questions
- print out nsg with security rules using azure python network management module
- How to create Azure Network Security Group via Python SDK
- how to update azure vm firewall inbound port rules using python
- Azure Powershell not creating NSG rules with multiple ports
- Attaching NSG to Subnet using python
- How to use multiple destination port in single NSG SecurityRule in ARM template
- Creating NSG using Azure python sdk does not use the security rule
- Azure network security group/security rule - address_prefixes and port_ranges
- Mass creation of Azure NSG rules
- how to set multiply tcp ports in azur VM?