Editar

Partilhar via


Add-AzServiceFabricManagedClusterNetworkSecurityRule

Add network security rule to cluster resource.

Syntax

Add-AzServiceFabricManagedClusterNetworkSecurityRule
   [-InputObject] <PSManagedCluster>
   -Access <NetworkSecurityAccess>
   [-Description <String>]
   -DestinationAddressPrefix <String[]>
   -DestinationPortRange <String[]>
   -Direction <NetworkSecurityDirection>
   -Name <String>
   -Priority <Int32>
   -Protocol <NetworkSecurityProtocol>
   -SourceAddressPrefix <String[]>
   -SourcePortRange <String[]>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzServiceFabricManagedClusterNetworkSecurityRule
   [-ResourceGroupName] <String>
   [-ClusterName] <String>
   -Access <NetworkSecurityAccess>
   [-Description <String>]
   -DestinationAddressPrefix <String[]>
   -DestinationPortRange <String[]>
   -Direction <NetworkSecurityDirection>
   -Name <String>
   -Priority <Int32>
   -Protocol <NetworkSecurityProtocol>
   -SourceAddressPrefix <String[]>
   -SourcePortRange <String[]>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Add network security rule to cluster resource. This will add network security rule with specified properties

Examples

Example 1

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule1"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
        -Name $NSRName -Access Allow -Direction Outbound -Protocol tcp -Priority 1200 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

This command will add network security rule with properties above.

Example 2

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule2"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
        -Name $NSRName -Access Deny -Direction Outbound -Protocol udp -Priority 1300 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

Similar to Example1 with different properties.

Example 3

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule3"
$description = "test network security rule"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = $clusterFromGet | Add-AzServiceFabricManagedClusterNetworkSecurityRule `
        -Name $NSRName -Access Allow -Description $description -Direction Outbound -Protocol tcp -Priority 1400 -SourcePortRange $sourcePortRanges -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

This command will add a network security rule using cluster object with piping.

Parameters

-Access

Gets or sets the network traffic is allowed or denied. Possible values include: Allow, Deny

Type:NetworkSecurityAccess
Accepted values:Allow, Deny
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-AsJob

Run cmdlet in the background and return a Job to track progress

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ClusterName

Specify the name of the cluster.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Description

Gets or sets network security rule description

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DestinationAddressPrefix

Gets or sets the destination address prefixes. CIDR or destination IP ranges

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-DestinationPortRange

Gets or sets the destination port ranges

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Direction

Gets or sets network security rule direction. Possible values include: Inbound, Outbound

Type:NetworkSecurityDirection
Accepted values:Inbound, Outbound
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Managed cluster resource

Type:PSManagedCluster
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

Network Security Rule name

Type:String
Aliases:NetworkSecurityRuleName
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Priority

Gets or sets the priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule

Type:Int32
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Protocol

Gets or sets network protocol this rule applies to. Possible values include: http, https, tcp, udp, icmp, ah, esp, any

Type:NetworkSecurityProtocol
Accepted values:https, http, udp, tcp, esp, icmp, ah, any
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

Specify the name of the resource group.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-SourceAddressPrefix

Gets or sets the CIDR or source IP ranges

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-SourcePortRange

Run cmdlet in the background and return a Job to track progress

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

Outputs

PSManagedCluster