az network manager security-admin-config rule-collection rule
Note
This reference is part of the virtual-network-manager extension for the Azure CLI (version 2.61.0 or higher). The extension will automatically install the first time you run an az network manager security-admin-config rule-collection rule command. Learn more about extensions.
Manage admin rule with network.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network manager security-admin-config rule-collection rule create |
Create a network manager security configuration admin rule. |
Extension | GA |
| az network manager security-admin-config rule-collection rule delete |
Delete an admin rule. |
Extension | GA |
| az network manager security-admin-config rule-collection rule list |
List all network manager security configuration admin rules. |
Extension | GA |
| az network manager security-admin-config rule-collection rule show |
Get a network manager security configuration admin rule. |
Extension | GA |
| az network manager security-admin-config rule-collection rule update |
Update a network manager security configuration admin rule in a subscription. |
Extension | GA |
az network manager security-admin-config rule-collection rule create
Create a network manager security configuration admin rule.
az network manager security-admin-config rule-collection rule create --access {Allow, AlwaysAllow, Deny}
--configuration-name
--direction {Inbound, Outbound}
--name --network-manager-name
--priority
--protocol {Ah, Any, Esp, Icmp, Tcp, Udp}
--resource-group
--rule-collection-name
--rule-name
[--description]
[--dest-port-ranges]
[--destinations]
[--flag]
[--kind {Custom, Default}]
[--source-port-ranges]
[--sources]Examples
Create security admin rules
az network manager security-admin-config rule-collection rule create --configuration-name "myTestSecurityConfig" --network-manager-name "testNetworkManager" --resource-group "rg1" --rule-collection-name "myTestCollection" --rule-name "SampleAdminRule" --kind "Custom" --protocol "Tcp" --access "Allow" --priority 32 --direction "Inbound" --destinations address-prefix="*" address-prefix-type="IPPrefix" --dest-port-ranges 22Required Parameters
Indicates the access allowed for this particular rule.
| Property | Value |
|---|---|
| Accepted values: | Allow, AlwaysAllow, Deny |
The name of the network manager security Configuration.
Indicates if the traffic matched against the rule in inbound or outbound.
| Property | Value |
|---|---|
| Accepted values: | Inbound, Outbound |
The name of the network manager.
The priority of the rule.
Network protocol this rule applies to.
| Property | Value |
|---|---|
| Accepted values: | Ah, Any, Esp, Icmp, Tcp, Udp |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The name of the admin rule collection.
The name of the rule.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
A description for this rule. Restricted to 140 chars.
The destination port ranges.
The destination address prefixes. CIDR or destination IP ranges.
Usage: --destination address-prefix=XX address-prefix-type=XX
address-prefix: Address prefix. address-prefix-type: Address prefix type. Address prefix type is an enum with values IPPrefix or ServiceTag.
Multiple actions can be specified by using more than one --destination argument.
Default rule flag.
Required. Whether the rule is custom or default.Constant filled by server.
| Property | Value |
|---|---|
| Default value: | Custom |
| Accepted values: | Custom, Default |
The source port ranges.
The CIDR or source IP ranges.
Usage: --sources address-prefix=XX address-prefix-type=XX
address-prefix: Address prefix. address-prefix-type: Address prefix type. Address prefix type is an enum with values IPPrefix or ServiceTag.
Multiple actions can be specified by using more than one --sources argument.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network manager security-admin-config rule-collection rule delete
Delete an admin rule.
az network manager security-admin-config rule-collection rule delete [--config --config-name --configuration-name]
[--force {0, 1, f, false, n, no, t, true, y, yes}]
[--ids]
[--name --network-manager-name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--rc --rule-collection-name]
[--resource-group]
[--rule-name]
[--subscription]
[--yes]Examples
Deletes an admin rule.
az network manager security-admin-config rule-collection rule delete --configuration-name "myTestSecurityConfig" --network-manager-name "testNetworkManager" --resource-group "rg1" --rule-collection-name "myTestCollection" --rule-name "SampleAdminRule"Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of the network manager security configuration.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Deletes the resource even if it is part of a deployed configuration. If the configuration has been deployed, the service will do a cleanup deployment in the background, prior to the delete.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network manager.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The name of the network manager security Configuration rule collection.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network manager security-admin-config rule-collection rule list
List all network manager security configuration admin rules.
az network manager security-admin-config rule-collection rule list --config --config-name --configuration-name
--name --network-manager-name
--rc --rule-collection-name
--resource-group
[--max-items]
[--next-token]
[--skip-token]
[--top]Examples
List security admin rules
az network manager security-admin-config rule-collection rule list --configuration-name "myTestSecurityConfig" --network-manager-name "testNetworkManager" --resource-group "rg1" --rule-collection-name "myTestCollection"Required Parameters
Name of the network manager security configuration.
The name of the network manager.
The name of the network manager security Configuration rule collection.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Token to specify where to start paginating. This is the token value from a previously truncated response.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
SkipToken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.
An optional query parameter which specifies the maximum number of records to be returned by the server.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network manager security-admin-config rule-collection rule show
Get a network manager security configuration admin rule.
az network manager security-admin-config rule-collection rule show [--config --config-name --configuration-name]
[--ids]
[--name --network-manager-name]
[--rc --rule-collection-name]
[--resource-group]
[--rule-name]
[--subscription]Examples
Get security admin rule
az network manager security-admin-config rule-collection rule show --configuration-name "myTestSecurityConfig" --network-manager-name "testNetworkManager" --resource-group "rg1" --rule-collection-name "myTestCollection" --rule-name "SampleAdminRule"Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of the network manager security configuration.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network manager.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network manager security Configuration rule collection.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network manager security-admin-config rule-collection rule update
Update a network manager security configuration admin rule in a subscription.
az network manager security-admin-config rule-collection rule update --rule-collection-name
[--access {Allow, AlwaysAllow, Deny}]
[--configuration-name]
[--description]
[--dest-port-ranges]
[--destinations]
[--direction {Inbound, Outbound}]
[--flag]
[--ids]
[--kind {Custom, Default}]
[--name --network-manager-name]
[--priority]
[--protocol {Ah, Any, Esp, Icmp, Tcp, Udp}]
[--resource-group]
[--rule-name]
[--source-port-ranges]
[--sources]
[--subscription]Examples
Update security admin rule
az network manager security-admin-config rule-collection rule update --configuration-name "myTestSecurityConfig" --network-manager-name "testNetworkManager" --resource-group "rg1" --rule-collection-name "myTestCollection" --rule-name "SampleAdminRule" --access "Deny"Required Parameters
The name of the admin rule collection.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Indicates the access allowed for this particular rule.
| Property | Value |
|---|---|
| Accepted values: | Allow, AlwaysAllow, Deny |
The name of the network manager security Configuration.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
A description for this rule. Restricted to 140 chars.
The destination port ranges.
The destination address prefixes. CIDR or destination IP ranges.
Usage: --destination address-prefix=XX address-prefix-type=XX
address-prefix: Address prefix. address-prefix-type: Address prefix type.
Multiple actions can be specified by using more than one --destination argument.
Indicates if the traffic matched against the rule in inbound or outbound.
| Property | Value |
|---|---|
| Accepted values: | Inbound, Outbound |
Default rule flag.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Required. Whether the rule is custom or default.Constant filled by server.
| Property | Value |
|---|---|
| Accepted values: | Custom, Default |
The name of the network manager.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The priority of the rule.
Network protocol this rule applies to.
| Property | Value |
|---|---|
| Accepted values: | Ah, Any, Esp, Icmp, Tcp, Udp |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The source port ranges.
The CIDR or source IP ranges.
Usage: --sources address-prefix=XX address-prefix-type=XX
address-prefix: Address prefix. address-prefix-type: Address prefix type.
Multiple actions can be specified by using more than one --sources argument.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
