Add-​Azure​Rm​Network​Security​Rule​Config

Adds a network security rule configuration to a network security group.

Syntax

Add-AzureRmNetworkSecurityRuleConfig
   [-Access <String>]
   [-Description <String>]
   [-DestinationAddressPrefix <String>]
   [-DestinationPortRange <String>]
   [-Direction <String>]
   -Name <String>
   -NetworkSecurityGroup <PSNetworkSecurityGroup>
   [-Priority <Int32>]
   [-Protocol <String>]
   [-SourceAddressPrefix <String>]
   [-SourcePortRange <String>]
   [<CommonParameters>]

Description

The Add-AzureRmNetworkSecurityRuleConfig cmdlet adds a network security rule configuration to an Azure network security group.

Examples

1: Adding a network security group

Get-AzureRmNetworkSecurityGroup -Name  nsg1 -ResourceGroupName rg1 | 
Add-AzureRmNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" -Access 
    Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix Internet 
    -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 | 
    Set-AzureRmNetworkSecurityGroup

The first command retrieves an Azure network security group named "nsg1" from resource group "rg1". The second command dds a network security rule named "rdp-rule" that allows traffic from internet on port 3389 to the retrieved network security group object. Persists the modified Azure network security group.

Required Parameters

-Name

Specifies the name of a network security rule configuration.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-NetworkSecurityGroup

Specifies a NetworkSecurityGroup object. This cmdlet adds a network security rule configuration to the object that this parameter specifies.

Type:PSNetworkSecurityGroup
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False

Optional Parameters

-Access

Specifies whether network traffic is allowed or denied. The acceptable values for this parameter are: Allow and Deny.

Type:String
Parameter Sets:Allow, Deny
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Description

Specifies a description of a network security rule configuration.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DestinationAddressPrefix

Specifies a destination address prefix. The acceptable values for this parameter are:

  • A Classless Interdomain Routing (CIDR) address
  • A destination IP address range
  • A wildcard character (*) to match any IP address

You can use tags such as VirtualNetwork, AzureLoadBalancer, and Internet.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DestinationPortRange

Specifies a destination port or range. The acceptable values for this parameter are:

  • An integer
  • A range of integers between 0 and 65535
  • A wildcard character (*) to match any port
Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Direction

Specifies whether a rule is evaluated on incoming or outgoing traffic. The acceptable values for this parameter are: Inbound and Outbound.

Type:String
Parameter Sets:Inbound, Outbound
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Priority

Specifies the priority of a rule configuration. The acceptable values for this parameter are: An integer between 100 and 4096.

The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Protocol

Specifies the network protocol that a rule configuration applies to. The acceptable values for this parameter are:

  • Tcp
  • Udp
  • Wildcard character (*) to match both
Type:String
Parameter Sets:Tcp, Udp, *
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SourceAddressPrefix

Specifies a source address prefix. The acceptable values for this parameter are:

  • A CIDR
  • A source IP range
  • A wildcard character (*) to match any IP address.

You can also use tags such as VirtualNetwork, AzureLoadBalancer and Internet.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SourcePortRange

Specifies a source port or range. This value is expressed as an integer, as a range between 0 and 65535, or as a wildcard character (*) to match any source port.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False