New-AzureRmNetworkSecurityGroup

Creates a network security group.

Important

Because Az PowerShell modules now have all the capabilities of AzureRM PowerShell modules and more, we'll retire AzureRM PowerShell modules on 29 February 2024.

To avoid service interruptions, update your scripts that use AzureRM PowerShell modules to use Az PowerShell modules by 29 February 2024. To automatically update your scripts, follow the quickstart guide.

Syntax

New-AzureRmNetworkSecurityGroup
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-SecurityRules <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSSecurityRule]>]
   [-Tag <Hashtable>]
   [-Force]
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzureRmNetworkSecurityGroup cmdlet creates an Azure network security group.

Examples

1: Create a new network security group

New-AzureRmNetworkSecurityGroup -Name "nsg1" -ResourceGroupName "rg1"  -Location  "westus"

This command creates a new Azure network security group named "nsg1" in resource group "rg1" in location "westus".

2: Create a detailed network security group

$rule1 = New-AzureRmNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP"
    -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix
    Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389

$rule2 = New-AzureRmNetworkSecurityRuleConfig -Name web-rule -Description "Allow HTTP"
    -Access Allow -Protocol Tcp -Direction Inbound -Priority 101 -SourceAddressPrefix
    Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80

$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName TestRG -Location westus -Name
    "NSG-FrontEnd" -SecurityRules $rule1,$rule2

Step:1 Create a security rule allowing access from the Internet to port 3389. Step:2 Create a security rule allowing access from the Internet to port 80. Step:3 Add the rules created above to a new NSG named NSG-FrontEnd.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Location

Specifies the region for which to create a network security group.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Name

Specifies the name of the network security group to create.

Type:String
Aliases:ResourceName
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ResourceGroupName

Specifies the name of a resource group. This cmdlet creates a network security group in the resource group that this parameter specifies.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-SecurityRules

Specifies a list of network security rule objects to create in a network security group.

Type:List<T>[PSSecurityRule]
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Tag

Key-value pairs in the form of a hash table. For example: @{key0="value0";key1=$null;key2="value2"}

Type:Hashtable
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

List<T>[[Microsoft.Azure.Commands.Network.Models.PSSecurityRule, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

Hashtable

Outputs

PSNetworkSecurityGroup