Network Watchers - Verify IP Flow

Verify IP flow from the specified VM to a location given the currently configured NSG rules.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkWatchers/{networkWatcherName}/ipFlowVerify?api-version=2018-02-01

URI Parameters

Name In Required Type Description
subscriptionId
path True
  • string

The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

resourceGroupName
path True
  • string

The name of the resource group.

networkWatcherName
path True
  • string

The name of the network watcher.

api-version
query True
  • string

Client API version.

Request Body

Media Types: "application/json", "text/json"

default

Name Required Type Description
direction True

The direction of the packet represented as a 5-tuple.

localIPAddress True
  • string

The local IP address. Acceptable values are valid IPv4 addresses.

localPort True
  • string

The local port. Acceptable values are a single integer in the range (0-65535). Support for * for the source port, which depends on the direction.

protocol True

Protocol to be verified on.

remoteIPAddress True
  • string

The remote IP address. Acceptable values are valid IPv4 addresses.

remotePort True
  • string

The remote port. Acceptable values are a single integer in the range (0-65535). Support for * for the source port, which depends on the direction.

targetNicResourceId
  • string

The NIC ID. (If VM has multiple NICs and IP forwarding is enabled on any of them, then this parameter must be specified. Otherwise optional).

targetResourceId True
  • string

The ID of the target resource to perform next-hop on.

Responses

Name Type Description
200 OK

Request successful. The operation returns the result of IP flow verification.

Media Types: "application/json", "text/json"

202 Accepted

Accepted and the operation will complete asynchronously.

Media Types: "application/json", "text/json"

Definitions

Access

Indicates whether the traffic is allowed or denied.

Direction

The direction of the packet represented as a 5-tuple.

IpFlowProtocol

Protocol to be verified on.

VerificationIPFlowParameters

Parameters that define the IP flow to be verified.

VerificationIPFlowResult

Results of IP flow verification on the target resource.

Access

Indicates whether the traffic is allowed or denied.

Name Type Description
Allow
  • string
Deny
  • string

Direction

The direction of the packet represented as a 5-tuple.

Name Type Description
Inbound
  • string
Outbound
  • string

IpFlowProtocol

Protocol to be verified on.

Name Type Description
TCP
  • string
UDP
  • string

VerificationIPFlowParameters

Parameters that define the IP flow to be verified.

Name Type Description
direction

The direction of the packet represented as a 5-tuple.

localIPAddress
  • string

The local IP address. Acceptable values are valid IPv4 addresses.

localPort
  • string

The local port. Acceptable values are a single integer in the range (0-65535). Support for * for the source port, which depends on the direction.

protocol

Protocol to be verified on.

remoteIPAddress
  • string

The remote IP address. Acceptable values are valid IPv4 addresses.

remotePort
  • string

The remote port. Acceptable values are a single integer in the range (0-65535). Support for * for the source port, which depends on the direction.

targetNicResourceId
  • string

The NIC ID. (If VM has multiple NICs and IP forwarding is enabled on any of them, then this parameter must be specified. Otherwise optional).

targetResourceId
  • string

The ID of the target resource to perform next-hop on.

VerificationIPFlowResult

Results of IP flow verification on the target resource.

Name Type Description
access

Indicates whether the traffic is allowed or denied.

ruleName
  • string

Name of the rule. If input is not matched against any security rule, it is not displayed.