az network perimeter profile access-rule
Note
This reference is part of the nsp extension for the Azure CLI (version 2.61.0 or higher). The extension will automatically install the first time you run an az network perimeter profile access-rule command. Learn more about extensions.
Manage Network Security Perimeter Profile Access Rules.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network perimeter profile access-rule create |
Create a network security perimeter profile access rule. |
Extension | GA |
| az network perimeter profile access-rule delete |
Delete a network security perimeter profile access rule. |
Extension | GA |
| az network perimeter profile access-rule list |
List all network security perimeter profile access rules. |
Extension | GA |
| az network perimeter profile access-rule show |
Get a network security perimeter profile access rule. |
Extension | GA |
| az network perimeter profile access-rule update |
Create or update a network security perimeter profile access rule. |
Extension | GA |
az network perimeter profile access-rule create
Create a network security perimeter profile access rule.
az network perimeter profile access-rule create --access-rule-name --name
--perimeter-name
--profile-name
--resource-group
[--address-prefixes]
[--direction {Inbound, Outbound}]
[--email-addresses]
[--fqdn]
[--phone-numbers]
[--service-tags]
[--subscriptions]Examples
Create IP based access rule
az network perimeter profile access-rule create -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --address-prefixes "[10.10.0.0/16]"Create NSP based access rule
az network perimeter profile access-rule create -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --nsp "[{id:<NSP_ARM_ID>}]"Create FQDN based access rule
az network perimeter profile access-rule create -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --fqdn "['www.abc.com', 'www.google.com']" --direction "Outbound"Create Subscription based access rule
az network perimeter profile access-rule create -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --subscriptions [0].id="<SubscriptionID1>" [1].id="<SubscriptionID2>"Create ServiceTags based access rule
az network perimeter profile access-rule create -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --service-tags [st1,st2]Required Parameters
The name of the NSP access rule.
The name of the network security perimeter.
The name of the NSP profile.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Inbound address prefixes (IPv4/IPv6) Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Direction that specifies whether the access rules is inbound/outbound.
Outbound rules in email address format. This access rule type is currently unavailable for use Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Outbound rules in fully qualified domain name format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Outbound rules in phone number format. This access rule type is currently unavailable for use Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Inbound rules of type service tag. This access rule type is currently unavailable for use. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Subscription id in the ARM id format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network perimeter profile access-rule delete
Delete a network security perimeter profile access rule.
az network perimeter profile access-rule delete [--access-rule-name --name]
[--ids]
[--perimeter-name]
[--profile-name]
[--resource-group]
[--subscription]
[--yes]Examples
Delete a network security perimeter profile access rule
az network perimeter profile access-rule delete -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroupOptional Parameters
The name of the NSP access rule.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the network security perimeter.
The name of the NSP profile.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network perimeter profile access-rule list
List all network security perimeter profile access rules.
az network perimeter profile access-rule list --perimeter-name
--profile-name
--resource-group
[--max-items]
[--next-token]
[--skip-token]
[--top]Examples
List all network security perimeter profile access rules
az network perimeter profile access-rule list --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroupRequired Parameters
The name of the network security perimeter.
The name of the NSP profile.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
Token to specify where to start paginating. This is the token value from a previously truncated response.
SkipToken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.
An optional query parameter which specifies the maximum number of records to be returned by the server.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network perimeter profile access-rule show
Get a network security perimeter profile access rule.
az network perimeter profile access-rule show [--access-rule-name --name]
[--ids]
[--perimeter-name]
[--profile-name]
[--resource-group]
[--subscription]Examples
Get a network security perimeter profile access rule
az network perimeter profile access-rule show -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroupOptional Parameters
The name of the NSP access rule.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the network security perimeter.
The name of the NSP profile.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network perimeter profile access-rule update
Create or update a network security perimeter profile access rule.
az network perimeter profile access-rule update [--access-rule-name --name]
[--add]
[--address-prefixes]
[--direction {Inbound, Outbound}]
[--email-addresses]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--fqdn]
[--ids]
[--perimeter-name]
[--phone-numbers]
[--profile-name]
[--remove]
[--resource-group]
[--service-tags]
[--set]
[--subscription]
[--subscriptions]Examples
Update a network security perimeter profile access rule
az network perimeter profile access-rule update -n MyAccessRule --profile-name MyProfile --perimeter-name MyPerimeter -g MyResourceGroup --address-prefixes "[10.10.0.0/16]"Optional Parameters
The name of the NSP access rule.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Inbound address prefixes (IPv4/IPv6) Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Direction that specifies whether the access rules is inbound/outbound.
Outbound rules in email address format. This access rule type is currently unavailable for use Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Outbound rules in fully qualified domain name format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the network security perimeter.
Outbound rules in phone number format. This access rule type is currently unavailable for use Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The name of the NSP profile.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Inbound rules of type service tag. This access rule type is currently unavailable for use. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Subscription id in the ARM id format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
