azure - 使用 Azure python sdk 创建 NSG 不使用安全规则

标签 azure azure-virtual-network azure-sdk-python

我正在使用

λ pip 显示 azure 名称: azure 版本:2.0.0

我想创建具有特定安全规则的 NSG。我有以下代码。

```

from azure.mgmt.compute import ComputeManagementClient
from azure.mgmt.network import NetworkManagementClient
from azure.common.credentials import ServicePrincipalCredentials
from azure.mgmt.network.v2017_03_01.models import NetworkSecurityGroup
from azure.mgmt.network.v2017_03_01.models import SecurityRule
subscription_id = 'my-id'
credentials = ...

compute_client = ComputeManagementClient(
    credentials,
    subscription_id
)

network_client = NetworkManagementClient(
    credentials,
    subscription_id
)
from azure.mgmt.resource.resources import ResourceManagementClient

resource_client = ResourceManagementClient(
    credentials,
    subscription_id
)
resource_client.providers.register('Microsoft.Compute')
resource_client.providers.register('Microsoft.Network')

resource_group_name = 'test-rg'

security_rule = SecurityRule( protocol='Tcp', source_address_prefix='Internet', 
                              source_port_range="*", destination_port_range="3389", priority=100,
                              destination_address_prefix='*', access='Allow', direction='Inbound')
nsg_params = NetworkSecurityGroup(id='test-nsg', location='UK South', tags={ 'name' : 'testnsg' })
network_client.network_security_groups.create_or_update(resource_group_name, "test-nsg", parameters=nsg_params, security_rules=[security_rule])

这确实使 NSG 很好,但无法创建正确的规则。

我错过了什么?

最佳答案

我们可以使用这个脚本来实现它:

from azure.common.credentials import ServicePrincipalCredentials
from azure.mgmt.compute import ComputeManagementClient
from azure.mgmt.network import NetworkManagementClient
from azure.mgmt.network.v2017_03_01.models import NetworkSecurityGroup
from azure.mgmt.network.v2017_03_01.models import SecurityRule
from azure.mgmt.resource.resources import ResourceManagementClient

subscription_id = 'xxxxxxxxx-xxxxxxxxxxxxxxxxxxxx'
credentials = ServicePrincipalCredentials(
    client_id = 'xxxxxx-xxxx-xxx-xxxx-xxxxxxx',
    secret = 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx',
    tenant = 'xxxxxx-xxxxxxx'
)

compute_client = ComputeManagementClient(
    credentials,
    subscription_id
)

network_client = NetworkManagementClient(
    credentials,
    subscription_id
)

resource_client = ResourceManagementClient(
    credentials,
    subscription_id
)
resource_client.providers.register('Microsoft.Compute')
resource_client.providers.register('Microsoft.Network')

resource_group_name = 'test-rg'


parameters = NetworkSecurityGroup()
parameters.location = 'UK South'

parameters.security_rules = [SecurityRule('Tcp', '*', '*', 'Allow', 'Inbound', description='Allow RDP port 3389',
                                 source_port_range='*', destination_port_range='3389', priority=100, name='RDP01')]   


network_client.network_security_groups.create_or_update(resource_group_name, "test-nsg", parameters)

network_client.network_security_groups.create_or_update 仅具有三个值:resource_groupsecurity_group_name参数.

有关network_client.network_security_groups.create_or_update的更多信息,请参阅此link .

关于azure - 使用 Azure python sdk 创建 NSG 不使用安全规则,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45941544/

上一篇:SQL 查询在选择列时将 TIMESTAMP 转换为字符串

下一篇:Minizinc、Gecode,如何通过多解决方案模型跨分布式服务器获得相同的解决方案?

相关文章:

azure - 在经典迁移到 ARM 上未创建端点/网络安全组

azure - TeamViewer 无人值守访问 - Windows Azure VM

azure - 如何使用azure python sdk获取资源成本?

Azure:无法将存档 blob 从一个存储帐户复制到另一个存储帐户?

python - Azure SDK Python : tag a particular resource

azure - 宇宙数据库 : Difference between using MaxItemCount and Take() when retrieving N many records

azure - 用户通过 AAD 的 ROPC 流程登录

azure - Postman 集合访问 Azure 虚拟网络中的 API 的推荐方式?

Azure表存储: a script to populate new column for existing tables

c# - Microsoft.Practices.TransientFaultHandling.RetryPolicy 的正确代码是什么?

©2024 IT工具网  联系我们