堆栈内存溢出
  简体   繁体   English

Azure 使用 powershell 更新多个 NSG 规则

[英]Azure updating multiple NSG rules with powershell

 原文  2020-10-27 19:29:40       azure/ powershell/ security

问题描述

I'd like to update multiple NSG rules at once, based on a changing IP address list.我想根据不断变化的 IP 地址列表一次更新多个 NSG 规则。 For example, I'd like to update rules named ftp,ssh,https (and several others).例如,我想更新名为 ftp、ssh、https(以及其他几个)的规则。 Here is what I have so far:这是我到目前为止所拥有的:

$ips = @("10.1.1.2", "10.1.1.3", "192.168.0.0/16")
$nsgName = "Dev1-nsg"
$resourceGroupName = "myResourceGrp1"
$nsg = Get-AzNetworkSecurityGroup -Name $nsgName -ResourceGroupName $resourceGroupName
Set-AzNetworkSecurityRuleConfig -Name "ftp" -NetworkSecurityGroup $nsg -SourceAddressPrefix $ips
Set-AzNetworkSecurityRuleConfig -Name "ssh" -NetworkSecurityGroup $nsg -SourceAddressPrefix $ips
Set-AzNetworkSecurityRuleConfig -Name "https" -NetworkSecurityGroup $nsg -SourceAddressPrefix $ips
Get-AzNetworkSecurityRuleConfig -Name "ftp" -NetworkSecurityGroup $nsg
Get-AzNetworkSecurityRuleConfig -Name "ssh" -NetworkSecurityGroup $nsg
Get-AzNetworkSecurityRuleConfig -Name "https" -NetworkSecurityGroup $nsg

My issues:我的问题:

  1. When I run the above in Powershell, all seems fine, but when I go to the Azure nsg portal and refresh, the rules appear unchanged当我在 Powershell 中运行上述内容时,一切似乎都很好,但是当我转到 Azure nsg 门户并刷新时,规则似乎没有变化
  2. If I'm updating many rules (say 15), what's the best way to loop through a list of rule names to update each with the IP list?如果我要更新许多规则(比如 15 个),循环遍历规则名称列表以使用 IP 列表更新每个规则名称的最佳方法是什么?

1 个解决方案

解决方案1
 2 已采纳  2020-10-28 08:48:31

  1. We could not update the NSG rules in Azure but need to modify the local PowerShell scripts then push the change to Azure, refer to this answer .我们无法更新 Azure 中的 NSG 规则,但需要修改本地 PowerShell 脚本,然后将更改推送到 Azure,请参阅此答案

  2. To loop through a list of rule names to update each of the IP lists, you can do it like this.要遍历规则名称列表以更新每个 IP 列表,您可以这样做。

     $ips = @("10.1.1.2", "10.1.1.3", "192.168.0.0/16") $nsgName = "ubun-a-nsg" $resourceGroupName = "nancy" $rule_names = @("NRMS-Rule-103","NRMS-Rule-104","NRMS-Rule-105") foreach($rule_name in $rule_names) { $nsg = Get-AzNetworkSecurityGroup -Name $nsgName -ResourceGroupName $resourceGroupName $rule= $nsg | Get-AzNetworkSecurityRuleConfig -Name $rule_name Set-AzNetworkSecurityRuleConfig -NetworkSecurityGroup $nsg ` -Name $rule_name ` -Access $rule.Access ` -Protocol $rule.Protocol ` -Direction $rule.Direction ` -Priority $rule.Priority ` -SourceAddressPrefix $ips ` -SourcePortRange $rule.SourcePortRange ` -DestinationAddressPrefix $rule.DestinationAddressPrefix ` -DestinationPortRange $rule.DestinationPortRange ` -Description $rule.Description $nsg | Set-AzNetworkSecurityGroup }

Test Result:测试结果:

在此处输入图片说明

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure Powershell无法创建具有多个端口的NSG规则 - Azure Powershell not creating NSG rules with multiple ports 大量创建Azure NSG规则 - Mass creation of Azure NSG rules Azure NSG 规则暴露给 inte.net - Azure NSG rules exposed to internet 使用 powershell 将多个 CIDR 添加到 SourceAddressPrefix 到 Azure NSG 规则 - Add multiple CIDR to SourceAddressPrefix using powershell to Azure NSG rule 针对Azure NSG优化Powershell脚本 - Optimize Powershell script for Azure NSG 使用 powershell 将 NSG 规则导出到 csv 文件 - Export NSG rules to a csv file using powershell 为多个VM设置NSG入站安全规则 - Setup NSG inbound security rules for multiple VM 使用 Powershell 修改 azure nsg 规则 - Using Powershell to modify azure nsg rule Azure NSG规则用于来自Azure云服务的流量 - Azure NSG rules for traffic from an Azure Cloud Service 添加 NSG 规则以在 Azure PostgreSQL 灵活服务器上启用高可用性 - Adding NSG rules to enable high availability on Azure PostgreSQL Flexible Server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM