[英]how to update azure vm firewall inbound port rules using python
我想使用 python(自動)在入站端口規則中綁定/更新/白名單我的 IP 地址。
我經歷了這個url ! 以及我所理解的
credentials = ServicePrincipalCredentials(
client_id=os.environ['AZURE_CLIENT_ID'],
secret=os.environ['AZURE_CLIENT_SECRET'],
tenant=os.environ['AZURE_TENANT_ID']
)
resource_client = ResourceManagementClient(credentials, subscription_id)
compute_client = ComputeManagementClient(credentials, subscription_id)
storage_client = StorageManagementClient(credentials, subscription_id)
network_client = NetworkManagementClient(credentials, subscription_id)
# Create VNet
print('Create Vnet')
async_vnet_creation = network_client.virtual_networks.create_or_update(
GROUP_NAME,
VNET_NAME,
{
'location': LOCATION,
'address_space': {
'address_prefixes': ['10.0.0.0/16']
}
}
)
async_vnet_creation.wait()
# Create Subnet
async_subnet_creation = network_client.subnets.create_or_update(
GROUP_NAME,
VNET_NAME,
SUBNET_NAME,
{'address_prefix': '10.0.0.0/24'}
)
subnet_info = async_subnet_creation.result()
# Creating NIC
print('Creating NetworkInterface 1')
back_end_address_pool_id = lb_info.backend_address_pools[0].id
inbound_nat_rule_1_id = lb_info.inbound_nat_rules[0].id
async_nic1_creation = network_client.network_interfaces.create_or_update(
GROUP_NAME,
VMS_INFO[1]['nic_name'],
create_nic_parameters(
subnet_info.id, back_end_address_pool_id, inbound_nat_rule_1_id)
)
inbound_nat_rule_2_id = lb_info.inbound_nat_rules[1].id
print('Creating NetworkInterface 2')
async_nic2_creation = network_client.network_interfaces.create_or_update(
GROUP_NAME,
VMS_INFO[2]['nic_name'],
create_nic_parameters(
subnet_info.id, back_end_address_pool_id, inbound_nat_rule_2_id)
)
nic1_info = async_nic1_creation.result()
nic2_info = async_nic2_creation.result()
但我沒有找到添加我想列入白名單的 ip 的地方。 請對此提供幫助或請告訴如何使用 python azure ZF20E3C5E54C0AB3D3765D8966 將我的 IP 列入白名單
如果要為現有 NSG 創建新的入站規則,可以使用以下腳本:
from azure.common.credentials import ServicePrincipalCredentials
from azure.mgmt.compute import ComputeManagementClient
from azure.mgmt.network import NetworkManagementClient
from azure.mgmt.network.v2017_03_01.models import NetworkSecurityGroup
from azure.mgmt.network.v2017_03_01.models import SecurityRule
from azure.mgmt.resource.resources import ResourceManagementClient
subscription_id = 'xxxxxxxxx-xxxxxxxxxxxxxxxxxxxx'
credentials = ServicePrincipalCredentials(
client_id = 'xxxxxx-xxxx-xxx-xxxx-xxxxxxx',
secret = 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx',
tenant = 'xxxxxx-xxxxxxx'
)
network_client = NetworkManagementClient(
credentials,
subscription_id
)
resource_client = ResourceManagementClient(
credentials,
subscription_id
)
resource_client.providers.register('Microsoft.Network')
resource_group_name = 'test-rg'
async_security_rule = network_client.security_rules.create_or_update(
resource_group_name,
security_group_name,
new_security_rule_name,
{
'access':azure.mgmt.network.v2017_03_01.models.SecurityRuleAccess.allow,
'description':'New Test security rule',
'destination_address_prefix':'*',
'destination_port_range':'123-3500',
'direction':azure.mgmt.network.v2017_03_01.models.SecurityRuleDirection.inbound,
'priority':400,
'protocol':azure.mgmt.network.v2017_03_01.models.SecurityRuleProtocol.tcp,
'source_address_prefix':'*',
'source_port_range':'655',
}
)
security_rule = async_security_rule.result()
更多詳情,請參考鏈接
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.