如何使用 Python 將子網關聯到 Azure 中的網絡安全組?
[英]How to associate subnet to network security group in Azure using Python?
問題描述
我有 python function,它創建了新的網絡安全組:
def createNetworkSecurityGroup(subscription, location, resourceGroupName, networkSecurityGroupName, headers):
print(f'Creating networking security group {networkSecurityGroupName}...')
# https://docs.microsoft.com/en-us/rest/api/virtualnetwork/networksecuritygroups/createorupdate#examples
url = f'https://management.azure.com/subscriptions/{subscription}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkSecurityGroups/{networkSecurityGroupName}?api-version=2019-09-01'
data ={
"properties": {
"securityRules": [
{
"name": "CustomInBound",
"properties": {
"protocol": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"destinationPortRange": "*",
"sourcePortRange": "*",
"priority": 100,
"direction": "Inbound"
}
},
{
"name": "CustomOutBound",
"properties": {
"protocol": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"destinationPortRange": "*",
"sourcePortRange": "*",
"priority": 100,
"direction": "Outbound"
}
},
]
},
"location": location
}
success = False
while not success:
try:
response = requests.put(url, headers=headers, data=str(data))
responseData = response.json()
if not responseData.get('id'):
print(responseData)
print(responseData.text)
print(responseData.headers)
else:
networkSecurityGroupId = responseData['id']
success = True
except Exception as e:
print(e)
return networkSecurityGroupId
如何將已經存在的子網關聯到這個新創建的 NSG? 是否可以修改這個 function 或者我必須創建另一個? 也許我應該使用 Azure CLI 但在 python 中?
在 Azure 門戶上,通過此頁面完成。
1 個解決方案
解決方案1
0 已采納 2020-08-11 08:00:15
要將 NSG 關聯到現有子網,據我所知,有三種方法可以實現。
- 我看到您使用 REST API 創建 NSG。 因此,您仍然可以在此處使用 REST API 來執行此操作,並在此處使用示例正文:
{
"properties": {
"addressSpace": {
"addressPrefixes": [
"172.17.0.0/24"
]
},
"subnets": [
{
"name": "default",
"properties": {
"addressPrefix": "172.17.0.0/24",
"networkSecurityGroup": {
"id": "xxxxxx",
"location": "eastasia"
}
}
}
]
},
"location": "eastasia"
}
- 您可以使用 Azure Python SDK 來做到這一點:
subscription_id = "xxxxxx"
credential = ServicePrincipalCredentials(
client_id="xxxxx",
secret="xxxxx",
tenant="xxxxx"
)
network_client = NetworkManagementClient(credential, subscription_id)
resource_group_name = "xxxxx"
vnet_name = "xxxxx"
subnet_name = "xxxxx"
sunet_data = {
"properties": {
"addressSpace": {
"addressPrefixes": [
"172.17.0.0/24"
]
},
"subnets": [
{
"name": "default",
"properties": {
"addressPrefix": "172.17.0.0/24",
"networkSecurityGroup": {
"id": networkSecurityGroupId ,
"location": "eastasia"
}
}
}
]
},
"location": "eastasia"
}
result = network_client.subnets.create_or_update(resource_group_name, vnet_name, subnet_name, subnet_data)
您可以獲得有關子網的 SDK 的更多詳細信息。
- Azure CLI 也可以做到,您只需通過 python 代碼運行 CLI 命令:
import subprocess
resource_group_name = "xxxxx"
vnet_name = "xxxxx"
subnet_name = "xxxxx"
cmd = f"az network vnet subnet update -g {resource_group_name} -n {subnet_name} --vnet-name {vnet_name} --network-security-group {networkSecurityGroupId} "
command = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE)
out, err = command.communicate()
您可以根據需要選擇一種方式。 並且在function中添加代碼或者再創建一個也可以。
Azure Python SDK中創建網卡時如何指定網絡安全組
[英]How to Specify Network Security Group When Creating NIC In Azure Python SDK
使用python部署網絡安全組的問題:NetworkSecurityGroup'對象沒有屬性“ lower”
[英]Issues with Network security group deployment using python : NetworkSecurityGroup' object has no attribute 'lower'
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
如何通過 Python SDK 創建 Azure 網絡安全組
Python Boto:如何指定子網ID和安全組?
Azure Python SDK中創建網卡時如何指定網絡安全組
如何在 python 中獲取網絡的所有可能子網 ID?
使用python部署網絡安全組的問題:NetworkSecurityGroup'對象沒有屬性“ lower”
如何使用python boto獲取給定安全組的資源?
使用python將NSG附加到子網
如何使用python列出應用於azure資源組的鎖
如何使用 Python 鎖定 Azure 資源組中的所有資源
如何使用 Python boto3 檢索 VPC ID 和子網 ID?
相關標簽