Microsoft.Network networkSecurityGroups/securityRules 2016-03-30
- Latest
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
- 2018-07-01
- 2018-06-01
- 2018-04-01
- 2018-02-01
- 2018-01-01
- 2017-11-01
- 2017-10-01
- 2017-09-01
- 2017-08-01
- 2017-06-01
- 2017-03-30
- 2017-03-01
- 2016-12-01
- 2016-09-01
- 2016-06-01
- 2016-03-30
- 2015-06-15
- 2015-05-01-preview
Remarks
For guidance on creating network security groups, see Create virtual network resources by using Bicep.
Bicep resource definition
The networkSecurityGroups/securityRules resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkSecurityGroups/securityRules resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/networkSecurityGroups/securityRules@2016-03-30' = {
parent: resourceSymbolicName
etag: 'string'
name: 'string'
properties: {
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationPortRange: 'string'
direction: 'string'
priority: int
protocol: 'string'
provisioningState: 'string'
sourceAddressPrefix: 'string'
sourcePortRange: 'string'
}
}
Property values
Microsoft.Network/networkSecurityGroups/securityRules
Name | Description | Value |
---|---|---|
etag | A unique read-only string that changes whenever the resource is updated | string |
name | The resource name | string (required) |
parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: networkSecurityGroups |
properties | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
provisioningState | Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
ARM template resource definition
The networkSecurityGroups/securityRules resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkSecurityGroups/securityRules resource, add the following JSON to your template.
{
"type": "Microsoft.Network/networkSecurityGroups/securityRules",
"apiVersion": "2016-03-30",
"name": "string",
"etag": "string",
"properties": {
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationPortRange": "string",
"direction": "string",
"priority": "int",
"protocol": "string",
"provisioningState": "string",
"sourceAddressPrefix": "string",
"sourcePortRange": "string"
}
}
Property values
Microsoft.Network/networkSecurityGroups/securityRules
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2016-03-30' |
etag | A unique read-only string that changes whenever the resource is updated | string |
name | The resource name | string (required) |
properties | SecurityRulePropertiesFormat | |
type | The resource type | 'Microsoft.Network/networkSecurityGroups/securityRules' |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
provisioningState | Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Deploy Darktrace Autoscaling vSensors |
This template allows you to deploy an automatically autoscaling deployment of Darktrace vSensors |
Terraform (AzAPI provider) resource definition
The networkSecurityGroups/securityRules resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/networkSecurityGroups/securityRules resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/networkSecurityGroups/securityRules@2016-03-30"
name = "string"
etag = "string"
body = jsonencode({
properties = {
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationPortRange = "string"
direction = "string"
priority = int
protocol = "string"
provisioningState = "string"
sourceAddressPrefix = "string"
sourcePortRange = "string"
}
})
}
Property values
Microsoft.Network/networkSecurityGroups/securityRules
Name | Description | Value |
---|---|---|
etag | A unique read-only string that changes whenever the resource is updated | string |
name | The resource name | string (required) |
parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: networkSecurityGroups |
properties | SecurityRulePropertiesFormat | |
type | The resource type | "Microsoft.Network/networkSecurityGroups/securityRules@2016-03-30" |
SecurityRulePropertiesFormat
Name | Description | Value |
---|---|---|
access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
provisioningState | Gets or sets Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |