Modifier

Partager via


Set-AzEventHubNetworkRuleSet

Sets an EventHub Namespace Network Rule Set

Syntax

Set-AzEventHubNetworkRuleSet
   -NamespaceName <String>
   -ResourceGroupName <String>
   [-SubscriptionId <String>]
   [-PublicNetworkAccess <String>]
   [-TrustedServiceAccessEnabled]
   [-DefaultAction <String>]
   [-IPRule <INwRuleSetIPRules[]>]
   [-VirtualNetworkRule <INwRuleSetVirtualNetworkRules[]>]
   [-DefaultProfile <PSObject>]
   [-AsJob]
   [-NoWait]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-AzEventHubNetworkRuleSet
   -InputObject <IEventHubIdentity>
   [-PublicNetworkAccess <String>]
   [-TrustedServiceAccessEnabled]
   [-DefaultAction <String>]
   [-IPRule <INwRuleSetIPRules[]>]
   [-VirtualNetworkRule <INwRuleSetVirtualNetworkRules[]>]
   [-DefaultProfile <PSObject>]
   [-AsJob]
   [-NoWait]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Sets an EventHub Namespace Network Rule Set

Examples

Example 1: Add IP Rules and Virtual Network Rules to a Network Rule Set

$ipRule1 = New-AzEventHubIPRuleConfig -IPMask 2.2.2.2 -Action Allow
$ipRule2 = New-AzEventHubIPRuleConfig -IPMask 3.3.3.3 -Action Allow
$virtualNetworkRule1 = New-AzEventHubVirtualNetworkRuleConfig -SubnetId '/subscriptions/subscriptionId/resourcegroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/default'
$networkRuleSet = Get-AzEventHubNetworkRuleSet -ResourceGroupName myResourceGroup -NamespaceName myNamespace
$networkRuleSet.IPRule += $ipRule1
$networkRuleSet.IPRule += $ipRule2
$networkRuleSet.VirtualNetworkRule += $virtualNetworkRule1
Set-AzEventHubNetworkRuleSet -ResourceGroupName myResourceGroup -NamespaceName myNamespace -IPRule $ipRule1,$ipRule2 -VirtualNetworkRule $virtualNetworkRule1,$virtualNetworkRule2,$virtualNetworkRule3

DefaultAction                : Deny
IPRule                       : {{
                                 "ipMask": "1.1.1.1",
                                 "action": "Allow"
                               }, {
                                 "ipMask": "2.2.2.2",
                                 "action": "Allow"
                               }, {
                                 "ipMask": "3.3.3.3",
                                 "action": "Allow"
                               }}
Id                           : /subscriptions/subscriptionId/resourceGroups/myResourceGroup/providers/Microsoft.EventHub/namespaces/myNamespace/networkRuleSets/
                               default
Location                     : Australia East
Name                         : default
PublicNetworkAccess          : Enabled
ResourceGroupName            : Default-EventHub-6229
TrustedServiceAccessEnabled  :
Type                         : Microsoft.EventHub/Namespaces/NetworkRuleSets
VirtualNetworkRule           : {{
                                 "subnet": {
                                   "id": "/subscriptions/subscriptionId/resourcegroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/default"
                                 },
                                 "ignoreMissingVnetServiceEndpoint": false
                               },{
                                 "subnet": {
                                   "id": "/subscriptions/subscriptionId/resourcegroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet"
                                 },
                                 "ignoreMissingVnetServiceEndpoint": false
                               }}

Appends virtual network rules and IPRules to the existing rules.

Example 2: Enable Trusted Service Access on a namespace

Set-AzEventHubNetworkRuleSet -ResourceGroupName myResourceGroup -NamespaceName myNamespace -TrustedServiceAccessEnabled

DefaultAction                : Deny
IPRule                       : {{
                                 "ipMask": "1.1.1.1",
                                 "action": "Allow"
                               }, {
                                 "ipMask": "2.2.2.2",
                                 "action": "Allow"
                               }, {
                                 "ipMask": "3.3.3.3",
                                 "action": "Allow"
                               }}
Id                           : /subscriptions/subscriptionId/resourceGroups/myResourceGroup/providers/Microsoft.EventHub/namespaces/myNamespace/networkRuleSets/
                               default
Location                     : Australia East
Name                         : default
PublicNetworkAccess          : Enabled
ResourceGroupName            : myResourceGroup
TrustedServiceAccessEnabled  : True
Type                         : Microsoft.EventHub/Namespaces/NetworkRuleSets
VirtualNetworkRule           : {{
                                 "subnet": {
                                   "id": "/subscriptions/subscriptionId/resourcegroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/default"
                                 },
                                 "ignoreMissingVnetServiceEndpoint": false
                               },{
                                 "subnet": {
                                   "id": "/subscriptions/subscriptionId/resourcegroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet"
                                 },
                                 "ignoreMissingVnetServiceEndpoint": false
                               }}

Enabled Trusted Service Access on the eventhub namespace myNamespace.

Parameters

-AsJob

Run the command as a job

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultAction

Default Action for Network Rule Set

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:PSObject
Aliases:AzureRMContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Identity parameter. To construct, see NOTES section for INPUTOBJECT properties and create a hash table.

Type:IEventHubIdentity
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-IPRule

List of IpRules

Type:INwRuleSetIPRules[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-NamespaceName

The name of EventHub namespace

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-NoWait

Run the command asynchronously

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PublicNetworkAccess

This determines if traffic is allowed over public network. By default it is enabled. If value is SecuredByPerimeter then Inbound and Outbound communication is controlled by the network security perimeter and profile's access rules.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

The name of the resource group. The name is case insensitive.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-SubscriptionId

The ID of the target subscription.

Type:String
Position:Named
Default value:(Get-AzContext).Subscription.Id
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-TrustedServiceAccessEnabled

Value that indicates whether Trusted Service Access is Enabled or not.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-VirtualNetworkRule

List of VirtualNetwork Rules

Type:INwRuleSetVirtualNetworkRules[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

IEventHubIdentity

Outputs

INetworkRuleSet