你当前正在访问 Microsoft Azure Global Edition 技术文档网站。如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Network Security Perimeter Access Rules - Create Or Update

Service:: Network security perimeter

API Version:: 2025-01-01

Creates or updates a network access rule.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkSecurityPerimeters/{networkSecurityPerimeterName}/profiles/{profileName}/accessRules/{accessRuleName}?api-version=2025-01-01

URI Parameters

Name	In	Required	Type	Description
accessRuleName	path	True	string maxLength: 80 pattern: (^[a-zA-Z0-9]+[a-zA-Z0-9_.-]*[a-zA-Z0-9_]+$)\|(^[a-zA-Z0-9]$)	The name of the NSP access rule.
networkSecurityPerimeterName	path	True	string maxLength: 80 pattern: (^[a-zA-Z0-9]+[a-zA-Z0-9_.-]*[a-zA-Z0-9_]+$)\|(^[a-zA-Z0-9]$)	The name of the network security perimeter.
profileName	path	True	string maxLength: 80 pattern: (^[a-zA-Z0-9]+[a-zA-Z0-9_.-]*[a-zA-Z0-9_]+$)\|(^[a-zA-Z0-9]$)	The name of the NSP profile.
resourceGroupName	path	True	string	The name of the resource group.
subscriptionId	path	True	string	The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
api-version	query	True	string	Client API version.

Request Body

Name	Type	Description
properties.addressPrefixes	string[]	Inbound address prefixes (IPv4/IPv6)
properties.direction	AccessRuleDirection	Direction that specifies whether the access rules is inbound/outbound.
properties.emailAddresses	string[]	Outbound rules in email address format. This access rule type is currently unavailable for use.
properties.fullyQualifiedDomainNames	string[]	Outbound rules in fully qualified domain name format.
properties.phoneNumbers	string[]	Outbound rules in phone number format. This access rule type is currently unavailable for use.
properties.serviceTags	string[]	Inbound rules of type service tag. This access rule type is currently unavailable for use.
properties.subscriptions	SubscriptionId[]	List of subscription ids

Responses

Name	Type	Description
200 OK	NspAccessRule	Updated - Existing access rule is updated. Returns the resource.
201 Created	NspAccessRule	Create - Returns the NspAccessRule resource created.
Other Status Codes	CloudError	Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

NspAccessRulePut

PUT https://management.azure.com/subscriptions/subId/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityPerimeters/nsp1/profiles/profile1/accessRules/accessRule1?api-version=2025-01-01

{
  "properties": {
    "direction": "Inbound",
    "addressPrefixes": [
      "10.11.0.0/16",
      "10.10.1.0/24"
    ]
  }
}

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Network;

// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2025-01-01/examples/NspAccessRulePut.json
// this example is just showing the usage of "NetworkSecurityPerimeterAccessRules_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://free.blessedness.top/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this NetworkSecurityPerimeterProfileResource created on azure
// for more information of creating NetworkSecurityPerimeterProfileResource, please refer to the document of NetworkSecurityPerimeterProfileResource
string subscriptionId = "subId";
string resourceGroupName = "rg1";
string networkSecurityPerimeterName = "nsp1";
string profileName = "profile1";
ResourceIdentifier networkSecurityPerimeterProfileResourceId = NetworkSecurityPerimeterProfileResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkSecurityPerimeterName, profileName);
NetworkSecurityPerimeterProfileResource networkSecurityPerimeterProfile = client.GetNetworkSecurityPerimeterProfileResource(networkSecurityPerimeterProfileResourceId);

// get the collection of this NetworkSecurityPerimeterAccessRuleResource
NetworkSecurityPerimeterAccessRuleCollection collection = networkSecurityPerimeterProfile.GetNetworkSecurityPerimeterAccessRules();

// invoke the operation
string accessRuleName = "accessRule1";
NetworkSecurityPerimeterAccessRuleData data = new NetworkSecurityPerimeterAccessRuleData
{
    Direction = NetworkSecurityPerimeterAccessRuleDirection.Inbound,
    AddressPrefixes = { "10.11.0.0/16", "10.10.1.0/24" },
};
ArmOperation<NetworkSecurityPerimeterAccessRuleResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accessRuleName, data);
NetworkSecurityPerimeterAccessRuleResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
NetworkSecurityPerimeterAccessRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "accessRule1",
  "id": "/subscriptions/subId/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityPerimeters/nsp1/profiles/profile1/accessRules/accessRule1",
  "type": "Microsoft.Network/networkSecurityPerimeters/profiles/accessRules",
  "properties": {
    "provisioningState": "Succeeded",
    "direction": "Inbound",
    "addressPrefixes": [
      "10.11.0.0/16",
      "10.10.1.0/24"
    ],
    "fullyQualifiedDomainNames": [],
    "subscriptions": [],
    "networkSecurityPerimeters": [],
    "emailAddresses": [],
    "phoneNumbers": [],
    "serviceTags": []
  },
  "systemData": {
    "createdBy": "user",
    "createdByType": "User",
    "createdAt": "2024-02-07T18:07:36.3446713Z",
    "lastModifiedBy": "user",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2024-02-07T18:07:36.3446713Z"
  }
}

Status code:: 201

{
  "name": "accessRule1",
  "id": "/subscriptions/subId/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityPerimeters/nsp1/profiles/profile1/accessRules/accessRule1",
  "type": "Microsoft.Network/networkSecurityPerimeters/profiles/accessRules",
  "properties": {
    "provisioningState": "Succeeded",
    "direction": "Inbound",
    "addressPrefixes": [
      "10.11.0.0/16",
      "10.10.1.0/24"
    ],
    "fullyQualifiedDomainNames": [],
    "subscriptions": [],
    "networkSecurityPerimeters": [],
    "emailAddresses": [],
    "phoneNumbers": [],
    "serviceTags": []
  },
  "systemData": {
    "createdBy": "user",
    "createdByType": "User",
    "createdAt": "2024-02-07T18:07:36.3446713Z",
    "lastModifiedBy": "user",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2024-02-07T18:07:36.3446713Z"
  }
}

Definitions

Name	Description
AccessRuleDirection	Direction that specifies whether the access rules is inbound/outbound.
CloudError	An error response from the service.
CloudErrorBody	An error response from the service.
createdByType	The type of identity that created the resource.
NspAccessRule	The NSP access rule resource
nspProvisioningState	The provisioning state of the scope assignment resource.
PerimeterBasedAccessRule
SubscriptionId
systemData	Metadata pertaining to creation and last modification of the resource.

AccessRuleDirection

Enumeration

Direction that specifies whether the access rules is inbound/outbound.

Value	Description
Inbound
Outbound

CloudError

Object

An error response from the service.

Name	Type	Description
error	CloudErrorBody	Cloud error body.

CloudErrorBody

Object

An error response from the service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

createdByType

Enumeration

The type of identity that created the resource.

Value	Description
User
Application
ManagedIdentity
Key

NspAccessRule

Object

The NSP access rule resource

Name	Type	Description
id	string (arm-id)	Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
name	string	The name of the resource
properties.addressPrefixes	string[]	Inbound address prefixes (IPv4/IPv6)
properties.direction	AccessRuleDirection	Direction that specifies whether the access rules is inbound/outbound.
properties.emailAddresses	string[]	Outbound rules in email address format. This access rule type is currently unavailable for use.
properties.fullyQualifiedDomainNames	string[]	Outbound rules in fully qualified domain name format.
properties.networkSecurityPerimeters	PerimeterBasedAccessRule[]	Rule specified by the perimeter id.
properties.phoneNumbers	string[]	Outbound rules in phone number format. This access rule type is currently unavailable for use.
properties.provisioningState	nspProvisioningState	The provisioning state of the scope assignment resource.
properties.serviceTags	string[]	Inbound rules of type service tag. This access rule type is currently unavailable for use.
properties.subscriptions	SubscriptionId[]	List of subscription ids
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

nspProvisioningState

Enumeration

The provisioning state of the scope assignment resource.

Value	Description
Succeeded
Creating
Updating
Deleting
Accepted
Failed

PerimeterBasedAccessRule

Object

Name	Type	Description
id	string (arm-id)	NSP id in the ARM id format.
location	string	Location of the NSP supplied.
perimeterGuid	string	Resource guid of the NSP supplied.

SubscriptionId

Object

Name	Type	Description
id	string (arm-id)	Subscription id in the ARM id format.

systemData

Object

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string (date-time)	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string (date-time)	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.

通过

Network Security Perimeter Access Rules - Create Or Update

URI Parameters

Request Body

Responses

Security

azure_auth

Scopes

Examples

NspAccessRulePut

Sample request

Sample response

Definitions

AccessRuleDirection

CloudError

CloudErrorBody

createdByType

NspAccessRule

nspProvisioningState

PerimeterBasedAccessRule

SubscriptionId

systemData