1. Packages
  2. Azure Native v1
  3. API Docs
  4. network
  5. SecurityRule
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

azure-native.network.SecurityRule

Explore with Pulumi AI

azure-native-v1 logo
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

    Network security rule. API Version: 2020-11-01.

    Example Usage

    Create security rule

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var securityRule = new AzureNative.Network.SecurityRule("securityRule", new()
        {
            Access = "Deny",
            DestinationAddressPrefix = "11.0.0.0/8",
            DestinationPortRange = "8080",
            Direction = "Outbound",
            NetworkSecurityGroupName = "testnsg",
            Priority = 100,
            Protocol = "*",
            ResourceGroupName = "rg1",
            SecurityRuleName = "rule1",
            SourceAddressPrefix = "10.0.0.0/8",
            SourcePortRange = "*",
        });
    
    });
    
    package main
    
    import (
    	network "github.com/pulumi/pulumi-azure-native-sdk/network"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := network.NewSecurityRule(ctx, "securityRule", &network.SecurityRuleArgs{
    			Access:                   pulumi.String("Deny"),
    			DestinationAddressPrefix: pulumi.String("11.0.0.0/8"),
    			DestinationPortRange:     pulumi.String("8080"),
    			Direction:                pulumi.String("Outbound"),
    			NetworkSecurityGroupName: pulumi.String("testnsg"),
    			Priority:                 pulumi.Int(100),
    			Protocol:                 pulumi.String("*"),
    			ResourceGroupName:        pulumi.String("rg1"),
    			SecurityRuleName:         pulumi.String("rule1"),
    			SourceAddressPrefix:      pulumi.String("10.0.0.0/8"),
    			SourcePortRange:          pulumi.String("*"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.network.SecurityRule;
    import com.pulumi.azurenative.network.SecurityRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var securityRule = new SecurityRule("securityRule", SecurityRuleArgs.builder()        
                .access("Deny")
                .destinationAddressPrefix("11.0.0.0/8")
                .destinationPortRange("8080")
                .direction("Outbound")
                .networkSecurityGroupName("testnsg")
                .priority(100)
                .protocol("*")
                .resourceGroupName("rg1")
                .securityRuleName("rule1")
                .sourceAddressPrefix("10.0.0.0/8")
                .sourcePortRange("*")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    security_rule = azure_native.network.SecurityRule("securityRule",
        access="Deny",
        destination_address_prefix="11.0.0.0/8",
        destination_port_range="8080",
        direction="Outbound",
        network_security_group_name="testnsg",
        priority=100,
        protocol="*",
        resource_group_name="rg1",
        security_rule_name="rule1",
        source_address_prefix="10.0.0.0/8",
        source_port_range="*")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const securityRule = new azure_native.network.SecurityRule("securityRule", {
        access: "Deny",
        destinationAddressPrefix: "11.0.0.0/8",
        destinationPortRange: "8080",
        direction: "Outbound",
        networkSecurityGroupName: "testnsg",
        priority: 100,
        protocol: "*",
        resourceGroupName: "rg1",
        securityRuleName: "rule1",
        sourceAddressPrefix: "10.0.0.0/8",
        sourcePortRange: "*",
    });
    
    resources:
      securityRule:
        type: azure-native:network:SecurityRule
        properties:
          access: Deny
          destinationAddressPrefix: 11.0.0.0/8
          destinationPortRange: '8080'
          direction: Outbound
          networkSecurityGroupName: testnsg
          priority: 100
          protocol: '*'
          resourceGroupName: rg1
          securityRuleName: rule1
          sourceAddressPrefix: 10.0.0.0/8
          sourcePortRange: '*'
    

    Create SecurityRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecurityRule(name: string, args: SecurityRuleArgs, opts?: CustomResourceOptions);
    @overload
    def SecurityRule(resource_name: str,
                     args: SecurityRuleInitArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecurityRule(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     access: Optional[Union[str, SecurityRuleAccess]] = None,
                     resource_group_name: Optional[str] = None,
                     protocol: Optional[Union[str, SecurityRuleProtocol]] = None,
                     network_security_group_name: Optional[str] = None,
                     direction: Optional[Union[str, SecurityRuleDirection]] = None,
                     destination_port_range: Optional[str] = None,
                     destination_address_prefix: Optional[str] = None,
                     destination_application_security_groups: Optional[Sequence[ApplicationSecurityGroupArgs]] = None,
                     id: Optional[str] = None,
                     name: Optional[str] = None,
                     destination_address_prefixes: Optional[Sequence[str]] = None,
                     priority: Optional[int] = None,
                     destination_port_ranges: Optional[Sequence[str]] = None,
                     description: Optional[str] = None,
                     security_rule_name: Optional[str] = None,
                     source_address_prefix: Optional[str] = None,
                     source_address_prefixes: Optional[Sequence[str]] = None,
                     source_application_security_groups: Optional[Sequence[ApplicationSecurityGroupArgs]] = None,
                     source_port_range: Optional[str] = None,
                     source_port_ranges: Optional[Sequence[str]] = None,
                     type: Optional[str] = None)
    func NewSecurityRule(ctx *Context, name string, args SecurityRuleArgs, opts ...ResourceOption) (*SecurityRule, error)
    public SecurityRule(string name, SecurityRuleArgs args, CustomResourceOptions? opts = null)
    public SecurityRule(String name, SecurityRuleArgs args)
    public SecurityRule(String name, SecurityRuleArgs args, CustomResourceOptions options)
    
    type: azure-native:network:SecurityRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecurityRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecurityRuleInitArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecurityRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecurityRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecurityRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var securityRuleResource = new AzureNative.Network.SecurityRule("securityRuleResource", new()
    {
        Access = "string",
        ResourceGroupName = "string",
        Protocol = "string",
        NetworkSecurityGroupName = "string",
        Direction = "string",
        DestinationPortRange = "string",
        DestinationAddressPrefix = "string",
        DestinationApplicationSecurityGroups = new[]
        {
            
            {
                { "id", "string" },
                { "location", "string" },
                { "tags", 
                {
                    { "string", "string" },
                } },
            },
        },
        Id = "string",
        Name = "string",
        DestinationAddressPrefixes = new[]
        {
            "string",
        },
        Priority = 0,
        DestinationPortRanges = new[]
        {
            "string",
        },
        Description = "string",
        SecurityRuleName = "string",
        SourceAddressPrefix = "string",
        SourceAddressPrefixes = new[]
        {
            "string",
        },
        SourceApplicationSecurityGroups = new[]
        {
            
            {
                { "id", "string" },
                { "location", "string" },
                { "tags", 
                {
                    { "string", "string" },
                } },
            },
        },
        SourcePortRange = "string",
        SourcePortRanges = new[]
        {
            "string",
        },
        Type = "string",
    });
    
    example, err := network.NewSecurityRule(ctx, "securityRuleResource", &network.SecurityRuleArgs{
    	Access:                   "string",
    	ResourceGroupName:        "string",
    	Protocol:                 "string",
    	NetworkSecurityGroupName: "string",
    	Direction:                "string",
    	DestinationPortRange:     "string",
    	DestinationAddressPrefix: "string",
    	DestinationApplicationSecurityGroups: []map[string]interface{}{
    		map[string]interface{}{
    			"id":       "string",
    			"location": "string",
    			"tags": map[string]interface{}{
    				"string": "string",
    			},
    		},
    	},
    	Id:   "string",
    	Name: "string",
    	DestinationAddressPrefixes: []string{
    		"string",
    	},
    	Priority: 0,
    	DestinationPortRanges: []string{
    		"string",
    	},
    	Description:         "string",
    	SecurityRuleName:    "string",
    	SourceAddressPrefix: "string",
    	SourceAddressPrefixes: []string{
    		"string",
    	},
    	SourceApplicationSecurityGroups: []map[string]interface{}{
    		map[string]interface{}{
    			"id":       "string",
    			"location": "string",
    			"tags": map[string]interface{}{
    				"string": "string",
    			},
    		},
    	},
    	SourcePortRange: "string",
    	SourcePortRanges: []string{
    		"string",
    	},
    	Type: "string",
    })
    
    var securityRuleResource = new SecurityRule("securityRuleResource", SecurityRuleArgs.builder()
        .access("string")
        .resourceGroupName("string")
        .protocol("string")
        .networkSecurityGroupName("string")
        .direction("string")
        .destinationPortRange("string")
        .destinationAddressPrefix("string")
        .destinationApplicationSecurityGroups(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
        .id("string")
        .name("string")
        .destinationAddressPrefixes("string")
        .priority(0)
        .destinationPortRanges("string")
        .description("string")
        .securityRuleName("string")
        .sourceAddressPrefix("string")
        .sourceAddressPrefixes("string")
        .sourceApplicationSecurityGroups(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
        .sourcePortRange("string")
        .sourcePortRanges("string")
        .type("string")
        .build());
    
    security_rule_resource = azure_native.network.SecurityRule("securityRuleResource",
        access=string,
        resource_group_name=string,
        protocol=string,
        network_security_group_name=string,
        direction=string,
        destination_port_range=string,
        destination_address_prefix=string,
        destination_application_security_groups=[{
            id: string,
            location: string,
            tags: {
                string: string,
            },
        }],
        id=string,
        name=string,
        destination_address_prefixes=[string],
        priority=0,
        destination_port_ranges=[string],
        description=string,
        security_rule_name=string,
        source_address_prefix=string,
        source_address_prefixes=[string],
        source_application_security_groups=[{
            id: string,
            location: string,
            tags: {
                string: string,
            },
        }],
        source_port_range=string,
        source_port_ranges=[string],
        type=string)
    
    const securityRuleResource = new azure_native.network.SecurityRule("securityRuleResource", {
        access: "string",
        resourceGroupName: "string",
        protocol: "string",
        networkSecurityGroupName: "string",
        direction: "string",
        destinationPortRange: "string",
        destinationAddressPrefix: "string",
        destinationApplicationSecurityGroups: [{
            id: "string",
            location: "string",
            tags: {
                string: "string",
            },
        }],
        id: "string",
        name: "string",
        destinationAddressPrefixes: ["string"],
        priority: 0,
        destinationPortRanges: ["string"],
        description: "string",
        securityRuleName: "string",
        sourceAddressPrefix: "string",
        sourceAddressPrefixes: ["string"],
        sourceApplicationSecurityGroups: [{
            id: "string",
            location: "string",
            tags: {
                string: "string",
            },
        }],
        sourcePortRange: "string",
        sourcePortRanges: ["string"],
        type: "string",
    });
    
    type: azure-native:network:SecurityRule
    properties:
        access: string
        description: string
        destinationAddressPrefix: string
        destinationAddressPrefixes:
            - string
        destinationApplicationSecurityGroups:
            - id: string
              location: string
              tags:
                string: string
        destinationPortRange: string
        destinationPortRanges:
            - string
        direction: string
        id: string
        name: string
        networkSecurityGroupName: string
        priority: 0
        protocol: string
        resourceGroupName: string
        securityRuleName: string
        sourceAddressPrefix: string
        sourceAddressPrefixes:
            - string
        sourceApplicationSecurityGroups:
            - id: string
              location: string
              tags:
                string: string
        sourcePortRange: string
        sourcePortRanges:
            - string
        type: string
    

    SecurityRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecurityRule resource accepts the following input properties:

    Access string | Pulumi.AzureNative.Network.SecurityRuleAccess
    The network traffic is allowed or denied.
    Direction string | Pulumi.AzureNative.Network.SecurityRuleDirection
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    NetworkSecurityGroupName string
    The name of the network security group.
    Protocol string | Pulumi.AzureNative.Network.SecurityRuleProtocol
    Network protocol this rule applies to.
    ResourceGroupName string
    The name of the resource group.
    Description string
    A description for this rule. Restricted to 140 chars.
    DestinationAddressPrefix string
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    DestinationAddressPrefixes List<string>
    The destination address prefixes. CIDR or destination IP ranges.
    DestinationApplicationSecurityGroups List<Pulumi.AzureNative.Network.Inputs.ApplicationSecurityGroup>
    The application security group specified as destination.
    DestinationPortRange string
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    DestinationPortRanges List<string>
    The destination port ranges.
    Id string
    Resource ID.
    Name string
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    Priority int
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    SecurityRuleName string
    The name of the security rule.
    SourceAddressPrefix string
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    SourceAddressPrefixes List<string>
    The CIDR or source IP ranges.
    SourceApplicationSecurityGroups List<Pulumi.AzureNative.Network.Inputs.ApplicationSecurityGroup>
    The application security group specified as source.
    SourcePortRange string
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    SourcePortRanges List<string>
    The source port ranges.
    Type string
    The type of the resource.
    Access string | SecurityRuleAccess
    The network traffic is allowed or denied.
    Direction string | SecurityRuleDirection
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    NetworkSecurityGroupName string
    The name of the network security group.
    Protocol string | SecurityRuleProtocol
    Network protocol this rule applies to.
    ResourceGroupName string
    The name of the resource group.
    Description string
    A description for this rule. Restricted to 140 chars.
    DestinationAddressPrefix string
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    DestinationAddressPrefixes []string
    The destination address prefixes. CIDR or destination IP ranges.
    DestinationApplicationSecurityGroups []ApplicationSecurityGroupTypeArgs
    The application security group specified as destination.
    DestinationPortRange string
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    DestinationPortRanges []string
    The destination port ranges.
    Id string
    Resource ID.
    Name string
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    Priority int
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    SecurityRuleName string
    The name of the security rule.
    SourceAddressPrefix string
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    SourceAddressPrefixes []string
    The CIDR or source IP ranges.
    SourceApplicationSecurityGroups []ApplicationSecurityGroupTypeArgs
    The application security group specified as source.
    SourcePortRange string
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    SourcePortRanges []string
    The source port ranges.
    Type string
    The type of the resource.
    access String | SecurityRuleAccess
    The network traffic is allowed or denied.
    direction String | SecurityRuleDirection
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    networkSecurityGroupName String
    The name of the network security group.
    protocol String | SecurityRuleProtocol
    Network protocol this rule applies to.
    resourceGroupName String
    The name of the resource group.
    description String
    A description for this rule. Restricted to 140 chars.
    destinationAddressPrefix String
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    destinationAddressPrefixes List<String>
    The destination address prefixes. CIDR or destination IP ranges.
    destinationApplicationSecurityGroups List<ApplicationSecurityGroup>
    The application security group specified as destination.
    destinationPortRange String
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    destinationPortRanges List<String>
    The destination port ranges.
    id String
    Resource ID.
    name String
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    priority Integer
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    securityRuleName String
    The name of the security rule.
    sourceAddressPrefix String
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    sourceAddressPrefixes List<String>
    The CIDR or source IP ranges.
    sourceApplicationSecurityGroups List<ApplicationSecurityGroup>
    The application security group specified as source.
    sourcePortRange String
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    sourcePortRanges List<String>
    The source port ranges.
    type String
    The type of the resource.
    access string | SecurityRuleAccess
    The network traffic is allowed or denied.
    direction string | SecurityRuleDirection
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    networkSecurityGroupName string
    The name of the network security group.
    protocol string | SecurityRuleProtocol
    Network protocol this rule applies to.
    resourceGroupName string
    The name of the resource group.
    description string
    A description for this rule. Restricted to 140 chars.
    destinationAddressPrefix string
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    destinationAddressPrefixes string[]
    The destination address prefixes. CIDR or destination IP ranges.
    destinationApplicationSecurityGroups ApplicationSecurityGroup[]
    The application security group specified as destination.
    destinationPortRange string
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    destinationPortRanges string[]
    The destination port ranges.
    id string
    Resource ID.
    name string
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    priority number
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    securityRuleName string
    The name of the security rule.
    sourceAddressPrefix string
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    sourceAddressPrefixes string[]
    The CIDR or source IP ranges.
    sourceApplicationSecurityGroups ApplicationSecurityGroup[]
    The application security group specified as source.
    sourcePortRange string
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    sourcePortRanges string[]
    The source port ranges.
    type string
    The type of the resource.
    access str | SecurityRuleAccess
    The network traffic is allowed or denied.
    direction str | SecurityRuleDirection
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    network_security_group_name str
    The name of the network security group.
    protocol str | SecurityRuleProtocol
    Network protocol this rule applies to.
    resource_group_name str
    The name of the resource group.
    description str
    A description for this rule. Restricted to 140 chars.
    destination_address_prefix str
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    destination_address_prefixes Sequence[str]
    The destination address prefixes. CIDR or destination IP ranges.
    destination_application_security_groups Sequence[ApplicationSecurityGroupArgs]
    The application security group specified as destination.
    destination_port_range str
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    destination_port_ranges Sequence[str]
    The destination port ranges.
    id str
    Resource ID.
    name str
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    priority int
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    security_rule_name str
    The name of the security rule.
    source_address_prefix str
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    source_address_prefixes Sequence[str]
    The CIDR or source IP ranges.
    source_application_security_groups Sequence[ApplicationSecurityGroupArgs]
    The application security group specified as source.
    source_port_range str
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    source_port_ranges Sequence[str]
    The source port ranges.
    type str
    The type of the resource.
    access String | "Allow" | "Deny"
    The network traffic is allowed or denied.
    direction String | "Inbound" | "Outbound"
    The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic.
    networkSecurityGroupName String
    The name of the network security group.
    protocol String | "Tcp" | "Udp" | "Icmp" | "Esp" | "*" | "Ah"
    Network protocol this rule applies to.
    resourceGroupName String
    The name of the resource group.
    description String
    A description for this rule. Restricted to 140 chars.
    destinationAddressPrefix String
    The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
    destinationAddressPrefixes List<String>
    The destination address prefixes. CIDR or destination IP ranges.
    destinationApplicationSecurityGroups List<Property Map>
    The application security group specified as destination.
    destinationPortRange String
    The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    destinationPortRanges List<String>
    The destination port ranges.
    id String
    Resource ID.
    name String
    The name of the resource that is unique within a resource group. This name can be used to access the resource.
    priority Number
    The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
    securityRuleName String
    The name of the security rule.
    sourceAddressPrefix String
    The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
    sourceAddressPrefixes List<String>
    The CIDR or source IP ranges.
    sourceApplicationSecurityGroups List<Property Map>
    The application security group specified as source.
    sourcePortRange String
    The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
    sourcePortRanges List<String>
    The source port ranges.
    type String
    The type of the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecurityRule resource produces the following output properties:

    Etag string
    A unique read-only string that changes whenever the resource is updated.
    Id string
    The provider-assigned unique ID for this managed resource.
    ProvisioningState string
    The provisioning state of the security rule resource.
    Etag string
    A unique read-only string that changes whenever the resource is updated.
    Id string
    The provider-assigned unique ID for this managed resource.
    ProvisioningState string
    The provisioning state of the security rule resource.
    etag String
    A unique read-only string that changes whenever the resource is updated.
    id String
    The provider-assigned unique ID for this managed resource.
    provisioningState String
    The provisioning state of the security rule resource.
    etag string
    A unique read-only string that changes whenever the resource is updated.
    id string
    The provider-assigned unique ID for this managed resource.
    provisioningState string
    The provisioning state of the security rule resource.
    etag str
    A unique read-only string that changes whenever the resource is updated.
    id str
    The provider-assigned unique ID for this managed resource.
    provisioning_state str
    The provisioning state of the security rule resource.
    etag String
    A unique read-only string that changes whenever the resource is updated.
    id String
    The provider-assigned unique ID for this managed resource.
    provisioningState String
    The provisioning state of the security rule resource.

    Supporting Types

    ApplicationSecurityGroup, ApplicationSecurityGroupArgs

    Id string
    Resource ID.
    Location string
    Resource location.
    Tags Dictionary<string, string>
    Resource tags.
    Id string
    Resource ID.
    Location string
    Resource location.
    Tags map[string]string
    Resource tags.
    id String
    Resource ID.
    location String
    Resource location.
    tags Map<String,String>
    Resource tags.
    id string
    Resource ID.
    location string
    Resource location.
    tags {[key: string]: string}
    Resource tags.
    id str
    Resource ID.
    location str
    Resource location.
    tags Mapping[str, str]
    Resource tags.
    id String
    Resource ID.
    location String
    Resource location.
    tags Map<String>
    Resource tags.

    ApplicationSecurityGroupResponse, ApplicationSecurityGroupResponseArgs

    Etag string
    A unique read-only string that changes whenever the resource is updated.
    Name string
    Resource name.
    ProvisioningState string
    The provisioning state of the application security group resource.
    ResourceGuid string
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    Type string
    Resource type.
    Id string
    Resource ID.
    Location string
    Resource location.
    Tags Dictionary<string, string>
    Resource tags.
    Etag string
    A unique read-only string that changes whenever the resource is updated.
    Name string
    Resource name.
    ProvisioningState string
    The provisioning state of the application security group resource.
    ResourceGuid string
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    Type string
    Resource type.
    Id string
    Resource ID.
    Location string
    Resource location.
    Tags map[string]string
    Resource tags.
    etag String
    A unique read-only string that changes whenever the resource is updated.
    name String
    Resource name.
    provisioningState String
    The provisioning state of the application security group resource.
    resourceGuid String
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    type String
    Resource type.
    id String
    Resource ID.
    location String
    Resource location.
    tags Map<String,String>
    Resource tags.
    etag string
    A unique read-only string that changes whenever the resource is updated.
    name string
    Resource name.
    provisioningState string
    The provisioning state of the application security group resource.
    resourceGuid string
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    type string
    Resource type.
    id string
    Resource ID.
    location string
    Resource location.
    tags {[key: string]: string}
    Resource tags.
    etag str
    A unique read-only string that changes whenever the resource is updated.
    name str
    Resource name.
    provisioning_state str
    The provisioning state of the application security group resource.
    resource_guid str
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    type str
    Resource type.
    id str
    Resource ID.
    location str
    Resource location.
    tags Mapping[str, str]
    Resource tags.
    etag String
    A unique read-only string that changes whenever the resource is updated.
    name String
    Resource name.
    provisioningState String
    The provisioning state of the application security group resource.
    resourceGuid String
    The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups.
    type String
    Resource type.
    id String
    Resource ID.
    location String
    Resource location.
    tags Map<String>
    Resource tags.

    SecurityRuleAccess, SecurityRuleAccessArgs

    Allow
    Allow
    Deny
    Deny
    SecurityRuleAccessAllow
    Allow
    SecurityRuleAccessDeny
    Deny
    Allow
    Allow
    Deny
    Deny
    Allow
    Allow
    Deny
    Deny
    ALLOW
    Allow
    DENY
    Deny
    "Allow"
    Allow
    "Deny"
    Deny

    SecurityRuleDirection, SecurityRuleDirectionArgs

    Inbound
    Inbound
    Outbound
    Outbound
    SecurityRuleDirectionInbound
    Inbound
    SecurityRuleDirectionOutbound
    Outbound
    Inbound
    Inbound
    Outbound
    Outbound
    Inbound
    Inbound
    Outbound
    Outbound
    INBOUND
    Inbound
    OUTBOUND
    Outbound
    "Inbound"
    Inbound
    "Outbound"
    Outbound

    SecurityRuleProtocol, SecurityRuleProtocolArgs

    Tcp
    Tcp
    Udp
    Udp
    Icmp
    Icmp
    Esp
    Esp
    Asterisk
    *
    Ah
    Ah
    SecurityRuleProtocolTcp
    Tcp
    SecurityRuleProtocolUdp
    Udp
    SecurityRuleProtocolIcmp
    Icmp
    SecurityRuleProtocolEsp
    Esp
    SecurityRuleProtocolAsterisk
    *
    SecurityRuleProtocolAh
    Ah
    Tcp
    Tcp
    Udp
    Udp
    Icmp
    Icmp
    Esp
    Esp
    Asterisk
    *
    Ah
    Ah
    Tcp
    Tcp
    Udp
    Udp
    Icmp
    Icmp
    Esp
    Esp
    Asterisk
    *
    Ah
    Ah
    TCP
    Tcp
    UDP
    Udp
    ICMP
    Icmp
    ESP
    Esp
    ASTERISK
    *
    AH
    Ah
    "Tcp"
    Tcp
    "Udp"
    Udp
    "Icmp"
    Icmp
    "Esp"
    Esp
    "*"
    *
    "Ah"
    Ah

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:network:SecurityRule rule1 /subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/testnsg/securityRules/rule1 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    azure-native-v1 pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native-v1 logo
    These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
    Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi