C# で Microsoft Azure のネットワークセキュリティグループの操作を行うのは、Azure.ResourceManager.Network を使えばできた。
ネットワークセキュリティグループのセキュリティ規則を CRUD してみたサンプルは次の通り。
using Azure; using Azure.Identity; using Azure.ResourceManager; using Azure.ResourceManager.Network; using Azure.ResourceManager.Network.Models; using Azure.ResourceManager.Resources; const string ClientId = "クライアントID"; const string ClientSecret = "クライアントシークレット"; const string TenantId = "テナントID"; const string SubscriptionId = "サブスクリプションID"; const string ResourceGroupName = "リソースグループ名"; const string NetworkSecurityGroupName = "ネットワークセキュリティグループ名"; const string SecurityRuleName = "セキュリティ規則名"; var credential = new ClientSecretCredential( tenantId: TenantId, clientId: ClientId, clientSecret: ClientSecret); var client = new ArmClient(credential); ResourceGroupResource resourceGroup = await client.GetSubscriptionResource( SubscriptionResource.CreateResourceIdentifier(SubscriptionId)) .GetResourceGroupAsync(ResourceGroupName); NetworkSecurityGroupResource nsg = await resourceGroup.GetNetworkSecurityGroupAsync(NetworkSecurityGroupName); // セキュリティ規則を作成 var createOperation = await nsg.GetSecurityRules().CreateOrUpdateAsync( waitUntil: WaitUntil.Completed, securityRuleName: SecurityRuleName, data: new SecurityRuleData { Priority = 100, Direction = SecurityRuleDirection.Inbound, Protocol = SecurityRuleProtocol.Tcp, SourceAddressPrefix = "*", SourcePortRange = "*", DestinationAddressPrefix = "*", DestinationPortRange = "808", Access = SecurityRuleAccess.Allow, }); SecurityRuleResource createdRule = await createOperation.WaitForCompletionAsync(); // セキュリティ規則を列挙 nsg = await resourceGroup.GetNetworkSecurityGroupAsync(NetworkSecurityGroupName); var securityRules = nsg.GetSecurityRules(); foreach (var securityRule in securityRules) { Console.WriteLine(securityRule.Data.Name); } // セキュリティ規則を更新 var updateOperation = await createdRule.UpdateAsync( waitUntil: WaitUntil.Completed, data: new SecurityRuleData { Priority = 101, SourceAddressPrefix = "VirtualNetwork", // 更新したい値以外もすべて設定しないと上手くいかなかった Direction = SecurityRuleDirection.Inbound, Protocol = SecurityRuleProtocol.Tcp, SourcePortRange = "*", DestinationAddressPrefix = "*", DestinationPortRange = "808", Access = SecurityRuleAccess.Allow, }); SecurityRuleResource updatedRule = await updateOperation.WaitForCompletionAsync(); // セキュリティ規則を削除 await updatedRule.DeleteAsync(WaitUntil.Completed);
