添加入站网络安全组规则Add an inbound network security group rule

本示例脚本创建网络安全组规则,以允许端口 8081 上的入站流量。This sample script creates a network security group rule to allow inbound traffic on port 8081. 该脚本获取网络安全组、创建新的网络安全配置规则,并更新网络安全组。The script gets the network security group, creates a new network security configuration rule, and updates the network security group. 根据需要自定义参数。Customize the parameters as needed.

备注

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

必要时,请使用 Azure PowerShell 指南中的说明安装 Azure PowerShell。If needed, install the Azure PowerShell using the instructions found in the Azure PowerShell guide.

示例脚本Sample script

Connect-AzAccount -Environment AzureChinaCloud
Get-AzSubscription
Set-AzContext -SubscriptionId "yourSubscriptionID"

$RGname="sfclustertutorialgroup"
$port=8081
$rulename="allowAppPort$port"
$nsgname="sf-vnet-security"

# Get the NSG resource
$nsg = Get-AzNetworkSecurityGroup -Name $nsgname -ResourceGroupName $RGname

# Add the inbound security rule.
$nsg | Add-AzNetworkSecurityRuleConfig -Name $rulename -Description "Allow app port" -Access Allow `
    -Protocol * -Direction Inbound -Priority 3891 -SourceAddressPrefix "*" -SourcePortRange * `
    -DestinationAddressPrefix * -DestinationPortRange $port

# Update the NSG.
$nsg | Set-AzNetworkSecurityGroup

脚本说明Script explanation

此脚本使用以下命令。This script uses the following commands. 表中的每条命令均链接到特定于命令的文档。Each command in the table links to command specific documentation.

CommandCommand 说明Notes
Get-AzResourceGet-AzResource 获取 Microsoft.Network/networkSecurityGroups 资源。Gets the Microsoft.Network/networkSecurityGroups resource.
Get-AzNetworkSecurityGroupGet-AzNetworkSecurityGroup 按名称获取网络安全组。Gets the network security group by name.
Add-AzNetworkSecurityRuleConfigAdd-AzNetworkSecurityRuleConfig 将网络安全规则配置添加到网络安全组。Adds a network security rule configuration to a network security group.
Set-AzNetworkSecurityGroupSet-AzNetworkSecurityGroup 设置网络安全组的目标状态。Sets the goal state for a network security group.

后续步骤Next steps

有关 Azure PowerShell 模块的详细信息,请参阅 Azure PowerShell 文档For more information on the Azure PowerShell module, see Azure PowerShell documentation.