Microsoft Azure Virtual Network

the microsoft azure virtual network connector provides automation capabilities for managing network security groups within azure environments microsoft azure virtual network is a foundational service enabling secure and scalable network infrastructure for azure deployments this connector allows users to manage network security groups, control traffic flow, and update network configurations within azure environments directly from the swimlane turbine platform by integrating with azure virtual network, swimlane turbine users can automate network security tasks, optimize traffic routing, and enhance overall security posture with ease prerequisites to utilize the microsoft azure virtual network connector in swimlane, ensure you have the following prerequisites oauth 2 0 client credentials for authentication with the following parameters url endpoint for the azure management api client id application (client) id registered in azure client secret secret generated for the registered application token url url to retrieve the oauth2 token action setup to run the incident management actions, you need a resource group name , subscription id and network security group name steps to create the azure app go to the https //portal azure com/#blade/microsoft aad registeredapps/applicationslistblade in the azure portal click new registration enter a name for your new application and choose accounts in this organizational directory only , then click register at the bottom navigate to the api permissions tab on the left navigation menu select add a permission add the following permissions user impersonation navigate to the certificates & secrets tab and select new client secret fill out the description and expiration, then click the add button at the bottom the value of the secret you just created is the client secret needed for the swimlane asset navigate to the overview tab on the left menu the client id and tenant id needed in the asset are shown on this page go back to the main azure portal windows, and click on your app overview copy the following values resource group name subscription id network security group name capabilities the microsoft azure virtual network connector provides the following capabilities create or update delete get list list all update tags api documentation https //learn microsoft com/en us/rest/api/virtualnetwork/network security groups?view=rest virtualnetwork 2023 09 01 configurations microsoft azure virtual network authentication authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required token url string required client id the client id string required client secret the client secret string required scope scopes for this asset array optional verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions create or update creates or updates a network security group within a specified resource group in microsoft azure virtual network endpoint url /subscriptions/{subscriptionid}/resourcegroups/{resourcegroupname}/providers/microsoft network/networksecuritygroups/{networksecuritygroupname} method put input argument name type required description path parameters networksecuritygroupname string required the name of the network security group path parameters resourcegroupname string required the name of the resource group path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version id string optional resource id location string optional resource location properties object optional parameter for create or update properties flushconnection boolean optional when enabled, flows created from network security group connections will be re evaluated when rules are updates initial enablement will trigger re evaluation properties securityrules array optional a collection of security rules of the network security group properties securityrules etag string optional a unique read only string that changes whenever the resource is updated properties securityrules id string optional resource id properties securityrules name string optional the name of the resource that is unique within a resource group this name can be used to access the resource properties securityrules properties array optional parameter for create or update properties securityrules properties access string optional the network traffic is allowed or denied properties securityrules properties description string optional a description for this rule restricted to 140 chars properties securityrules properties destinationaddressprefix string optional the destination address prefix cidr or destination ip range asterisk ' ' can also be used to match all source ips default tags such as 'virtualnetwork', 'azureloadbalancer' and 'internet' can also be used properties securityrules properties destinationaddressprefixes array optional the destination address prefixes cidr or destination ip ranges properties securityrules properties destinationapplicationsecuritygroups array optional the application security group specified as destination properties securityrules properties destinationapplicationsecuritygroups etag string optional a unique read only string that changes whenever the resource is updated properties securityrules properties destinationapplicationsecuritygroups id string optional resource id properties securityrules properties destinationapplicationsecuritygroups location string optional resource location properties securityrules properties destinationapplicationsecuritygroups name string optional resource name properties securityrules properties destinationapplicationsecuritygroups properties object optional parameter for create or update properties securityrules properties destinationapplicationsecuritygroups tags object optional resource tags properties securityrules properties destinationapplicationsecuritygroups type string optional resource type input example {"parameters" {"api version" "2023 09 01"},"json body" {"id" "","location" "eastus","properties" {"flushconnection"\ true,"securityrules" \[{"etag" "","id" "","name" "rule1","properties" \[{"access" "allow","description" "","destinationaddressprefix" "","destinationaddressprefixes" \[""],"destinationapplicationsecuritygroups" \[{"etag" "","id" "","location" "eastus","name" "rule1","properties" {"provisioningstate" "succeeded","resourceguid" ""},"tags" {},"type" ""}],"destinationportrange" "80","destinationportranges" \[""],"direction" "inbound","priority" 130,"protocol" "ah","provisioningstate" "succeeded","sourceaddressprefix" "","sourceaddressprefixes" \[""],"sourceapplicationsecuritygroups" \[{"etag" "","id" "","location" "eastus","name" "rule1","properties" \[{"provisioningstate" "succeeded","resourceguid" ""}],"tags" {},"type" ""}],"sourceportrange" "","sourceportranges" \[""],"type" ""}]}],"tags" {}}},"path parameters" {"networksecuritygroupname" "","resourcegroupname" "","subscriptionid" ""}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource id string unique identifier type string type of the resource location string output field location properties object output field properties properties provisioningstate string output field properties provisioningstate properties flushconnection boolean output field properties flushconnection properties securityrules array output field properties securityrules properties securityrules file name string name of the resource properties securityrules file string output field properties securityrules file properties defaultsecurityrules array output field properties defaultsecurityrules properties defaultsecurityrules name string name of the resource properties defaultsecurityrules id string unique identifier properties defaultsecurityrules properties object output field properties defaultsecurityrules properties properties defaultsecurityrules properties provisioningstate string output field properties defaultsecurityrules properties provisioningstate properties defaultsecurityrules properties description string output field properties defaultsecurityrules properties description properties defaultsecurityrules properties protocol string output field properties defaultsecurityrules properties protocol properties defaultsecurityrules properties sourceportrange string output field properties defaultsecurityrules properties sourceportrange properties defaultsecurityrules properties destinationportrange string output field properties defaultsecurityrules properties destinationportrange properties defaultsecurityrules properties sourceaddressprefix string output field properties defaultsecurityrules properties sourceaddressprefix properties defaultsecurityrules properties destinationaddressprefix string output field properties defaultsecurityrules properties destinationaddressprefix properties defaultsecurityrules properties access string output field properties defaultsecurityrules properties access properties defaultsecurityrules properties priority number output field properties defaultsecurityrules properties priority output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "thu, 2 may 2024 20 37 23 gmt"},"reason" "ok","json body" {"name" "testnsg","id" "/subscriptions/subid/resourcegroups/rg1/providers/microsoft network/networksecur ","type" "microsoft network/networksecuritygroups","location" "eastus","properties" {"provisioningstate" "succeeded","flushconnection"\ false,"securityrules" \[],"defaultsecurityrules" \[]}}} delete deletes a specified network security group in microsoft azure virtual network, requiring the networksecuritygroupname, resourcegroupname, and subscriptionid endpoint url /subscriptions/{subscriptionid}/resourcegroups/{resourcegroupname}/providers/microsoft network/networksecuritygroups/{networksecuritygroupname} method delete input argument name type required description path parameters networksecuritygroupname string required the name of the network security group path parameters resourcegroupname string required the name of the resource group path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version input example {"parameters" {"api version" "2023 09 01"},"path parameters" {"networksecuritygroupname" "","resourcegroupname" "","subscriptionid" ""}} get retrieves details of a specified network security group in microsoft azure virtual network using resource and subscription identifiers endpoint url /subscriptions/{subscriptionid}/resourcegroups/{resourcegroupname}/providers/microsoft network/networksecuritygroups/{networksecuritygroupname} method get input argument name type required description path parameters networksecuritygroupname string required the name of the network security group path parameters resourcegroupname string required the name of the resource group path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version parameters $expand string optional expands referenced resources input example {"parameters" {"api version" "2023 09 01","$expand" "{$expand}"},"path parameters" {"networksecuritygroupname" "","resourcegroupname" "","subscriptionid" ""}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource id string unique identifier type string type of the resource location string output field location properties object output field properties properties provisioningstate string output field properties provisioningstate properties securityrules array output field properties securityrules properties securityrules name string name of the resource properties securityrules id string unique identifier properties securityrules properties object output field properties securityrules properties properties securityrules properties provisioningstate string output field properties securityrules properties provisioningstate properties securityrules properties protocol string output field properties securityrules properties protocol properties securityrules properties sourceportrange string output field properties securityrules properties sourceportrange properties securityrules properties destinationportrange string output field properties securityrules properties destinationportrange properties securityrules properties sourceaddressprefix string output field properties securityrules properties sourceaddressprefix properties securityrules properties destinationaddressprefix string output field properties securityrules properties destinationaddressprefix properties securityrules properties access string output field properties securityrules properties access properties securityrules properties priority number output field properties securityrules properties priority properties securityrules properties direction string output field properties securityrules properties direction properties defaultsecurityrules array output field properties defaultsecurityrules properties defaultsecurityrules name string name of the resource properties defaultsecurityrules id string unique identifier properties defaultsecurityrules properties object output field properties defaultsecurityrules properties output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "thu, 2 may 2024 20 37 23 gmt"},"reason" "ok","json body" {"name" "testnsg","id" "/subscriptions/subid/resourcegroups/rg1/providers/microsoft network/networksecur ","type" "microsoft network/networksecuritygroups","location" "westus","properties" {"provisioningstate" "succeeded","securityrules" \[],"defaultsecurityrules" \[]}}} list retrieve all network security groups within a specified resource group in microsoft azure virtual network endpoint url /subscriptions/{subscriptionid}/resourcegroups/{resourcegroupname}/providers/microsoft network/networksecuritygroups method get input argument name type required description path parameters resourcegroupname string required the name of the resource group path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version input example {"parameters" {"api version" "2023 09 01"},"path parameters" {"resourcegroupname" "","subscriptionid" ""}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value name string name of the resource value id string unique identifier value type string type of the resource value location string value for the parameter value properties object value for the parameter value properties provisioningstate string value for the parameter value properties securityrules array value for the parameter value properties securityrules file name string name of the resource value properties securityrules file string value for the parameter value properties defaultsecurityrules array value for the parameter value properties defaultsecurityrules name string name of the resource value properties defaultsecurityrules id string unique identifier value properties defaultsecurityrules properties object value for the parameter value properties defaultsecurityrules properties provisioningstate string value for the parameter value properties defaultsecurityrules properties description string value for the parameter value properties defaultsecurityrules properties protocol string value for the parameter value properties defaultsecurityrules properties sourceportrange string value for the parameter value properties defaultsecurityrules properties destinationportrange string value for the parameter value properties defaultsecurityrules properties sourceaddressprefix string value for the parameter value properties defaultsecurityrules properties destinationaddressprefix string value for the parameter value properties defaultsecurityrules properties access string value for the parameter value properties defaultsecurityrules properties priority number value for the parameter output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "thu, 2 may 2024 20 37 23 gmt"},"reason" "ok","json body" {"value" \[{},{}]}} list all retrieves all network security groups within a specified azure subscription using the provided subscriptionid and api version endpoint url /subscriptions/{subscriptionid}/providers/microsoft network/networksecuritygroups method get input argument name type required description path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version input example {"parameters" {"api version" "2023 09 01"},"path parameters" {"subscriptionid" ""}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value name string name of the resource value id string unique identifier value type string type of the resource value location string value for the parameter value properties object value for the parameter value properties provisioningstate string value for the parameter value properties securityrules array value for the parameter value properties securityrules file name string name of the resource value properties securityrules file string value for the parameter value properties defaultsecurityrules array value for the parameter value properties defaultsecurityrules name string name of the resource value properties defaultsecurityrules id string unique identifier value properties defaultsecurityrules properties object value for the parameter value properties defaultsecurityrules properties provisioningstate string value for the parameter value properties defaultsecurityrules properties description string value for the parameter value properties defaultsecurityrules properties protocol string value for the parameter value properties defaultsecurityrules properties sourceportrange string value for the parameter value properties defaultsecurityrules properties destinationportrange string value for the parameter value properties defaultsecurityrules properties sourceaddressprefix string value for the parameter value properties defaultsecurityrules properties destinationaddressprefix string value for the parameter value properties defaultsecurityrules properties access string value for the parameter value properties defaultsecurityrules properties priority number value for the parameter output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "thu, 2 may 2024 20 37 23 gmt"},"reason" "ok","json body" {"value" \[{},{}]}} update tags updates tags for a specified network security group in microsoft azure virtual network, requiring networksecuritygroupname, resourcegroupname, and subscriptionid endpoint url /subscriptions/{subscriptionid}/resourcegroups/{resourcegroupname}/providers/microsoft network/networksecuritygroups/{networksecuritygroupname} method patch input argument name type required description path parameters networksecuritygroupname string required the name of the network security group path parameters resourcegroupname string required the name of the resource group path parameters subscriptionid string required the subscription credentials which uniquely identify the microsoft azure subscription the subscription id forms part of the uri for every service call parameters api version string required client api version tags object optional parameter for update tags input example {"parameters" {"api version" "2023 09 01"},"json body" {"tags" {}},"path parameters" {"networksecuritygroupname" "","resourcegroupname" "","subscriptionid" ""}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource id string unique identifier type string type of the resource location string output field location tags object output field tags tags tag1 string output field tags tag1 tags tag2 string output field tags tag2 properties object output field properties properties provisioningstate string output field properties provisioningstate properties securityrules array output field properties securityrules properties securityrules file name string name of the resource properties securityrules file string output field properties securityrules file properties defaultsecurityrules array output field properties defaultsecurityrules properties defaultsecurityrules name string name of the resource properties defaultsecurityrules id string unique identifier properties defaultsecurityrules properties object output field properties defaultsecurityrules properties properties defaultsecurityrules properties provisioningstate string output field properties defaultsecurityrules properties provisioningstate properties defaultsecurityrules properties description string output field properties defaultsecurityrules properties description properties defaultsecurityrules properties protocol string output field properties defaultsecurityrules properties protocol properties defaultsecurityrules properties sourceportrange string output field properties defaultsecurityrules properties sourceportrange properties defaultsecurityrules properties destinationportrange string output field properties defaultsecurityrules properties destinationportrange properties defaultsecurityrules properties sourceaddressprefix string output field properties defaultsecurityrules properties sourceaddressprefix properties defaultsecurityrules properties destinationaddressprefix string output field properties defaultsecurityrules properties destinationaddressprefix output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "thu, 2 may 2024 20 37 23 gmt"},"reason" "ok","json body" {"name" "testnsg","id" "/subscriptions/subid/resourcegroups/rg1/providers/microsoft network/networksecur ","type" "microsoft network/networksecuritygroups","location" "westus","tags" {"tag1" "value1","tag2" "value2"},"properties" {"provisioningstate" "succeeded","securityrules" \[],"defaultsecurityrules" \[]}}} response headers header description example content length the length of the response body in bytes 140 content type the media type of the resource application/json date the date and time at which the message was originated thu, 2 may 2024 20 37 23 gmt