Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

unable to create NetworkSecurityGroup using api

See original GitHub issue

code sample is below:

NetworkSecurityGroup nsg = new NetworkSecurityGroup();
      nsg.setName("testnsg");
      nsg.setLocation(context.getLocation());
      SecurityRule sr= new SecurityRule();
      sr.setPriority(100);
      sr.setProtocol("*");
      sr.setSourceAddressPrefix("*");
      sr.setSourcePortRange("*");
      sr.setAccess("Allow");
      sr.setDirection("Inbound");
      sr.setDestinationAddressPrefix("*");
      sr.setDestinationPortRange("*");
      ArrayList<SecurityRule> srs = new ArrayList<SecurityRule>();
      srs.add(sr);

      nsg.setSecurityRules(srs);
      networkResourceProviderClient.getNetworkSecurityGroupsOperations().createOrUpdate(resourceGroupName, nsg
          .getName(), nsg);

server return PROPERTIES statusCode:BadRequest serviceRequestId:b9c90aed-1e3d-4708-ae5b-f9dc03560d62 statusMessage:{“error”:{“code”:“InvalidRequestFormat”,“message”:“Cannot parse the request.”,“details”:[]}} responseBody:{“error”:{“code”:“InvalidRequestFormat”,“message”:“Cannot parse the request.”,“details”:[]}}

Issue Analytics

State:
Created 7 years ago
Comments:13 (7 by maintainers)

Top GitHub Comments

1reaction

jianghaolucommented, Jul 1, 2016

No action to take at this moment. With 1.0.0-beta2 released, this should be simplified. A sample can be found here: https://github.com/Azure-Samples/network-java-manage-network-security-group/blob/master/src/main/java/com/microsoft/azure/management/network/samples/ManageNetworkSecurityGroup.java.

@selvasingh

@anuchandy @jianghaolu without rule, the NSG creation will still failed. so user have to create a rule? but base on rest api and portal, user don’t need to creat rules for NSG to be created.

A valid scenario to be added.

0reactions

burnsjw83commented, Sep 22, 2017

@jianghaolu this sample is absolutely not simplified. Think of this case: I want to write an application to deploy resources, including the network, NSG and rules contained in the NSG. The newer syntax removes any possibility of me being able to write methods to add security rules that are not VERY strictly defined. There is no method to add ACCESS, beyond “allowInbound, denyInbound, allowOutbound, denyOutbound”. There’s no way for me to pass in the Access type without calling those methods from code… this means if I want to be able to have a rule created dynamically, I have to have every possible combination (allow inbound with all ports, allow inbound with a specific inbound port, with a specific destination port, allow inbound with a specific destination port but any source port… etc) This ends up being A VERY LARGE number of methods, with a very complicated control structure to determine which method to call. Why is there no way to create a rule, pass it a variable that is the access type, a variable that is the direction, a variable that is the source port (which must be string to allow it to be a single port, a range, or * for any), a variable that is destination port, a variable that is protocol? It appears there used to be, and now the usage is extremely broken. I’m not sure I will be able to meet my needs with this SDK now…