Example 11 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class ManageNetworkSecurityGroup method runSample.
/**
* Main function which runs the actual sample.
* @param azure instance of the azure client
* @return true if sample runs successfully
*/
public static boolean runSample(Azure azure) {
final Region region = Region.US_NORTH_CENTRAL;
final String frontEndNSGName = SdkContext.randomResourceName("fensg", 24);
final String backEndNSGName = SdkContext.randomResourceName("bensg", 24);
final String rgName = SdkContext.randomResourceName("rgNEMS", 24);
final String vnetName = SdkContext.randomResourceName("vnet", 24);
final String networkInterfaceName1 = SdkContext.randomResourceName("nic1", 24);
final String networkInterfaceName2 = SdkContext.randomResourceName("nic2", 24);
final String publicIPAddressLeafDNS1 = SdkContext.randomResourceName("pip1", 24);
final String frontEndVMName = SdkContext.randomResourceName("fevm", 24);
final String backEndVMName = SdkContext.randomResourceName("bevm", 24);
final String userName = "tirekicker";
final String sshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfSPC2K7LZcFKEO+/t3dzmQYtrJFZNxOsbVgOVKietqHyvmYGHEC0J2wPdAqQ/63g/hhAEFRoyehM+rbeDri4txB3YFfnOK58jqdkyXzupWqXzOrlKY4Wz9SKjjN765+dqUITjKRIaAip1Ri137szRg71WnrmdP3SphTRlCx1Bk2nXqWPsclbRDCiZeF8QOTi4JqbmJyK5+0UqhqYRduun8ylAwKKQJ1NJt85sYIHn9f1Rfr6Tq2zS0wZ7DHbZL+zB5rSlAr8QyUdg/GQD+cmSs6LvPJKL78d6hMGk84ARtFo4A79ovwX/Fj01znDQkU6nJildfkaolH2rWFG/qttD azjava@javalib.com";
try {
// Define a virtual network for VMs in this availability set
System.out.println("Creating a virtual network ...");
Network network = azure.networks().define(vnetName).withRegion(region).withNewResourceGroup(rgName).withAddressSpace("172.16.0.0/16").defineSubnet("Front-end").withAddressPrefix("172.16.1.0/24").attach().defineSubnet("Back-end").withAddressPrefix("172.16.2.0/24").attach().create();
System.out.println("Created a virtual network: " + network.id());
Utils.print(network);
//============================================================
// Create a network security group for the front end of a subnet
// front end subnet contains two rules
// - ALLOW-SSH - allows SSH traffic into the front end subnet
// - ALLOW-WEB- allows HTTP traffic into the front end subnet
System.out.println("Creating a security group for the front end - allows SSH and HTTP");
NetworkSecurityGroup frontEndNSG = azure.networkSecurityGroups().define(frontEndNSGName).withRegion(region).withNewResourceGroup(rgName).defineRule("ALLOW-SSH").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(22).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SSH").attach().defineRule("ALLOW-HTTP").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(80).withProtocol(SecurityRuleProtocol.TCP).withPriority(101).withDescription("Allow HTTP").attach().create();
System.out.println("Created a security group for the front end: " + frontEndNSG.id());
Utils.print(frontEndNSG);
//============================================================
// Create a network security group for the back end of a subnet
// back end subnet contains two rules
// - ALLOW-SQL - allows SQL traffic only from the front end subnet
// - DENY-WEB - denies all outbound internet traffic from the back end subnet
System.out.println("Creating a security group for the front end - allows SSH and " + "denies all outbound internet traffic ");
NetworkSecurityGroup backEndNSG = azure.networkSecurityGroups().define(backEndNSGName).withRegion(region).withExistingResourceGroup(rgName).defineRule("ALLOW-SQL").allowInbound().fromAddress("172.16.1.0/24").fromAnyPort().toAnyAddress().toPort(1433).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SQL").attach().defineRule("DENY-WEB").denyOutbound().fromAnyAddress().fromAnyPort().toAnyAddress().toAnyPort().withAnyProtocol().withDescription("Deny Web").withPriority(200).attach().create();
System.out.println("Created a security group for the back end: " + backEndNSG.id());
Utils.print(backEndNSG);
System.out.println("Creating multiple network interfaces");
System.out.println("Creating network interface 1");
//========================================================
// Create a network interface and apply the
// front end network security group
System.out.println("Creating a network interface for the front end");
NetworkInterface networkInterface1 = azure.networkInterfaces().define(networkInterfaceName1).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(network).withSubnet("Front-end").withPrimaryPrivateIPAddressDynamic().withNewPrimaryPublicIPAddress(publicIPAddressLeafDNS1).withIPForwarding().withExistingNetworkSecurityGroup(frontEndNSG).create();
System.out.println("Created network interface for the front end");
Utils.print(networkInterface1);
//========================================================
// Create a network interface and apply the
// back end network security group
System.out.println("Creating a network interface for the back end");
NetworkInterface networkInterface2 = azure.networkInterfaces().define(networkInterfaceName2).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(network).withSubnet("Back-end").withPrimaryPrivateIPAddressDynamic().withExistingNetworkSecurityGroup(backEndNSG).create();
Utils.print(networkInterface2);
//=============================================================
// Create a virtual machine (for the front end)
// with the network interface that has the network security group for the front end
System.out.println("Creating a Linux virtual machine (for the front end) - " + "with the network interface that has the network security group for the front end");
Date t1 = new Date();
VirtualMachine frontEndVM = azure.virtualMachines().define(frontEndVMName).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetworkInterface(networkInterface1).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
Date t2 = new Date();
System.out.println("Created Linux VM: (took " + ((t2.getTime() - t1.getTime()) / 1000) + " seconds) " + frontEndVM.id());
// Print virtual machine details
Utils.print(frontEndVM);
//=============================================================
// Create a virtual machine (for the back end)
// with the network interface that has the network security group for the back end
System.out.println("Creating a Linux virtual machine (for the back end) - " + "with the network interface that has the network security group for the back end");
t1 = new Date();
VirtualMachine backEndVM = azure.virtualMachines().define(backEndVMName).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetworkInterface(networkInterface2).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
t2 = new Date();
System.out.println("Created a Linux VM: (took " + ((t2.getTime() - t1.getTime()) / 1000) + " seconds) " + backEndVM.id());
Utils.print(backEndVM);
//========================================================
// List network security groups
System.out.println("Walking through network security groups");
List<NetworkSecurityGroup> networkSecurityGroups = azure.networkSecurityGroups().listByResourceGroup(rgName);
for (NetworkSecurityGroup networkSecurityGroup : networkSecurityGroups) {
Utils.print(networkSecurityGroup);
}
//========================================================
// Update a network security group
System.out.println("Updating the front end network security group to allow FTP");
frontEndNSG.update().defineRule("ALLOW-FTP").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPortRange(20, 21).withProtocol(SecurityRuleProtocol.TCP).withDescription("Allow FTP").withPriority(200).attach().apply();
System.out.println("Updated the front end network security group");
Utils.print(frontEndNSG);
return true;
} catch (Exception f) {
System.out.println(f.getMessage());
f.printStackTrace();
} finally {
try {
System.out.println("Deleting Resource Group: " + rgName);
azure.resourceGroups().deleteByName(rgName);
System.out.println("Deleted Resource Group: " + rgName);
} catch (NullPointerException npe) {
System.out.println("Did not create any resources in Azure. No clean up is necessary");
} catch (Exception g) {
g.printStackTrace();
}
}
return false;
}
Also used :
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
Network(com.microsoft.azure.management.network.Network)
Region(com.microsoft.azure.management.resources.fluentcore.arm.Region)
NetworkInterface(com.microsoft.azure.management.network.NetworkInterface)
Date(java.util.Date)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Example 12 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class NetworkInterfaceImpl method beforeCreating.
@Override
protected void beforeCreating() {
NetworkSecurityGroup networkSecurityGroup = null;
if (creatableNetworkSecurityGroupKey != null) {
networkSecurityGroup = (NetworkSecurityGroup) this.createdResource(creatableNetworkSecurityGroupKey);
} else if (existingNetworkSecurityGroupToAssociate != null) {
networkSecurityGroup = existingNetworkSecurityGroupToAssociate;
}
// Associate an NSG if needed
if (networkSecurityGroup != null) {
this.inner().withNetworkSecurityGroup(new SubResource().withId(networkSecurityGroup.id()));
}
NicIPConfigurationImpl.ensureConfigurations(this.nicIPConfigurations.values());
// Reset and update IP configs
this.inner().withIpConfigurations(innersFromWrappers(this.nicIPConfigurations.values()));
}
Also used :
SubResource(com.microsoft.azure.SubResource)
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
Example 13 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project cloudbreak by hortonworks.
the class AzurePlatformResources method securityGroups.
@Override
public CloudSecurityGroups securityGroups(CloudCredential cloudCredential, Region region, Map<String, String> filters) {
AzureClient client = azureClientService.getClient(cloudCredential);
Map<String, Set<CloudSecurityGroup>> result = new HashMap<>();
for (NetworkSecurityGroup securityGroup : client.getSecurityGroups().list()) {
String actualRegion = securityGroup.region().label();
if (regionMatch(actualRegion, region)) {
Map<String, Object> properties = new HashMap<>();
properties.put("resourceGroupName", securityGroup.resourceGroupName());
properties.put("networkInterfaceIds", securityGroup.networkInterfaceIds());
CloudSecurityGroup cloudSecurityGroup = new CloudSecurityGroup(securityGroup.name(), securityGroup.id(), properties);
result.computeIfAbsent(actualRegion, s -> new HashSet<>()).add(cloudSecurityGroup);
}
}
if (result.isEmpty() && Objects.nonNull(region)) {
result.put(region.value(), new HashSet<>());
}
return new CloudSecurityGroups(result);
}
Also used :
VolumeParameterType.values(com.sequenceiq.cloudbreak.cloud.model.VolumeParameterType.values)
AzureClient(com.sequenceiq.cloudbreak.cloud.azure.client.AzureClient)
CloudVmTypes(com.sequenceiq.cloudbreak.cloud.model.CloudVmTypes)
CloudIpPools(com.sequenceiq.cloudbreak.cloud.model.CloudIpPools)
Region(com.sequenceiq.cloudbreak.cloud.model.Region)
Cacheable(org.springframework.cache.annotation.Cacheable)
Subnet(com.microsoft.azure.management.network.Subnet)
HashMap(java.util.HashMap)
CloudGateWays(com.sequenceiq.cloudbreak.cloud.model.CloudGateWays)
CloudNetworks(com.sequenceiq.cloudbreak.cloud.model.CloudNetworks)
CloudRegions(com.sequenceiq.cloudbreak.cloud.model.CloudRegions)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Inject(javax.inject.Inject)
Value(org.springframework.beans.factory.annotation.Value)
AvailabilityZone(com.sequenceiq.cloudbreak.cloud.model.AvailabilityZone)
Strings(com.google.common.base.Strings)
Network(com.microsoft.azure.management.network.Network)
CloudSshKeys(com.sequenceiq.cloudbreak.cloud.model.CloudSshKeys)
Service(org.springframework.stereotype.Service)
Map(java.util.Map)
PlatformResources(com.sequenceiq.cloudbreak.cloud.PlatformResources)
VmTypeMetaBuilder(com.sequenceiq.cloudbreak.cloud.model.VmTypeMeta.VmTypeMetaBuilder)
Region.region(com.sequenceiq.cloudbreak.cloud.model.Region.region)
Set(java.util.Set)
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
CloudAccessConfigs(com.sequenceiq.cloudbreak.cloud.model.CloudAccessConfigs)
CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential)
VmType(com.sequenceiq.cloudbreak.cloud.model.VmType)
Objects(java.util.Objects)
List(java.util.List)
VirtualMachineSize(com.microsoft.azure.management.compute.VirtualMachineSize)
VolumeParameterType(com.sequenceiq.cloudbreak.cloud.model.VolumeParameterType)
CloudSecurityGroups(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroups)
Entry(java.util.Map.Entry)
AzureClientService(com.sequenceiq.cloudbreak.cloud.azure.client.AzureClientService)
VolumeParameterConfig(com.sequenceiq.cloudbreak.cloud.model.VolumeParameterConfig)
CloudNetwork(com.sequenceiq.cloudbreak.cloud.model.CloudNetwork)
MAGNETIC(com.sequenceiq.cloudbreak.cloud.model.VolumeParameterType.MAGNETIC)
CloudSecurityGroup(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroup)
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
AzureClient(com.sequenceiq.cloudbreak.cloud.azure.client.AzureClient)
CloudSecurityGroups(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroups)
CloudSecurityGroup(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroup)
HashSet(java.util.HashSet)
Aggregations
NetworkSecurityGroup (com.microsoft.azure.management.network.NetworkSecurityGroup)13
Network (com.microsoft.azure.management.network.Network)5
VirtualMachine (com.microsoft.azure.management.compute.VirtualMachine)4
Subnet (com.microsoft.azure.management.network.Subnet)4
Date (java.util.Date)3
NetworkInterface (com.microsoft.azure.management.network.NetworkInterface)2
Region (com.microsoft.azure.management.resources.fluentcore.arm.Region)2
Indexable (com.microsoft.azure.management.resources.fluentcore.model.Indexable)2
CloudConnectorException (com.sequenceiq.cloudbreak.cloud.exception.CloudConnectorException)2
ArrayList (java.util.ArrayList)2
Strings (com.google.common.base.Strings)1
SubResource (com.microsoft.azure.SubResource)1
VirtualMachineSize (com.microsoft.azure.management.compute.VirtualMachineSize)1
NetworkSecurityRule (com.microsoft.azure.management.network.NetworkSecurityRule)1
RouteTable (com.microsoft.azure.management.network.RouteTable)1
GenericResource (com.microsoft.azure.management.resources.GenericResource)1
ResourceGroup (com.microsoft.azure.management.resources.ResourceGroup)1
Creatable (com.microsoft.azure.management.resources.fluentcore.model.Creatable)1
StorageAccount (com.microsoft.azure.management.storage.StorageAccount)1
PlatformResources (com.sequenceiq.cloudbreak.cloud.PlatformResources)1
