public async Task VerifyIpFlowApiTest() { string resourceGroupName = Recording.GenerateAssetName("azsmnet"); string location = "westus2"; var resourceGroup = await CreateResourceGroup(resourceGroupName, location); string virtualMachineName1 = Recording.GenerateAssetName("azsmnet"); string networkInterfaceName1 = Recording.GenerateAssetName("azsmnet"); string networkSecurityGroupName = virtualMachineName1 + "-nsg"; //Deploy VM with a template var vm = await CreateWindowsVM(virtualMachineName1, networkInterfaceName1, location, resourceGroup); //TODO:There is no need to perform a separate create NetworkWatchers operation //Create network Watcher //string networkWatcherName = Recording.GenerateAssetName("azsmnet"); //NetworkWatcher properties = new NetworkWatcher { Location = location }; //await networkWatcherContainer.CreateOrUpdateAsync(resourceGroupName, networkWatcherName, properties); string localIPAddress = GetNetworkInterfaceContainer(resourceGroupName).GetAsync(networkInterfaceName1).Result.Value.Data.IpConfigurations.FirstOrDefault().PrivateIPAddress; string securityRule1 = Recording.GenerateAssetName("azsmnet"); // Add a security rule var SecurityRule = new SecurityRuleData() { Name = securityRule1, Access = SecurityRuleAccess.Deny, Description = "Test outbound security rule", DestinationAddressPrefix = "*", DestinationPortRange = "80", Direction = SecurityRuleDirection.Outbound, Priority = 501, Protocol = SecurityRuleProtocol.Tcp, SourceAddressPrefix = "*", SourcePortRange = "*", }; var networkSecurityGroupContainer = GetNetworkSecurityGroupContainer(resourceGroupName); Response <NetworkSecurityGroup> nsg = await networkSecurityGroupContainer.GetAsync(networkSecurityGroupName); nsg.Value.Data.SecurityRules.Add(SecurityRule); var createOrUpdateOperation = await networkSecurityGroupContainer.CreateOrUpdateAsync(networkSecurityGroupName, nsg.Value.Data); await createOrUpdateOperation.WaitForCompletionAsync();; VerificationIPFlowParameters ipFlowProperties = new VerificationIPFlowParameters(vm.Id, "Outbound", "TCP", "80", "80", localIPAddress, "12.11.12.14"); //Verify IP flow from a VM to a location given the configured rule var verifyIpFlowOperation = await GetNetworkWatcherContainer("NetworkWatcherRG").Get("NetworkWatcher_westus2").Value.VerifyIPFlowAsync(ipFlowProperties); Response <VerificationIPFlowResult> verifyIpFlow = await verifyIpFlowOperation.WaitForCompletionAsync();; //Verify validity of the result Assert.AreEqual("Deny", verifyIpFlow.Value.Access.ToString()); Assert.AreEqual("securityRules/" + securityRule1, verifyIpFlow.Value.RuleName); }
/// <summary> /// Verify IP flow from the specified VM to a location given the currently /// configured NSG rules. /// </summary> /// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='resourceGroupName'> /// The name of the resource group. /// </param> /// <param name='networkWatcherName'> /// The name of the network watcher. /// </param> /// <param name='parameters'> /// Parameters that define the IP flow to be verified. /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> public static async Task <VerificationIPFlowResult> BeginVerifyIPFlowAsync(this INetworkWatchersOperations operations, string resourceGroupName, string networkWatcherName, VerificationIPFlowParameters parameters, CancellationToken cancellationToken = default(CancellationToken)) { using (var _result = await operations.BeginVerifyIPFlowWithHttpMessagesAsync(resourceGroupName, networkWatcherName, parameters, null, cancellationToken).ConfigureAwait(false)) { return(_result.Body); } }
/// <summary> /// Verify IP flow from the specified VM to a location given the currently /// configured NSG rules. /// </summary> /// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='resourceGroupName'> /// The name of the resource group. /// </param> /// <param name='networkWatcherName'> /// The name of the network watcher. /// </param> /// <param name='parameters'> /// Parameters that define the IP flow to be verified. /// </param> public static VerificationIPFlowResult BeginVerifyIPFlow(this INetworkWatchersOperations operations, string resourceGroupName, string networkWatcherName, VerificationIPFlowParameters parameters) { return(operations.BeginVerifyIPFlowAsync(resourceGroupName, networkWatcherName, parameters).GetAwaiter().GetResult()); }
public void VerifyIpFlowApiTest() { var handler1 = new RecordedDelegatingHandler { StatusCodeToReturn = HttpStatusCode.OK }; var handler2 = new RecordedDelegatingHandler { StatusCodeToReturn = HttpStatusCode.OK }; var handler3 = new RecordedDelegatingHandler { StatusCodeToReturn = HttpStatusCode.OK }; using (MockContext context = MockContext.Start(this.GetType().FullName)) { var resourcesClient = ResourcesManagementTestUtilities.GetResourceManagementClientWithHandler(context, handler1); var networkManagementClient = NetworkManagementTestUtilities.GetNetworkManagementClientWithHandler(context, handler2); var computeManagementClient = NetworkManagementTestUtilities.GetComputeManagementClientWithHandler(context, handler3); string location = "eastus"; string resourceGroupName = TestUtilities.GenerateName(); resourcesClient.ResourceGroups.CreateOrUpdate(resourceGroupName, new ResourceGroup { Location = location }); string virtualMachineName1 = TestUtilities.GenerateName(); string networkInterfaceName1 = TestUtilities.GenerateName(); string networkSecurityGroupName = virtualMachineName1 + "-nsg"; //Deploy VM with a template Deployments.CreateVm( resourcesClient: resourcesClient, resourceGroupName: resourceGroupName, location: location, virtualMachineName: virtualMachineName1, storageAccountName: TestUtilities.GenerateName(), networkInterfaceName: networkInterfaceName1, networkSecurityGroupName: networkSecurityGroupName, diagnosticsStorageAccountName: TestUtilities.GenerateName(), deploymentName: TestUtilities.GenerateName() ); string networkWatcherName = TestUtilities.GenerateName(); NetworkWatcher properties = new NetworkWatcher(); properties.Location = location; //Create network Watcher var createNetworkWatcher = networkManagementClient.NetworkWatchers.CreateOrUpdate(resourceGroupName, networkWatcherName, properties); var getVm1 = computeManagementClient.VirtualMachines.Get(resourceGroupName, virtualMachineName1); string localIPAddress = networkManagementClient.NetworkInterfaces.Get(resourceGroupName, networkInterfaceName1).IpConfigurations.FirstOrDefault().PrivateIPAddress; string securityRule1 = TestUtilities.GenerateName(); // Add a security rule var SecurityRule = new SecurityRule() { Name = securityRule1, Access = SecurityRuleAccess.Deny, Description = "Test outbound security rule", DestinationAddressPrefix = "*", DestinationPortRange = "80", Direction = SecurityRuleDirection.Outbound, Priority = 501, Protocol = SecurityRuleProtocol.Tcp, SourceAddressPrefix = "*", SourcePortRange = "*", }; var nsg = networkManagementClient.NetworkSecurityGroups.Get(resourceGroupName, networkSecurityGroupName); nsg.SecurityRules.Add(SecurityRule); networkManagementClient.NetworkSecurityGroups.CreateOrUpdate(resourceGroupName, networkSecurityGroupName, nsg); VerificationIPFlowParameters ipFlowProperties = new VerificationIPFlowParameters() { TargetResourceId = getVm1.Id, Direction = "Outbound", Protocol = "TCP", LocalPort = "80", RemotePort = "80", LocalIPAddress = localIPAddress, RemoteIPAddress = "12.11.12.14" }; //Verify IP flow from a VM to a location given the configured rule var verifyIpFlow = networkManagementClient.NetworkWatchers.VerifyIPFlow(resourceGroupName, networkWatcherName, ipFlowProperties); //Verify validity of the result Assert.Equal("Deny", verifyIpFlow.Access); Assert.Equal("securityRules/" + securityRule1, verifyIpFlow.RuleName); } }
public async Task VerifyIpFlowApiTest() { string resourceGroupName = Recording.GenerateAssetName("azsmnet"); string location = "westus2"; await ResourceGroupsOperations.CreateOrUpdateAsync(resourceGroupName, new ResourceGroup(location)); string virtualMachineName1 = Recording.GenerateAssetName("azsmnet"); string networkInterfaceName1 = Recording.GenerateAssetName("azsmnet"); string networkSecurityGroupName = virtualMachineName1 + "-nsg"; //Deploy VM with a template await CreateVm( resourcesClient : ResourceManagementClient, resourceGroupName : resourceGroupName, location : location, virtualMachineName : virtualMachineName1, storageAccountName : Recording.GenerateAssetName("azsmnet"), networkInterfaceName : networkInterfaceName1, networkSecurityGroupName : networkSecurityGroupName, diagnosticsStorageAccountName : Recording.GenerateAssetName("azsmnet"), deploymentName : Recording.GenerateAssetName("azsmnet"), adminPassword : Recording.GenerateAlphaNumericId("AzureSDKNetworkTest#") ); //TODO:There is no need to perform a separate create NetworkWatchers operation //Create network Watcher //string networkWatcherName = Recording.GenerateAssetName("azsmnet"); //NetworkWatcher properties = new NetworkWatcher { Location = location }; //await NetworkManagementClient.NetworkWatchers.CreateOrUpdateAsync(resourceGroupName, networkWatcherName, properties); Response <VirtualMachine> getVm1 = await ComputeManagementClient.VirtualMachines.GetAsync(resourceGroupName, virtualMachineName1); string localIPAddress = NetworkManagementClient.NetworkInterfaces.GetAsync(resourceGroupName, networkInterfaceName1).Result.Value.IpConfigurations.FirstOrDefault().PrivateIPAddress; string securityRule1 = Recording.GenerateAssetName("azsmnet"); // Add a security rule SecurityRule SecurityRule = new SecurityRule() { Name = securityRule1, Access = SecurityRuleAccess.Deny, Description = "Test outbound security rule", DestinationAddressPrefix = "*", DestinationPortRange = "80", Direction = SecurityRuleDirection.Outbound, Priority = 501, Protocol = SecurityRuleProtocol.Tcp, SourceAddressPrefix = "*", SourcePortRange = "*", }; Response <NetworkSecurityGroup> nsg = await NetworkManagementClient.NetworkSecurityGroups.GetAsync(resourceGroupName, networkSecurityGroupName); nsg.Value.SecurityRules.Add(SecurityRule); NetworkSecurityGroupsCreateOrUpdateOperation createOrUpdateOperation = await NetworkManagementClient.NetworkSecurityGroups.StartCreateOrUpdateAsync(resourceGroupName, networkSecurityGroupName, nsg); await WaitForCompletionAsync(createOrUpdateOperation); VerificationIPFlowParameters ipFlowProperties = new VerificationIPFlowParameters(getVm1.Value.Id, "Outbound", "TCP", "80", "80", localIPAddress, "12.11.12.14"); //Verify IP flow from a VM to a location given the configured rule NetworkWatchersVerifyIPFlowOperation verifyIpFlowOperation = await NetworkManagementClient.NetworkWatchers.StartVerifyIPFlowAsync("NetworkWatcherRG", "NetworkWatcher_westus2", ipFlowProperties); Response <VerificationIPFlowResult> verifyIpFlow = await WaitForCompletionAsync(verifyIpFlowOperation); //Verify validity of the result Assert.AreEqual("Deny", verifyIpFlow.Value.Access.ToString()); Assert.AreEqual("securityRules/" + securityRule1, verifyIpFlow.Value.RuleName); }