search

Azure / azure-powershell

Microsoft Azure PowerShell
Other
4.21k stars 3.81k forks source link

Set-AzNetworkSecurityRuleConfig - Cannot specify protocol "ICMP" #10347

Closed o-l-a-v closed 4 years ago

o-l-a-v commented 4 years ago

Description

Can't specify ICMP for cmdlets creating NSGs. Like "Set-AzNetworkSecurityRuleConfig". ICMP has been available for months, about time the Az module catches up.

Steps to reproduce

Set-AzNetworkSecurityRuleConfig with -Protocol 'ICMP' fails.

Environment data

Name                           Value                                                                                                                                                                                                  
----                           -----                                                                                                                                                                                                  
PSVersion                      5.1.18362.145                                                                                                                                                                                          
PSEdition                      Desktop                                                                                                                                                                                                
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                                                                                                
BuildVersion                   10.0.18362.145                                                                                                                                                                                         
CLRVersion                     4.0.30319.42000                                                                                                                                                                                        
WSManStackVersion              3.0                                                                                                                                                                                                    
PSRemotingProtocolVersion      2.3                                                                                                                                                                                                    
SerializationVersion           1.1.0.1

Module versions


    Directory: C:\Program Files\WindowsPowerShell\Modules

ModuleType Version    Name                                ExportedCommands                                                                                                                                                            
---------- -------    ----                                ----------------                                                                                                                                                            
Script     1.6.3      Az.Accounts                         {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContextAutosave...}                                                                 
Script     1.0.1      Az.Advisor                          {Get-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, Disable-AzAdvisorRecommendation, Get-AzAdvisorConfiguration...}                                               
Script     1.0.2      Az.Aks                              {Get-AzAks, New-AzAks, Remove-AzAks, Import-AzAksCredential...}                                                                                                             
Script     0.1.0      Az.AlertsManagement                 {Get-AzAlert, Get-AzAlertObjectHistory, Update-AzAlertState, Measure-AzAlertStatistic...}                                                                                   
Script     1.1.1      Az.AnalysisServices                 {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-AzAnalysisServicesServer, Remove-AzAnalysisServicesServer...}                                       
Script     1.3.2      Az.ApiManagement                    {Add-AzApiManagementApiToProduct, Add-AzApiManagementProductToGroup, Add-AzApiManagementRegion, Add-AzApiManagementUserToGroup...}                                          
Script     0.1.3      Az.AppConfiguration                 {Get-AzAppConfigurationStore, Get-AzAppConfigurationStoreKey, New-AzAppConfigurationStore, New-AzAppConfigurationStoreKey...}                                               
Script     1.0.2      Az.ApplicationInsights              {Get-AzApplicationInsights, New-AzApplicationInsights, Remove-AzApplicationInsights, Set-AzApplicationInsightsPricingPlan...}                                               
Binary     1.0.1      Az.ApplicationMonitor               {Set-ApplicationInsightsMonitoringConfig, Get-ApplicationInsightsMonitoringConfig, Enable-InstrumentationEngine, Disable-InstrumentationEngine...}                          
Script     0.1.2      Az.Attestation                      {New-AzAttestation, Get-AzAttestation, Remove-AzAttestation}                                                                                                                
Script     1.3.4      Az.Automation                       {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup, Get-AzAutomationJobOutputRecord, Import-AzAutomationDscNodeConfiguration...}                      
Script     1.1.2      Az.Batch                            {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKey, New-AzBatchAccount...}                                                                                   
Script     1.0.1      Az.Billing                          {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get-AzConsumptionBudget...}                                                                            
Script     0.2.6      Az.Blueprint                        {Get-AzBlueprint, Get-AzBlueprintAssignment, New-AzBlueprintAssignment, Remove-AzBlueprintAssignment...}                                                                    
Script     1.3.1      Az.Cdn                              {Get-AzCdnProfile, Get-AzCdnProfileSsoUrl, New-AzCdnProfile, Remove-AzCdnProfile...}                                                                                        
Script     1.6        Az.CloneVirtualMachine              New-AzVMClone                                                                                                                                                               
Script     1.2.1      Az.CognitiveServices                {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-AzCognitiveServicesAccountSku, Get-AzCognitiveServicesAccountType...}                               
Script     2.7.0      Az.Compute                          {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet, Update-AzAvailabilitySet...}                                                                       
Script     0.7.0      Az.Compute.ManagedService           ConvertTo-AzVhd                                                                                                                                                             
Script     0.7.0      Az.Consumption                      {Get-AzConsumptionBudget, Get-AzConsumptionMarketplace, Get-AzConsumptionPriceSheet, Get-AzConsumptionReservationDetail...}                                                 
Script     1.0.1      Az.ContainerInstance                {New-AzContainerGroup, Get-AzContainerGroup, Remove-AzContainerGroup, Get-AzContainerInstanceLog}                                                                           
Script     1.1.0      Az.ContainerRegistry                {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerRegistry, Remove-AzContainerRegistry...}                                                               
Script     0.1.0      Az.DataBox                          {Get-AzDataBoxJob, Get-AzDataBoxCredential, Stop-AzDataBoxJob, Remove-AzDataBoxJob...}                                                                                      
Script     1.4.0      Az.DataFactory                      {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remove-AzDataFactoryV2...}                                                                               
Script     1.0.1      Az.DataLakeAnalytics                {Get-AzDataLakeAnalyticsDataSource, New-AzDataLakeAnalyticsCatalogCredential, Remove-AzDataLakeAnalyticsCatalogCredential, Set-AzDataLakeAnalyticsCatalogCredential...}     
Script     1.2.3      Az.DataLakeStore                    {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreFirewallRule, Set-AzDataLakeStoreTrustedIdProvider...}                
Script     0.7.3      Az.DataMigration                    {New-AzDataMigrationDatabaseInfo, New-AzDataMigrationConnectionInfo, New-AzDataMigrationProject, Remove-AzDataMigrationProject...}                                          
Script     0.1.0      Az.DataShare                        {New-AzDataShareAccount, Get-AzDataShareAccount, Remove-AzDataShareAccount, New-AzDataShare...}                                                                             
Script     1.0.1      Az.DeploymentManager                {Get-AzDeploymentManagerArtifactSource, New-AzDeploymentManagerArtifactSource, Set-AzDeploymentManagerArtifactSource, Remove-AzDeploymentManagerArtifactSource...}          
Script     0.7.1      Az.DeviceProvisioningServices       {New-AzIoTDeviceProvisioningService, Get-AzIoTDeviceProvisioningService, Remove-AzIoTDeviceProvisioningService, Update-AzIoTDeviceProvisioningService...}                   
Script     0.7.2      Az.DevSpaces                        {Get-AzDevSpacesController, New-AzDevSpacesController, Remove-AzDevSpacesController, Update-AzDevSpacesController}                                                          
Script     1.0.0      Az.DevTestLabs                      {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAutoStartPolicy, Get-AzDtlVMsPerLabPolicy...}                                                         
Script     1.1.1      Az.Dns                              {Get-AzDnsRecordSet, New-AzDnsRecordConfig, Remove-AzDnsRecordSet, Set-AzDnsRecordSet...}                                                                                   
Script     1.2.2      Az.EventGrid                        {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-AzEventGridTopicKey...}                                                                              
Script     1.4.0      Az.EventHub                         {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespace, Remove-AzEventHubNamespace...}                                                                  
Script     1.1.1      Az.FrontDoor                        {New-AzFrontDoor, Get-AzFrontDoor, Set-AzFrontDoor, Remove-AzFrontDoor...}                                                                                                  
Script     0.10.6     Az.GuestConfiguration               {Get-AzVMGuestPolicyStatus, Get-AzVMGuestPolicyStatusHistory}                                                                                                               
Script     2.0.2      Az.HDInsight                        {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsightJob, New-AzHDInsightStreamingMapReduceJobDefinition...}                                             
Script     1.0.0      Az.HealthcareApis                   {New-AzHealthcareApisService, Remove-AzHealthcareApisService, Set-AzHealthcareApisService, Get-AzHealthcareApisService}                                                     
Script     0.7.0      Az.Insights                         {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogProfile...}                                                                                            
Script     0.7.1      Az.IotCentral                       {New-AzIotCentralApp, Get-AzIotCentralApp, Set-AzIotCentralApp, Remove-AzIotCentralApp}                                                                                     
Script     1.3.1      Az.IotHub                           {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnectionString, Get-AzIotHubJob...}                                                                      
Script     1.3.1      Az.KeyVault                         {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaultCertificateOperation, Get-AzKeyVaultCertificateOperation...}                                       
Script     0.1.2      Az.Kusto                            {New-AzKustoCluster, Get-AzKustoCluster, Remove-AzKustoCluster, Update-AzKustoCluster...}                                                                                   
Script     1.3.1      Az.LogicApp                         {Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountAssembly, Get-AzIntegrationAccountBatchConfiguration, Get-AzIntegrationAccountCallbackUrl...}                   
Script     1.1.1      Az.MachineLearning                  {Move-AzMlCommitmentAssociation, Get-AzMlCommitmentAssociation, Get-AzMlCommitmentPlanUsageHistory, Remove-AzMlCommitmentPlan...}                                           
Script     0.7.0      Az.MachineLearningCompute           {Get-AzMlOpCluster, Get-AzMlOpClusterKey, Test-AzMlOpClusterSystemServicesUpdateAvailability, Update-AzMlOpClusterSystemService...}                                         
Script     0.7.2      Az.ManagedServiceIdentity           {New-AzUserAssignedIdentity, Get-AzUserAssignedIdentity, Remove-AzUserAssignedIdentity}                                                                                     
Script     1.0.1      Az.ManagedServices                  {Get-AzManagedServicesAssignment, New-AzManagedServicesAssignment, Remove-AzManagedServicesAssignment, Get-AzManagedServicesDefinition...}                                  
Script     0.7.1      Az.ManagementPartner                {Get-AzManagementPartner, New-AzManagementPartner, Update-AzManagementPartner, Remove-AzManagementPartner}                                                                  
Script     0.7.1      Az.Maps                             {Get-AzMapsAccount, New-AzMapsAccount, Remove-AzMapsAccount, Get-AzMapsAccountKey...}                                                                                       
Script     1.0.1      Az.MarketplaceOrdering              {Get-AzMarketplaceTerms, Set-AzMarketplaceTerms}                                                                                                                            
Script     1.1.0      Az.Media                            {Sync-AzMediaServiceStorageKey, Set-AzMediaServiceKey, Get-AzMediaServiceKey, Get-AzMediaServiceNameAvailability...}                                                        
Script     0.1.2      Az.MixedReality                     {Get-AzSpatialAnchorsAccount, Get-AzSpatialAnchorsAccountKey, New-AzSpatialAnchorsAccount, New-AzSpatialAnchorsAccountKey...}                                               
Script     1.4.0      Az.Monitor                          {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogProfile...}                                                                                            
Script     0.1.2      Az.NetAppFiles                      {Get-AzNetAppFilesAccount, New-AzNetAppFilesAccount, Remove-AzNetAppFilesAccount, Set-AzNetAppFilesAccount...}                                                              
Script     1.15.0     Az.Network                          {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCertificate, New-AzApplicationGatewayAuthenticationCertificate, Remove-AzApplic...
Script     1.1.0      Az.NotificationHubs                 {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRule, Get-AzNotificationHubListKey, Get-AzNotificationHubPNSCredential...}                                        
Script     1.3.3      Az.OperationalInsights              {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalInsightsCustomLogDataSource, Disable-AzOperationalInsightsLinuxCustomLogCollection, Disable-AzOper...
Script     0.1.5      Az.Peering                          {Get-AzPeering, Get-AzPeerAsn, New-AzPeerAsn, New-AzPeering...}                                                                                                             
Script     1.1.3      Az.PolicyInsights                   {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzPolicyRemediation...}                                                                                
Script     1.1.0      Az.PowerBIEmbedded                  {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollectionAccessKey, Get-AzPowerBIWorkspace...}                               
Script     0.1.3      Az.PrivateDns                       {Get-AzPrivateDnsZone, Remove-AzPrivateDnsZone, Set-AzPrivateDnsZone, New-AzPrivateDnsZone...}                                                                              
Script     0.7.0      Az.Profile                          {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContextAutosave...}                                                                 
Script     1.4.5      Az.RecoveryServices                 {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-AzRecoveryServicesVaultSettingsFile, New-AzRecoveryServicesVault...}                                
Script     1.1.1      Az.RedisCache                       {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-AzRedisCachePatchSchedule, New-AzRedisCachePatchSchedule...}                                          
Script     1.0.2      Az.Relay                            {New-AzRelayNamespace, Get-AzRelayNamespace, Set-AzRelayNamespace, Remove-AzRelayNamespace...}                                                                              
Script     0.7.1      Az.Reservations                     {Get-AzReservationOrder, Get-AzReservation, Get-AzReservationHistory, Update-AzReservation...}                                                                              
Script     0.7.6      Az.ResourceGraph                    Search-AzGraph                                                                                                                                                              
Script     1.7.0      Az.Resources                        {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment, New-AzRoleAssignment...}                                                                           
Script     0.7.3      Az.Search                           {New-AzSearchService, Get-AzSearchService, Set-AzSearchService, Remove-AzSearchService...}                                                                                  
Script     0.7.6      Az.Security                         {Get-AzSecurityAlert, Set-AzSecurityAlert, Get-AzSecurityAutoProvisioningSetting, Set-AzSecurityAutoProvisioningSetting...}                                                 
Script     1.4.0      Az.ServiceBus                       {New-AzServiceBusNamespace, Get-AzServiceBusNamespace, Set-AzServiceBusNamespace, Remove-AzServiceBusNamespace...}                                                          
Script     1.2.0      Az.ServiceFabric                    {Add-AzServiceFabricApplicationCertificate, Add-AzServiceFabricClientCertificate, Add-AzServiceFabricClusterCertificate, Add-AzServiceFabricNode...}                        
Script     1.1.0      Az.SignalR                          {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey...}                                                                                                       
Script     1.15.0     Az.Sql                              {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparentDataEncryptionActivity, Set-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseUpgradeHint...
Script     0.1.0      Az.SqlVirtualMachine                {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlVM, Remove-AzSqlVM...}                                                                                                               
Script     1.8.0      Az.Storage                          {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, New-AzStorageAccountKey...}                                                                           
Script     1.2.1      Az.StorageSync                      {Invoke-AzStorageSyncCompatibilityCheck, New-AzStorageSyncService, Get-AzStorageSyncService, Remove-AzStorageSyncService...}                                                
Manifest   1.0.7      Az.StorageTable                     {Add-AzStorageTableRow, Get-AzStorageTableRowAll, Get-AzStorageTableRowByPartitionKey, Get-AzStorageTableRowByPartitionKeyRowKey...}                                        
Script     1.0.0      Az.StreamAnalytics                  {Get-AzStreamAnalyticsFunction, Get-AzStreamAnalyticsDefaultFunctionDefinition, New-AzStreamAnalyticsFunction, Remove-AzStreamAnalyticsFunction...}                         
Script     0.7.0      Az.Tags                             {Remove-AzTag, Get-AzTag, New-AzTag}                                                                                                                                        
Script     1.0.2      Az.TrafficManager                   {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCustomHeaderFromEndpoint, Add-AzTrafficManagerCustomHeaderToProfile, Remove-AzTrafficManagerCustomHea...
Script     0.7.0      Az.UsageAggregates                  Get-UsageAggregates                                                                                                                                                         
Script     1.5.0      Az.Websites                         {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remove-AzAppServicePlan...}

Debug output

Error output

wyunchi-ms commented 4 years ago

Hi @o-l-a-v thanks for your contribution. Could you please offer us more info? You can use the command:

Set-AzNetworkSecurityRuleConfig -Protocol 'ICMP' -Debug
o-l-a-v commented 4 years ago

Hi @o-l-a-v thanks for your contribution. Could you please offer us more info? You can use the command:

Set-AzNetworkSecurityRuleConfig -Protocol 'ICMP' -Debug

Then I'll have to fire up some demo resources in Azure, which should not be necessary IMHO.

Just look at the documentation: https://docs.microsoft.com/en-us/powershell/module/az.network/set-aznetworksecurityruleconfig?view=azps-2.8.0#parameters image

Or "Get-Help -Name 'Set-AzNetworkSecurityRuleConfig' -Detailed" image

ghost commented 4 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @karenhammons @sfiguemsft

ghost commented 4 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @karenhammons @sfiguemsft

ghost commented 4 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc

o-l-a-v commented 4 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc

Any update on this?

KarenHammons commented 4 years ago

@allegradomel can you help with this one?

allegradomel commented 4 years ago

@KarenHammons, I'm taking a look

ghost commented 4 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc

o-l-a-v commented 4 years ago

How are you using more than three months without doing anything? Still not being able to specify ICMP in PowerShell is limiting and incosistant.

allegradomel commented 4 years ago

Hi @o-l-a-v, we recognize this is inconvenient. I have added this item to our list of planning items for the coming semester.

o-l-a-v commented 4 years ago

@allegradomel Why is it closed? Is it fixed now?

o-l-a-v commented 4 years ago

@allegradomel @KarenHammons

With latest Az modules as of 2020-02-14 I can add other protocols than just UDP, TCP and wildcard. Great. Would have been nice to say so when closing this issue.

Using:

image

# Get NSG
$NSGObject = Get-AzNetworkSecurityGroup -Name $NSGName

# Add rule
Add-AzNetworkSecurityRuleConfig -Protocol 'Icmp' -Name 'in-allow-icmp-vnet' -NetworkSecurityGroup $NSGObject `
    -Access 'Allow' -Direction 'Inbound' -Priority '1234' `
    -SourcePortRange '*' -SourceAddressPrefix 'VirtualNetwork' `
    -DestinationPortRange '*' -DestinationAddressPrefix 'VirtualNetwork'

# Set NSG
Set-AzNetworkSecurityGroup -NetworkSecurityGroup $NSGObject

Documentation is not up to date though.

This is also true for Get-Help

PS C:\Users\Olav> Get-Help -Name 'Add-AzNetworkSecurityRuleConfig' -Parameter 'Protocol'

-Protocol <System.String>
    Specifies the network protocol that a rule configuration applies to. The acceptable values for this parameter are: - Tcp

    - Udp

    - Wildcard character (*) to match both

    Required?                    false
    Position?                    named
    Default value                None
    Accept pipeline input?       False
    Accept wildcard characters?  false

Where do I open an issue about that?

o-l-a-v commented 4 years ago

@allegradomel @KarenHammons

Any word on this?

o-l-a-v commented 4 years ago

@allegradomel @KarenHammons

Documentation is still not updated with v3.5.0

allegradomel commented 4 years ago

You can open a new issue in the same repo, specifying the requested doc fix. I'll keep this issue closed since the initial issue has been resolved